Author: alessio.soldano(a)jboss.com
Date: 2011-05-18 04:43:44 -0400 (Wed, 18 May 2011)
New Revision: 14392
Added:
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityDomainContextAdaptor.java
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityDomainContextDeploymentAspect.java
Modified:
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityAdapterImpl.java
container/jboss60/branches/jbossws-jboss600/src/main/resources/jbossws-jboss.deployer/META-INF/stack-agnostic-jboss-beans.xml
Log:
[JBWS-3296] Updating jboss600 container integration to support SecurityDomainContext
abstraction
Modified:
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityAdapterImpl.java
===================================================================
---
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityAdapterImpl.java 2011-05-18
08:42:19 UTC (rev 14391)
+++
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityAdapterImpl.java 2011-05-18
08:43:44 UTC (rev 14392)
@@ -21,15 +21,9 @@
*/
package org.jboss.webservices.integration.security;
-import java.security.AccessController;
import java.security.Principal;
-import java.security.PrivilegedAction;
-import javax.security.auth.Subject;
-
import org.jboss.security.SecurityAssociation;
-import org.jboss.security.SecurityContext;
-import org.jboss.security.SecurityContextAssociation;
import org.jboss.wsf.spi.invocation.SecurityAdaptor;
/**
@@ -87,31 +81,4 @@
{
SecurityAssociation.setCredential(credential);
}
-
- /**
- * @see org.jboss.wsf.spi.invocation.SecurityAdaptor#pushSubjectContext(Subject,
Principal, Object)
- *
- * @param subject subject
- * @param principal principal
- * @param credential credential
- */
- public void pushSubjectContext(final Subject subject, final Principal principal, final
Object credential)
- {
- AccessController.doPrivileged(new PrivilegedAction<Void>()
- {
-
- public Void run()
- {
- final SecurityContext securityContext =
SecurityContextAssociation.getSecurityContext();
- if (securityContext == null)
- {
- throw new IllegalStateException("Security Context is null");
- }
-
- securityContext.getUtil().createSubjectInfo(principal, credential, subject);
-
- return null;
- }
- });
- }
}
Added:
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityDomainContextAdaptor.java
===================================================================
---
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityDomainContextAdaptor.java
(rev 0)
+++
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityDomainContextAdaptor.java 2011-05-18
08:43:44 UTC (rev 14392)
@@ -0,0 +1,108 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.webservices.integration.security;
+
+import java.security.AccessController;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+import java.util.Set;
+
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import javax.security.auth.Subject;
+
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.RealmMapping;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+
+/**
+ * org.jboss.wsf.spi.security.SecurityDomainContext implementation relying on
AuthenticationManager
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 18-May-2011
+ */
+public final class SecurityDomainContextAdaptor implements
org.jboss.wsf.spi.security.SecurityDomainContext {
+
+ private AuthenticationManager authenticationManager;
+ private RealmMapping realmMapping;
+
+
+ public SecurityDomainContextAdaptor() {
+ //NOOP
+ }
+
+ private void setupAuthenticationManager() {
+ if (authenticationManager == null) {
+ try
+ {
+ Context ctx = new InitialContext();
+ Object obj = ctx.lookup("java:comp/env/security/securityMgr");
+ authenticationManager = (AuthenticationManager)obj;
+ realmMapping = (RealmMapping)authenticationManager;
+ }
+ catch (NamingException ne)
+ {
+ throw new RuntimeException("Unable to lookup
AuthenticationManager", ne);
+ }
+ }
+ }
+
+ @Override
+ public boolean isValid(Principal principal, Object credential, Subject activeSubject)
{
+ setupAuthenticationManager();
+ return authenticationManager.isValid(principal, credential, activeSubject);
+ }
+
+ @Override
+ public boolean doesUserHaveRole(Principal principal, Set<Principal> roles) {
+ setupAuthenticationManager();
+ return realmMapping.doesUserHaveRole(principal, roles);
+ }
+
+ @Override
+ public String getSecurityDomain() {
+ setupAuthenticationManager();
+ return authenticationManager.getSecurityDomain();
+ }
+
+ @Override
+ public Set<Principal> getUserRoles(Principal principal) {
+ setupAuthenticationManager();
+ return realmMapping.getUserRoles(principal);
+ }
+
+ @Override
+ public void pushSubjectContext(final Subject subject, final Principal principal,
final Object credential) {
+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
+ public Void run() {
+ SecurityContext securityContext =
SecurityContextAssociation.getSecurityContext();
+ if (securityContext == null) {
+ throw new IllegalStateException("Security Context is
null");
+ }
+ securityContext.getUtil().createSubjectInfo(principal, credential,
subject);
+ return null;
+ }
+ });
+ }
+}
Added:
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityDomainContextDeploymentAspect.java
===================================================================
---
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityDomainContextDeploymentAspect.java
(rev 0)
+++
container/jboss60/branches/jbossws-jboss600/src/main/java/org/jboss/webservices/integration/security/SecurityDomainContextDeploymentAspect.java 2011-05-18
08:43:44 UTC (rev 14392)
@@ -0,0 +1,53 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.webservices.integration.security;
+
+import org.jboss.ws.common.deployment.EndpointLifecycleDeploymentAspect;
+import org.jboss.wsf.spi.deployment.Deployment;
+import org.jboss.wsf.spi.deployment.Endpoint;
+import org.jboss.wsf.spi.security.SecurityDomainContext;
+
+/**
+ * Extends EndpointLifecycleDeploymentAspect to setup the SecurityDomainContext
+ *
+ * @author <a href="mailto:alessio.soldano@jboss.com">Alessio
Soldano/a>
+ */
+public final class SecurityDomainContextDeploymentAspect extends
EndpointLifecycleDeploymentAspect
+{
+ /**
+ * Constructor.
+ */
+ public SecurityDomainContextDeploymentAspect()
+ {
+ super();
+ }
+
+ @Override
+ public void start(final Deployment dep)
+ {
+ super.start(dep);
+ SecurityDomainContext context = new SecurityDomainContextAdaptor();
+ for (Endpoint ep : dep.getService().getEndpoints()) {
+ ep.setSecurityDomainContext(context);
+ }
+ }
+}
Modified:
container/jboss60/branches/jbossws-jboss600/src/main/resources/jbossws-jboss.deployer/META-INF/stack-agnostic-jboss-beans.xml
===================================================================
---
container/jboss60/branches/jbossws-jboss600/src/main/resources/jbossws-jboss.deployer/META-INF/stack-agnostic-jboss-beans.xml 2011-05-18
08:42:19 UTC (rev 14391)
+++
container/jboss60/branches/jbossws-jboss600/src/main/resources/jbossws-jboss.deployer/META-INF/stack-agnostic-jboss-beans.xml 2011-05-18
08:43:44 UTC (rev 14392)
@@ -117,7 +117,7 @@
<property name="provides">EndpointAddress</property>
</bean>
- <bean name="WSEndpointLifecycleDeploymentAspect"
class="org.jboss.ws.common.deployment.EndpointLifecycleDeploymentAspect">
+ <bean name="WSEndpointLifecycleDeploymentAspect"
class="org.jboss.webservices.integration.security.SecurityDomainContextDeploymentAspect">
<property name="provides">LifecycleHandler</property>
<property name="last">true</property>
</bean>