Author: shane.bryzak(a)jboss.com
Date: 2009-05-14 03:27:28 -0400 (Thu, 14 May 2009)
New Revision: 10911
Added:
modules/trunk/security/src/main/java/org/jboss/seam/security/management/JpaIdentityStoreConfig.java
Modified:
modules/trunk/security/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java
Log:
refactor configuration into separate bean
Modified:
modules/trunk/security/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java
===================================================================
---
modules/trunk/security/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java 2009-05-14
01:29:51 UTC (rev 10910)
+++
modules/trunk/security/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java 2009-05-14
07:27:28 UTC (rev 10911)
@@ -12,32 +12,21 @@
import java.util.Set;
import javax.annotation.Named;
-import javax.context.ApplicationScoped;
+import javax.context.RequestScoped;
import javax.inject.Current;
import javax.inject.Initializer;
import javax.inject.manager.Manager;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
+import javax.persistence.PersistenceContext;
import org.jboss.seam.security.Role;
import org.jboss.seam.security.SimplePrincipal;
-import org.jboss.seam.security.annotations.management.PasswordSalt;
-import org.jboss.seam.security.annotations.management.RoleConditional;
-import org.jboss.seam.security.annotations.management.RoleGroups;
-import org.jboss.seam.security.annotations.management.RoleName;
-import org.jboss.seam.security.annotations.management.UserEnabled;
-import org.jboss.seam.security.annotations.management.UserFirstName;
-import org.jboss.seam.security.annotations.management.UserLastName;
-import org.jboss.seam.security.annotations.management.UserPassword;
-import org.jboss.seam.security.annotations.management.UserPrincipal;
-import org.jboss.seam.security.annotations.management.UserRoles;
import org.jboss.seam.security.crypto.BinTools;
import org.jboss.seam.security.events.PrePersistUserEvent;
import org.jboss.seam.security.events.PrePersistUserRoleEvent;
import org.jboss.seam.security.events.UserAuthenticatedEvent;
import org.jboss.seam.security.events.UserCreatedEvent;
-import org.jboss.seam.security.util.AnnotatedBeanProperty;
-import org.jboss.seam.security.util.TypedBeanProperty;
import org.jboss.webbeans.log.LogProvider;
import org.jboss.webbeans.log.Logging;
@@ -47,7 +36,7 @@
* @author Shane Bryzak
*/
@Named("identityStore")
-@ApplicationScoped
+@RequestScoped
public class JpaIdentityStore implements IdentityStore, Serializable
{
private static final long serialVersionUID = 1171875389743972646L;
@@ -55,27 +44,12 @@
private static final LogProvider log = Logging.getLogProvider(JpaIdentityStore.class);
protected FeatureSet featureSet;
-
- @Current Manager manager;
- @Current PasswordHash passwordHash;
+
+ @PersistenceContext EntityManager entityManager;
- private Class<?> userEntityClass;
- private Class<?> roleEntityClass;
- private Class<?> xrefEntityClass;
- private TypedBeanProperty xrefUserProperty;
- private TypedBeanProperty xrefRoleProperty;
+ JpaIdentityStoreConfig config;
+ Manager manager;
- private AnnotatedBeanProperty<UserPrincipal> userPrincipalProperty;
- private AnnotatedBeanProperty<UserPassword> userPasswordProperty;
- private AnnotatedBeanProperty<PasswordSalt> passwordSaltProperty;
- private AnnotatedBeanProperty<UserRoles> userRolesProperty;
- private AnnotatedBeanProperty<UserEnabled> userEnabledProperty;
- private AnnotatedBeanProperty<UserFirstName> userFirstNameProperty;
- private AnnotatedBeanProperty<UserLastName> userLastNameProperty;
- private AnnotatedBeanProperty<RoleName> roleNameProperty;
- private AnnotatedBeanProperty<RoleGroups> roleGroupsProperty;
- private AnnotatedBeanProperty<RoleConditional> roleConditionalProperty;
-
public Set<Feature> getFeatures()
{
return featureSet.getFeatures();
@@ -89,101 +63,32 @@
public boolean supportsFeature(Feature feature)
{
return featureSet.supports(feature);
- }
+ }
@Initializer
- public void init()
+ public void init(@Current JpaIdentityStoreConfig config, @Current Manager manager)
{
+ this.config = config;
+ this.manager = manager;
+
if (featureSet == null)
{
featureSet = new FeatureSet();
featureSet.enableAll();
}
- if (userEntityClass == null)
+ if (config.userEntityClass == null)
{
log.error("Error in JpaIdentityStore configuration - userClass must be
configured.");
return;
- }
-
- initProperties();
- }
-
- private void initProperties()
- {
- userPrincipalProperty = new
AnnotatedBeanProperty<UserPrincipal>(userEntityClass, UserPrincipal.class);
- userPasswordProperty = new
AnnotatedBeanProperty<UserPassword>(userEntityClass, UserPassword.class);
- passwordSaltProperty = new
AnnotatedBeanProperty<PasswordSalt>(userEntityClass, PasswordSalt.class);
- userRolesProperty = new AnnotatedBeanProperty<UserRoles>(userEntityClass,
UserRoles.class);
- userEnabledProperty = new AnnotatedBeanProperty<UserEnabled>(userEntityClass,
UserEnabled.class);
- userFirstNameProperty = new
AnnotatedBeanProperty<UserFirstName>(userEntityClass, UserFirstName.class);
- userLastNameProperty = new
AnnotatedBeanProperty<UserLastName>(userEntityClass, UserLastName.class);
-
- if (!userPrincipalProperty.isSet())
- {
- throw new IdentityManagementException("Invalid userClass " +
userEntityClass.getName() +
- " - required annotation @UserPrincipal not found on any Field or
Method.");
- }
-
- if (!userRolesProperty.isSet())
- {
- throw new IdentityManagementException("Invalid userClass " +
userEntityClass.getName() +
- " - required annotation @UserRoles not found on any Field or
Method.");
}
-
- if (roleEntityClass != null)
- {
- roleNameProperty = new AnnotatedBeanProperty<RoleName>(roleEntityClass,
RoleName.class);
- roleGroupsProperty = new
AnnotatedBeanProperty<RoleGroups>(roleEntityClass, RoleGroups.class);
- roleConditionalProperty = new
AnnotatedBeanProperty<RoleConditional>(roleEntityClass, RoleConditional.class);
-
- if (!roleNameProperty.isSet())
- {
- throw new IdentityManagementException("Invalid roleClass " +
roleEntityClass.getName() +
- " - required annotation @RoleName not found on any Field or
Method.");
- }
-
- Type type = userRolesProperty.getPropertyType();
- if (type instanceof ParameterizedType &&
- Collection.class.isAssignableFrom((Class<?>) ((ParameterizedType)
type).getRawType()))
- {
- Type genType = Object.class;
-
- for (Type t : ((ParameterizedType) type).getActualTypeArguments())
- {
- genType = t;
- break;
- }
-
- // If the @UserRoles property isn't a collection of <roleClass>,
then assume the relationship
- // is going through a cross-reference table
- if (!genType.equals(roleEntityClass))
- {
- xrefEntityClass = (Class<?>) genType;
- xrefUserProperty = new TypedBeanProperty(xrefEntityClass,
userEntityClass);
- xrefRoleProperty = new TypedBeanProperty(xrefEntityClass,
roleEntityClass);
-
- if (!xrefUserProperty.isSet())
- {
- throw new IdentityManagementException("Error configuring
JpaIdentityStore - it looks like " +
- "you're using a cross-reference table, however the user
property cannot be determined.");
- }
-
- if (!xrefRoleProperty.isSet())
- {
- throw new IdentityManagementException("Error configuring
JpaIdentityStore - it looks like " +
- "you're using a cross-reference table, however the role
property cannot be determined.");
- }
- }
- }
- }
- }
+ }
public boolean createUser(String username, String password, String firstname, String
lastname)
{
try
{
- if (userEntityClass == null)
+ if (config.userEntityClass == null)
{
throw new IdentityManagementException("Could not create account,
userClass not set");
}
@@ -193,26 +98,26 @@
throw new IdentityManagementException("Could not create account, already
exists");
}
- Object user = userEntityClass.newInstance();
+ Object user = config.userEntityClass.newInstance();
- userPrincipalProperty.setValue(user, username);
+ config.userPrincipalProperty.setValue(user, username);
- if (userFirstNameProperty.isSet()) userFirstNameProperty.setValue(user,
firstname);
- if (userLastNameProperty.isSet()) userLastNameProperty.setValue(user,
lastname);
+ if (config.userFirstNameProperty.isSet())
config.userFirstNameProperty.setValue(user, firstname);
+ if (config.userLastNameProperty.isSet())
config.userLastNameProperty.setValue(user, lastname);
if (password == null)
{
- if (userEnabledProperty.isSet()) userEnabledProperty.setValue(user, false);
+ if (config.userEnabledProperty.isSet())
config.userEnabledProperty.setValue(user, false);
}
else
{
setUserPassword(user, password);
- if (userEnabledProperty.isSet()) userEnabledProperty.setValue(user, true);
+ if (config.userEnabledProperty.isSet())
config.userEnabledProperty.setValue(user, true);
}
manager.fireEvent(new PrePersistUserEvent(user));
- persistEntity(user);
+ entityManager.persist(user);
manager.fireEvent(new UserCreatedEvent(user));
@@ -233,15 +138,15 @@
protected void setUserPassword(Object user, String password)
{
- if (passwordSaltProperty.isSet())
+ if (config.passwordSaltProperty.isSet())
{
byte[] salt = generateUserSalt(user);
- passwordSaltProperty.setValue(user, BinTools.bin2hex(salt));
- userPasswordProperty.setValue(user, generatePasswordHash(password, salt));
+ config.passwordSaltProperty.setValue(user, BinTools.bin2hex(salt));
+ config.userPasswordProperty.setValue(user, generatePasswordHash(password,
salt));
}
else
{
- userPasswordProperty.setValue(user, generatePasswordHash(password,
getUserAccountSalt(user)));
+ config.userPasswordProperty.setValue(user, generatePasswordHash(password,
getUserAccountSalt(user)));
}
}
@@ -252,7 +157,7 @@
protected String getUserAccountSalt(Object user)
{
// By default, we'll use the user's username as the password salt
- return userPrincipalProperty.getValue(user).toString();
+ return config.userPrincipalProperty.getValue(user).toString();
}
/**
@@ -260,7 +165,7 @@
*/
public byte[] generateUserSalt(Object user)
{
- return passwordHash.generateRandomSalt();
+ return getPasswordHash().generateRandomSalt();
}
public boolean createUser(String username, String password)
@@ -276,19 +181,19 @@
throw new NoSuchUserException("Could not delete, user '" + name +
"' does not exist");
}
- removeEntity(user);
+ entityManager.remove(user);
return true;
}
@SuppressWarnings("unchecked")
public boolean grantRole(String username, String role)
{
- if (roleEntityClass == null) return false;
+ if (config.roleEntityClass == null) return false;
Object user = lookupUser(username);
if (user == null)
{
- if (userPasswordProperty.isSet())
+ if (config.userPasswordProperty.isSet())
{
// If no userPasswordProperty is set, it means that authentication is being
performed
// by another identity store and this one is just managing roles
@@ -315,10 +220,10 @@
throw new NoSuchRoleException("Could not grant role, role '" +
role + "' does not exist");
}
- Collection<?> userRoles = (Collection<?>)
userRolesProperty.getValue(user);
+ Collection<?> userRoles = (Collection<?>)
config.userRolesProperty.getValue(user);
if (userRoles == null)
{
- Type propType = userRolesProperty.getPropertyType();
+ Type propType = config.userRolesProperty.getPropertyType();
Class<?> collectionType;
if (propType instanceof Class &&
Collection.class.isAssignableFrom((Class<?>) propType))
@@ -345,30 +250,30 @@
userRoles = new ArrayList<Object>();
}
- userRolesProperty.setValue(user, userRoles);
+ config.userRolesProperty.setValue(user, userRoles);
}
- else if (((Collection<?>)
userRolesProperty.getValue(user)).contains(roleToGrant))
+ else if (((Collection<?>)
config.userRolesProperty.getValue(user)).contains(roleToGrant))
{
return false;
}
- if (xrefEntityClass == null)
+ if (config.xrefEntityClass == null)
{
// If this is a Many-To-Many relationship, simply add the role
- ((Collection<Object>) userRolesProperty.getValue(user)).add(roleToGrant);
+ ((Collection<Object>)
config.userRolesProperty.getValue(user)).add(roleToGrant);
}
else
{
// Otherwise we need to insert a cross-reference entity instance
try
{
- Object xref = xrefEntityClass.newInstance();
- xrefUserProperty.setValue(xref, user);
- xrefRoleProperty.setValue(xref, roleToGrant);
+ Object xref = config.xrefEntityClass.newInstance();
+ config.xrefUserProperty.setValue(xref, user);
+ config.xrefRoleProperty.setValue(xref, roleToGrant);
manager.fireEvent(new PrePersistUserRoleEvent(xref));
- ((Collection<Object>)
userRolesProperty.getValue(user)).add(mergeEntity(xref));
+ ((Collection<Object>)
config.userRolesProperty.getValue(user)).add(entityManager.merge(xref));
}
catch (Exception ex)
{
@@ -395,17 +300,17 @@
boolean success = false;
- if (xrefEntityClass == null)
+ if (config.xrefEntityClass == null)
{
- success = ((Collection<?>)
userRolesProperty.getValue(user)).remove(roleToRevoke);
+ success = ((Collection<?>)
config.userRolesProperty.getValue(user)).remove(roleToRevoke);
}
else
{
- Collection<?> roles = ((Collection<?>)
userRolesProperty.getValue(user));
+ Collection<?> roles = ((Collection<?>)
config.userRolesProperty.getValue(user));
for (Object xref : roles)
{
- if (xrefRoleProperty.getValue(xref).equals(roleToRevoke))
+ if (config.xrefRoleProperty.getValue(xref).equals(roleToRevoke))
{
success = roles.remove(xref);
break;
@@ -419,7 +324,7 @@
@SuppressWarnings("unchecked")
public boolean addRoleToGroup(String role, String group)
{
- if (!roleGroupsProperty.isSet()) return false;
+ if (!config.roleGroupsProperty.isSet()) return false;
Object targetRole = lookupRole(role);
if (targetRole == null)
@@ -433,14 +338,14 @@
throw new NoSuchRoleException("Could not grant role, group '" +
group + "' does not exist");
}
- Collection<?> roleGroups = (Collection<?>)
roleGroupsProperty.getValue(targetRole);
+ Collection<?> roleGroups = (Collection<?>)
config.roleGroupsProperty.getValue(targetRole);
if (roleGroups == null)
{
// This should either be a Set, or a List...
Class<?> rawType = null;
- if (roleGroupsProperty.getPropertyType() instanceof ParameterizedType)
+ if (config.roleGroupsProperty.getPropertyType() instanceof ParameterizedType)
{
- rawType = (Class<?>) ((ParameterizedType)
roleGroupsProperty.getPropertyType()).getRawType();
+ rawType = (Class<?>) ((ParameterizedType)
config.roleGroupsProperty.getPropertyType()).getRawType();
}
else
{
@@ -456,21 +361,21 @@
roleGroups = new ArrayList<Object>();
}
- roleGroupsProperty.setValue(targetRole, roleGroups);
+ config.roleGroupsProperty.setValue(targetRole, roleGroups);
}
- else if (((Collection<?>)
roleGroupsProperty.getValue(targetRole)).contains(targetGroup))
+ else if (((Collection<?>)
config.roleGroupsProperty.getValue(targetRole)).contains(targetGroup))
{
return false;
}
- ((Collection<Object>)
roleGroupsProperty.getValue(targetRole)).add(targetGroup);
+ ((Collection<Object>)
config.roleGroupsProperty.getValue(targetRole)).add(targetGroup);
return true;
}
public boolean removeRoleFromGroup(String role, String group)
{
- if (!roleGroupsProperty.isSet()) return false;
+ if (!config.roleGroupsProperty.isSet()) return false;
Object roleToRemove = lookupRole(role);
if (role == null)
@@ -484,7 +389,7 @@
throw new NoSuchRoleException("Could not remove role from group, no such
group '" + group + "'");
}
- boolean success = ((Collection<?>)
roleGroupsProperty.getValue(roleToRemove)).remove(targetGroup);
+ boolean success = ((Collection<?>)
config.roleGroupsProperty.getValue(roleToRemove)).remove(targetGroup);
return success;
}
@@ -493,7 +398,7 @@
{
try
{
- if (roleEntityClass == null)
+ if (config.roleEntityClass == null)
{
throw new IdentityManagementException("Could not create role, roleClass
not set");
}
@@ -503,9 +408,9 @@
throw new IdentityManagementException("Could not create role, already
exists");
}
- Object instance = roleEntityClass.newInstance();
- roleNameProperty.setValue(instance, role);
- persistEntity(instance);
+ Object instance = config.roleEntityClass.newInstance();
+ config.roleNameProperty.setValue(instance, role);
+ entityManager.persist(instance);
return true;
}
@@ -530,9 +435,9 @@
throw new NoSuchRoleException("Could not delete role, role '" +
role + "' does not exist");
}
- if (xrefEntityClass != null)
+ if (config.xrefEntityClass != null)
{
- lookupEntityManager().createQuery("delete " +
xrefEntityClass.getName() + " where role = :role")
+ entityManager.createQuery("delete " + config.xrefEntityClass.getName()
+ " where role = :role")
.setParameter("role", roleToDelete)
.executeUpdate();
}
@@ -551,15 +456,16 @@
removeRoleFromGroup(r, role);
}
- removeEntity(roleToDelete);
+ entityManager.remove(roleToDelete);
return true;
}
public boolean enableUser(String name)
{
- if (!userEnabledProperty.isSet())
+ if (!config.userEnabledProperty.isSet())
{
- log.debug("Can not enable user, no @UserEnabled property configured in
userClass " + userEntityClass.getName());
+ log.debug("Can not enable user, no @UserEnabled property configured in
userClass " +
+ config.userEntityClass.getName());
return false;
}
@@ -570,20 +476,21 @@
}
// Can't enable an already-enabled user, return false
- if (((Boolean) userEnabledProperty.getValue(user)) == true)
+ if (((Boolean) config.userEnabledProperty.getValue(user)) == true)
{
return false;
}
- userEnabledProperty.setValue(user, true);
+ config.userEnabledProperty.setValue(user, true);
return true;
}
public boolean disableUser(String name)
{
- if (!userEnabledProperty.isSet())
+ if (!config.userEnabledProperty.isSet())
{
- log.debug("Can not disable user, no @UserEnabled property configured in
userClass " + userEntityClass.getName());
+ log.debug("Can not disable user, no @UserEnabled property configured in
userClass " +
+ config.userEntityClass.getName());
return false;
}
@@ -594,12 +501,12 @@
}
// Can't disable an already-disabled user, return false
- if (((Boolean) userEnabledProperty.getValue(user)) == false)
+ if (((Boolean) config.userEnabledProperty.getValue(user)) == false)
{
return false;
}
- userEnabledProperty.setValue(user, false);
+ config.userEnabledProperty.setValue(user, false);
return true;
}
@@ -629,7 +536,8 @@
public boolean isUserEnabled(String name)
{
Object user = lookupUser(name);
- return user != null && (!userEnabledProperty.isSet() || (((Boolean)
userEnabledProperty.getValue(user))) == true);
+ return user != null && (!config.userEnabledProperty.isSet() ||
+ (((Boolean) config.userEnabledProperty.getValue(user))) == true);
}
public List<String> getGrantedRoles(String name)
@@ -642,20 +550,20 @@
List<String> roles = new ArrayList<String>();
- Collection<?> userRoles = (Collection<?>)
userRolesProperty.getValue(user);
+ Collection<?> userRoles = (Collection<?>)
config.userRolesProperty.getValue(user);
if (userRoles != null)
{
for (Object role : userRoles)
{
- if (xrefEntityClass == null)
+ if (config.xrefEntityClass == null)
{
- roles.add((String) roleNameProperty.getValue(role));
+ roles.add((String) config.roleNameProperty.getValue(role));
}
else
{
- Object xref = roleNameProperty.getValue(role);
- Object userRole = xrefRoleProperty.getValue(xref);
- roles.add((String) roleNameProperty.getValue(userRole));
+ Object xref = config.roleNameProperty.getValue(role);
+ Object userRole = config.xrefRoleProperty.getValue(xref);
+ roles.add((String) config.roleNameProperty.getValue(userRole));
}
}
}
@@ -673,14 +581,14 @@
List<String> groups = new ArrayList<String>();
- if (roleGroupsProperty.isSet())
+ if (config.roleGroupsProperty.isSet())
{
- Collection<?> roleGroups = (Collection<?>)
roleGroupsProperty.getValue(role);
+ Collection<?> roleGroups = (Collection<?>)
config.roleGroupsProperty.getValue(role);
if (roleGroups != null)
{
for (Object group : roleGroups)
{
- groups.add((String) roleNameProperty.getValue(group));
+ groups.add((String) config.roleNameProperty.getValue(group));
}
}
}
@@ -697,12 +605,12 @@
}
Set<String> roles = new HashSet<String>();
- Collection<?> userRoles = (Collection<?>)
userRolesProperty.getValue(user);
+ Collection<?> userRoles = (Collection<?>)
config.userRolesProperty.getValue(user);
if (userRoles != null)
{
for (Object role : userRoles)
{
- addRoleAndMemberships((String) roleNameProperty.getValue(role), roles);
+ addRoleAndMemberships((String) config.roleNameProperty.getValue(role),
roles);
}
}
@@ -715,15 +623,15 @@
{
Object instance = lookupRole(role);
- if (roleGroupsProperty.isSet())
+ if (config.roleGroupsProperty.isSet())
{
- Collection<?> groups = (Collection<?>)
roleGroupsProperty.getValue(instance);
+ Collection<?> groups = (Collection<?>)
config.roleGroupsProperty.getValue(instance);
if (groups != null)
{
for (Object group : groups)
{
- addRoleAndMemberships((String) roleNameProperty.getValue(group),
roles);
+ addRoleAndMemberships((String) config.roleNameProperty.getValue(group),
roles);
}
}
}
@@ -732,12 +640,12 @@
public String generatePasswordHash(String password, byte[] salt)
{
- if (passwordSaltProperty.isSet())
+ if (config.passwordSaltProperty.isSet())
{
try
{
- return passwordHash.createPasswordKey(password.toCharArray(), salt,
- userPasswordProperty.getAnnotation().iterations());
+ return getPasswordHash().createPasswordKey(password.toCharArray(), salt,
+ config.userPasswordProperty.getAnnotation().iterations());
}
catch (GeneralSecurityException ex)
{
@@ -757,17 +665,17 @@
@Deprecated
protected String generatePasswordHash(String password, String salt)
{
- String algorithm = userPasswordProperty.getAnnotation().hash();
+ String algorithm = config.userPasswordProperty.getAnnotation().hash();
if (algorithm == null || "".equals(algorithm))
{
if (salt == null || "".equals(salt))
{
- return passwordHash.generateHash(password);
+ return getPasswordHash().generateHash(password);
}
else
{
- return passwordHash.generateSaltedHash(password, salt);
+ return getPasswordHash().generateSaltedHash(password, salt);
}
}
else if ("none".equalsIgnoreCase(algorithm))
@@ -778,11 +686,11 @@
{
if (salt == null || "".equals(salt))
{
- return passwordHash.generateHash(password, algorithm);
+ return getPasswordHash().generateHash(password, algorithm);
}
else
{
- return passwordHash.generateSaltedHash(password, salt, algorithm);
+ return getPasswordHash().generateSaltedHash(password, salt, algorithm);
}
}
}
@@ -790,16 +698,17 @@
public boolean authenticate(String username, String password)
{
Object user = lookupUser(username);
- if (user == null || (userEnabledProperty.isSet() && ((Boolean)
userEnabledProperty.getValue(user) == false)))
+ if (user == null || (config.userEnabledProperty.isSet() &&
+ ((Boolean) config.userEnabledProperty.getValue(user) == false)))
{
return false;
}
String passwordHash = null;
- if (passwordSaltProperty.isSet())
+ if (config.passwordSaltProperty.isSet())
{
- String encodedSalt = (String) passwordSaltProperty.getValue(user);
+ String encodedSalt = (String) config.passwordSaltProperty.getValue(user);
if (encodedSalt == null)
{
throw new IdentityManagementException("A @PasswordSalt property was
found on entity " + user +
@@ -814,7 +723,7 @@
}
- boolean success = passwordHash.equals(userPasswordProperty.getValue(user));
+ boolean success = passwordHash.equals(config.userPasswordProperty.getValue(user));
if (success)
{
@@ -828,8 +737,8 @@
{
try
{
- Object user = lookupEntityManager().createQuery(
- "select u from " + userEntityClass.getName() + " u where
" + userPrincipalProperty.getName() +
+ Object user = entityManager.createQuery(
+ "select u from " + config.userEntityClass.getName() + " u
where " + config.userPrincipalProperty.getName() +
" = :username")
.setParameter("username", username)
.getSingleResult();
@@ -844,17 +753,17 @@
public String getUserName(Object user)
{
- return (String) userPrincipalProperty.getValue(user);
+ return (String) config.userPrincipalProperty.getValue(user);
}
public String getRoleName(Object role)
{
- return (String) roleNameProperty.getValue(role);
+ return (String) config.roleNameProperty.getValue(role);
}
public boolean isRoleConditional(String role)
{
- return roleConditionalProperty.isSet() ? (Boolean)
roleConditionalProperty.getValue(
+ return config.roleConditionalProperty.isSet() ? (Boolean)
config.roleConditionalProperty.getValue(
lookupRole(role)) : false;
}
@@ -862,8 +771,8 @@
{
try
{
- Object value = lookupEntityManager().createQuery(
- "select r from " + roleEntityClass.getName() + " r where
" + roleNameProperty.getName() +
+ Object value = entityManager.createQuery(
+ "select r from " + config.roleEntityClass.getName() + " r
where " + config.roleNameProperty.getName() +
" = :role")
.setParameter("role", role)
.getSingleResult();
@@ -879,17 +788,17 @@
@SuppressWarnings("unchecked")
public List<String> listUsers()
{
- return (List<String>) lookupEntityManager().createQuery(
- "select u." + userPrincipalProperty.getName() + " from "
+ userEntityClass.getName() + " u")
+ return (List<String>) entityManager.createQuery(
+ "select u." + config.userPrincipalProperty.getName() + " from
" + config.userEntityClass.getName() + " u")
.getResultList();
}
@SuppressWarnings("unchecked")
public List<String> listUsers(String filter)
{
- return (List<String>) lookupEntityManager().createQuery(
- "select u." + userPrincipalProperty.getName() + " from "
+ userEntityClass.getName() +
- " u where lower(" + userPrincipalProperty.getName() + ") like
:username")
+ return (List<String>) entityManager.createQuery(
+ "select u." + config.userPrincipalProperty.getName() + " from
" + config.userEntityClass.getName() +
+ " u where lower(" + config.userPrincipalProperty.getName() +
") like :username")
.setParameter("username", "%" + (filter != null ?
filter.toLowerCase() : "") +
"%")
.getResultList();
@@ -898,8 +807,9 @@
@SuppressWarnings("unchecked")
public List<String> listRoles()
{
- return (List<String>) lookupEntityManager().createQuery(
- "select r." + roleNameProperty.getName() + " from " +
roleEntityClass.getName() + " r").getResultList();
+ return (List<String>) entityManager.createQuery(
+ "select r." + config.roleNameProperty.getName() + " from
" +
+ config.roleEntityClass.getName() + " r").getResultList();
}
public List<Principal> listMembers(String role)
@@ -924,17 +834,20 @@
{
Object roleEntity = lookupRole(role);
- if (xrefEntityClass == null)
+ if (config.xrefEntityClass == null)
{
- return (List<String>) lookupEntityManager().createQuery("select
u." + userPrincipalProperty.getName() +
- " from " + userEntityClass.getName() + " u where :role
member of u." + userRolesProperty.getName())
+ return (List<String>) entityManager.createQuery("select u." +
+ config.userPrincipalProperty.getName() +
+ " from " + config.userEntityClass.getName() + " u where
:role member of u." +
+ config.userRolesProperty.getName())
.setParameter("role", roleEntity)
.getResultList();
}
else
{
- List<?> xrefs = lookupEntityManager().createQuery("select x from
" + xrefEntityClass.getName() + " x where x." +
- xrefRoleProperty.getName() + " = :role")
+ List<?> xrefs = entityManager.createQuery("select x from " +
+ config.xrefEntityClass.getName() + " x where x." +
+ config.xrefRoleProperty.getName() + " = :role")
.setParameter("role", roleEntity)
.getResultList();
@@ -942,8 +855,8 @@
for (Object xref : xrefs)
{
- Object user = xrefUserProperty.getValue(xref);
- members.add(userPrincipalProperty.getValue(user).toString());
+ Object user = config.xrefUserProperty.getValue(xref);
+ members.add(config.userPrincipalProperty.getValue(user).toString());
}
return members;
@@ -954,12 +867,14 @@
@SuppressWarnings("unchecked")
private List<String> listRoleMembers(String role)
{
- if (roleGroupsProperty.isSet())
+ if (config.roleGroupsProperty.isSet())
{
Object roleEntity = lookupRole(role);
- return (List<String>) lookupEntityManager().createQuery("select
r." + roleNameProperty.getName() +
- " from " + roleEntityClass.getName() + " r where :role
member of r." + roleGroupsProperty.getName())
+ return (List<String>) entityManager.createQuery("select r." +
+ config.roleNameProperty.getName() +
+ " from " + config.roleEntityClass.getName() + " r where
:role member of r." +
+ config.roleGroupsProperty.getName())
.setParameter("role", roleEntity)
.getResultList();
}
@@ -973,58 +888,23 @@
StringBuilder roleQuery = new StringBuilder();
roleQuery.append("select r.");
- roleQuery.append(roleNameProperty.getName());
+ roleQuery.append(config.roleNameProperty.getName());
roleQuery.append(" from ");
- roleQuery.append(roleEntityClass.getName());
+ roleQuery.append(config.roleEntityClass.getName());
roleQuery.append(" r");
- if (roleConditionalProperty.isSet())
+ if (config.roleConditionalProperty.isSet())
{
roleQuery.append(" where r.");
- roleQuery.append(roleConditionalProperty.getName());
+ roleQuery.append(config.roleConditionalProperty.getName());
roleQuery.append(" = false");
}
- return (List<String>)
lookupEntityManager().createQuery(roleQuery.toString()).getResultList();
+ return (List<String>)
entityManager.createQuery(roleQuery.toString()).getResultList();
}
- protected void persistEntity(Object entity)
+ protected PasswordHash getPasswordHash()
{
- lookupEntityManager().persist(entity);
+ return manager.getInstanceByType(PasswordHash.class);
}
-
- protected Object mergeEntity(Object entity)
- {
- return lookupEntityManager().merge(entity);
- }
-
- protected void removeEntity(Object entity)
- {
- lookupEntityManager().remove(entity);
- }
-
- public Class<?> getUserEntityClass()
- {
- return userEntityClass;
- }
-
- public void setUserEntityClass(Class<?> userEntityClass)
- {
- this.userEntityClass = userEntityClass;
- }
-
- public Class<?> getRoleEntityClass()
- {
- return roleEntityClass;
- }
-
- public void setRoleEntityClass(Class<?> roleEntityClass)
- {
- this.roleEntityClass = roleEntityClass;
- }
-
- private EntityManager lookupEntityManager()
- {
- return manager.getInstanceByType(EntityManager.class);
- }
}
Added:
modules/trunk/security/src/main/java/org/jboss/seam/security/management/JpaIdentityStoreConfig.java
===================================================================
---
modules/trunk/security/src/main/java/org/jboss/seam/security/management/JpaIdentityStoreConfig.java
(rev 0)
+++
modules/trunk/security/src/main/java/org/jboss/seam/security/management/JpaIdentityStoreConfig.java 2009-05-14
07:27:28 UTC (rev 10911)
@@ -0,0 +1,138 @@
+package org.jboss.seam.security.management;
+
+import java.lang.reflect.ParameterizedType;
+import java.lang.reflect.Type;
+import java.util.Collection;
+
+import javax.context.ApplicationScoped;
+import javax.inject.Initializer;
+
+import org.jboss.seam.security.annotations.management.PasswordSalt;
+import org.jboss.seam.security.annotations.management.RoleConditional;
+import org.jboss.seam.security.annotations.management.RoleGroups;
+import org.jboss.seam.security.annotations.management.RoleName;
+import org.jboss.seam.security.annotations.management.UserEnabled;
+import org.jboss.seam.security.annotations.management.UserFirstName;
+import org.jboss.seam.security.annotations.management.UserLastName;
+import org.jboss.seam.security.annotations.management.UserPassword;
+import org.jboss.seam.security.annotations.management.UserPrincipal;
+import org.jboss.seam.security.annotations.management.UserRoles;
+import org.jboss.seam.security.util.AnnotatedBeanProperty;
+import org.jboss.seam.security.util.TypedBeanProperty;
+
+/**
+ * The configuration for JpaIdentityStore
+ *
+ * @author Shane Bryzak
+ */
+@ApplicationScoped
+public class JpaIdentityStoreConfig
+{
+ Class<?> userEntityClass;
+ Class<?> roleEntityClass;
+ Class<?> xrefEntityClass;
+ TypedBeanProperty xrefUserProperty;
+ TypedBeanProperty xrefRoleProperty;
+
+ AnnotatedBeanProperty<UserPrincipal> userPrincipalProperty;
+ AnnotatedBeanProperty<UserPassword> userPasswordProperty;
+ AnnotatedBeanProperty<PasswordSalt> passwordSaltProperty;
+ AnnotatedBeanProperty<UserRoles> userRolesProperty;
+ AnnotatedBeanProperty<UserEnabled> userEnabledProperty;
+ AnnotatedBeanProperty<UserFirstName> userFirstNameProperty;
+ AnnotatedBeanProperty<UserLastName> userLastNameProperty;
+ AnnotatedBeanProperty<RoleName> roleNameProperty;
+ AnnotatedBeanProperty<RoleGroups> roleGroupsProperty;
+ AnnotatedBeanProperty<RoleConditional> roleConditionalProperty;
+
+ @Initializer
+ public void initProperties()
+ {
+ userPrincipalProperty = new
AnnotatedBeanProperty<UserPrincipal>(userEntityClass, UserPrincipal.class);
+ userPasswordProperty = new
AnnotatedBeanProperty<UserPassword>(userEntityClass, UserPassword.class);
+ passwordSaltProperty = new
AnnotatedBeanProperty<PasswordSalt>(userEntityClass, PasswordSalt.class);
+ userRolesProperty = new AnnotatedBeanProperty<UserRoles>(userEntityClass,
UserRoles.class);
+ userEnabledProperty = new AnnotatedBeanProperty<UserEnabled>(userEntityClass,
UserEnabled.class);
+ userFirstNameProperty = new
AnnotatedBeanProperty<UserFirstName>(userEntityClass, UserFirstName.class);
+ userLastNameProperty = new
AnnotatedBeanProperty<UserLastName>(userEntityClass, UserLastName.class);
+
+ if (!userPrincipalProperty.isSet())
+ {
+ throw new IdentityManagementException("Invalid userClass " +
userEntityClass.getName() +
+ " - required annotation @UserPrincipal not found on any Field or
Method.");
+ }
+
+ if (!userRolesProperty.isSet())
+ {
+ throw new IdentityManagementException("Invalid userClass " +
userEntityClass.getName() +
+ " - required annotation @UserRoles not found on any Field or
Method.");
+ }
+
+ if (roleEntityClass != null)
+ {
+ roleNameProperty = new AnnotatedBeanProperty<RoleName>(roleEntityClass,
RoleName.class);
+ roleGroupsProperty = new
AnnotatedBeanProperty<RoleGroups>(roleEntityClass, RoleGroups.class);
+ roleConditionalProperty = new
AnnotatedBeanProperty<RoleConditional>(roleEntityClass, RoleConditional.class);
+
+ if (!roleNameProperty.isSet())
+ {
+ throw new IdentityManagementException("Invalid roleClass " +
roleEntityClass.getName() +
+ " - required annotation @RoleName not found on any Field or
Method.");
+ }
+
+ Type type = userRolesProperty.getPropertyType();
+ if (type instanceof ParameterizedType &&
+ Collection.class.isAssignableFrom((Class<?>) ((ParameterizedType)
type).getRawType()))
+ {
+ Type genType = Object.class;
+
+ for (Type t : ((ParameterizedType) type).getActualTypeArguments())
+ {
+ genType = t;
+ break;
+ }
+
+ // If the @UserRoles property isn't a collection of <roleClass>,
then assume the relationship
+ // is going through a cross-reference table
+ if (!genType.equals(roleEntityClass))
+ {
+ xrefEntityClass = (Class<?>) genType;
+ xrefUserProperty = new TypedBeanProperty(xrefEntityClass,
userEntityClass);
+ xrefRoleProperty = new TypedBeanProperty(xrefEntityClass,
roleEntityClass);
+
+ if (!xrefUserProperty.isSet())
+ {
+ throw new IdentityManagementException("Error configuring
JpaIdentityStore - it looks like " +
+ "you're using a cross-reference table, however the user
property cannot be determined.");
+ }
+
+ if (!xrefRoleProperty.isSet())
+ {
+ throw new IdentityManagementException("Error configuring
JpaIdentityStore - it looks like " +
+ "you're using a cross-reference table, however the role
property cannot be determined.");
+ }
+ }
+ }
+ }
+ }
+
+ public Class<?> getUserEntityClass()
+ {
+ return userEntityClass;
+ }
+
+ public void setUserEntityClass(Class<?> userEntityClass)
+ {
+ this.userEntityClass = userEntityClass;
+ }
+
+ public Class<?> getRoleEntityClass()
+ {
+ return roleEntityClass;
+ }
+
+ public void setRoleEntityClass(Class<?> roleEntityClass)
+ {
+ this.roleEntityClass = roleEntityClass;
+ }
+}