Seam SVN: r12450 - modules/security/trunk/impl/src/main/java/org/jboss/seam/security.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2010-04-13 06:16:35 -0400 (Tue, 13 Apr 2010)
New Revision: 12450
Removed:
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/crypto/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/jaas/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/util/
Log:
removed
16 years
- 1
- 0
Seam SVN: r12449 - modules/security/trunk/impl/src/main/java/org/jboss/seam/security.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2010-04-13 06:15:36 -0400 (Tue, 13 Apr 2010)
New Revision: 12449
Removed:
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/callbacks/
Log:
removed
16 years
- 1
- 0
Seam SVN: r12448 - in modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml: model and 1 other directories.
by seam-commits@lists.jboss.org
Author: swd847
Date: 2010-04-13 05:33:27 -0400 (Tue, 13 Apr 2010)
New Revision: 12448
Added:
modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/core/GenericBeanResult.java
modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/GenericBeanXmlItem.java
Modified:
modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/core/XmlResult.java
modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/ModelBuilder.java
modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/XmlItemType.java
modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/parser/namespace/RootNamespaceElementResolver.java
Log:
Added parser support for generic beans
Added: modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/core/GenericBeanResult.java
===================================================================
--- modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/core/GenericBeanResult.java (rev 0)
+++ modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/core/GenericBeanResult.java 2010-04-13 09:33:27 UTC (rev 12448)
@@ -0,0 +1,28 @@
+package org.jboss.seam.xml.core;
+
+import java.util.HashSet;
+import java.util.Set;
+
+public class GenericBeanResult
+{
+ final Class genericBean;
+
+ final Set<Class> secondaryBeans;
+
+ public GenericBeanResult(Class genericBean, Set<Class> secondaryBeans)
+ {
+ this.genericBean = genericBean;
+ this.secondaryBeans = new HashSet<Class>(secondaryBeans);
+ }
+
+ public Class getGenericBean()
+ {
+ return genericBean;
+ }
+
+ public Set<Class> getSecondaryBeans()
+ {
+ return secondaryBeans;
+ }
+
+}
Modified: modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/core/XmlResult.java
===================================================================
--- modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/core/XmlResult.java 2010-04-13 09:31:41 UTC (rev 12447)
+++ modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/core/XmlResult.java 2010-04-13 09:33:27 UTC (rev 12448)
@@ -21,39 +21,61 @@
public class XmlResult
{
- Map<Class<? extends Annotation>, Annotation[]> stereotypes = new HashMap<Class<? extends Annotation>, Annotation[]>();
+ private Map<Class<? extends Annotation>, Annotation[]> stereotypes = new HashMap<Class<? extends Annotation>, Annotation[]>();
- List<Class<? extends Annotation>> qualifiers = new ArrayList<Class<? extends Annotation>>();
+ private List<Class<? extends Annotation>> qualifiers = new ArrayList<Class<? extends Annotation>>();
- List<Class<? extends Annotation>> interceptorBindings = new ArrayList<Class<? extends Annotation>>();
+ private List<Class<? extends Annotation>> interceptorBindings = new ArrayList<Class<? extends Annotation>>();
- List<Class<?>> veto = new ArrayList<Class<?>>();
+ private List<Class<?>> veto = new ArrayList<Class<?>>();
- List<String> problems = new ArrayList<String>();
+ private List<String> problems = new ArrayList<String>();
- List<BeanResult<?>> beans = new ArrayList<BeanResult<?>>();
+ private List<BeanResult<?>> beans = new ArrayList<BeanResult<?>>();
- List<BeanResult<?>> interfaces = new ArrayList<BeanResult<?>>();
+ private List<BeanResult<?>> interfaces = new ArrayList<BeanResult<?>>();
- Map<BeanResult<?>, List<FieldValueObject>> fieldValues = new HashMap<BeanResult<?>, List<FieldValueObject>>();
+ private List<GenericBeanResult> genericBeans = new ArrayList<GenericBeanResult>();
- Map<Class<?>, List<FieldValueObject>> interfaceFieldValues = new HashMap<Class<?>, List<FieldValueObject>>();
+ private Map<BeanResult<?>, List<FieldValueObject>> fieldValues = new HashMap<BeanResult<?>, List<FieldValueObject>>();
+ private Map<Class<?>, List<FieldValueObject>> interfaceFieldValues = new HashMap<Class<?>, List<FieldValueObject>>();
+
+ public void addStereotype(Class<? extends Annotation> an, Annotation[] values)
+ {
+ stereotypes.put(an, values);
+ }
+
public Map<Class<? extends Annotation>, Annotation[]> getStereotypes()
{
return stereotypes;
}
+ public void addQualifier(Class<? extends Annotation> qualifier)
+ {
+ qualifiers.add(qualifier);
+ }
+
public List<Class<? extends Annotation>> getQualifiers()
{
return qualifiers;
}
+ public void addInterceptorBinding(Class<? extends Annotation> binding)
+ {
+ interceptorBindings.add(binding);
+ }
+
public List<Class<? extends Annotation>> getInterceptorBindings()
{
return interceptorBindings;
}
+ public void addBean(BeanResult<?> bean)
+ {
+ beans.add(bean);
+ }
+
public List<BeanResult<?>> getBeans()
{
return beans;
@@ -69,6 +91,11 @@
problems.add(p);
}
+ public void addFieldValue(BeanResult<?> res, List<FieldValueObject> list)
+ {
+ fieldValues.put(res, list);
+ }
+
public Map<BeanResult<?>, List<FieldValueObject>> getFieldValues()
{
return fieldValues;
@@ -84,14 +111,34 @@
return veto;
}
+ public void addInterface(BeanResult<?> bean)
+ {
+ interfaces.add(bean);
+ }
+
public List<BeanResult<?>> getInterfaces()
{
return interfaces;
}
+ public void addInterfaceFieldValues(Class<?> clazz, List<FieldValueObject> values)
+ {
+ interfaceFieldValues.put(clazz, values);
+ }
+
public Map<Class<?>, List<FieldValueObject>> getInterfaceFieldValues()
{
return interfaceFieldValues;
}
+ public void addGenericBean(GenericBeanResult result)
+ {
+ genericBeans.add(result);
+ }
+
+ public List<GenericBeanResult> getGenericBeans()
+ {
+ return genericBeans;
+ }
+
}
Added: modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/GenericBeanXmlItem.java
===================================================================
--- modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/GenericBeanXmlItem.java (rev 0)
+++ modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/GenericBeanXmlItem.java 2010-04-13 09:33:27 UTC (rev 12448)
@@ -0,0 +1,65 @@
+/*
+ * Distributed under the LGPL License
+ *
+ */
+package org.jboss.seam.xml.model;
+
+import java.util.Collections;
+import java.util.Map;
+import java.util.Set;
+
+import org.jboss.seam.xml.util.XmlConfigurationException;
+
+public class GenericBeanXmlItem extends AbstractXmlItem
+{
+
+ Class<?> javaClass;
+
+ public GenericBeanXmlItem(XmlItem parent, Map<String, String> attributes, String document, int lineno)
+ {
+ super(XmlItemType.GENERIC_BEAN, parent, null, null, attributes, document, lineno);
+ if (attributes.containsKey("class"))
+ {
+ javaClass = getClass(attributes.get("class"), document, lineno);
+ }
+ else
+ {
+ throw new XmlConfigurationException("<genericBean> element must have a class attribute", document, lineno);
+ }
+ }
+
+ public Set<XmlItemType> getAllowedItem()
+ {
+ return Collections.singleton(XmlItemType.CLASS);
+ }
+
+ public Class<?> getClass(String className, String document, int lineno)
+ {
+ try
+ {
+ if (Thread.currentThread().getContextClassLoader() != null)
+ {
+ return Thread.currentThread().getContextClassLoader().loadClass(className);
+ }
+ }
+ catch (ClassNotFoundException e)
+ {
+
+ }
+ try
+ {
+ return getClass().getClassLoader().loadClass(className);
+ }
+ catch (ClassNotFoundException e1)
+ {
+ throw new XmlConfigurationException("could not find class <genericBean>", document, lineno);
+ }
+ }
+
+ @Override
+ public Class<?> getJavaClass()
+ {
+ return javaClass;
+ }
+
+}
Modified: modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/ModelBuilder.java
===================================================================
--- modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/ModelBuilder.java 2010-04-13 09:31:41 UTC (rev 12447)
+++ modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/ModelBuilder.java 2010-04-13 09:33:27 UTC (rev 12448)
@@ -9,6 +9,7 @@
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -21,6 +22,7 @@
import javax.interceptor.InterceptorBinding;
import org.jboss.seam.xml.core.BeanResult;
+import org.jboss.seam.xml.core.GenericBeanResult;
import org.jboss.seam.xml.core.XmlResult;
import org.jboss.seam.xml.fieldset.FieldValueObject;
import org.jboss.seam.xml.parser.SaxNode;
@@ -107,11 +109,11 @@
BeanResult<?> tp = buildAnnotatedType((ClassXmlItem) rb);
if (rb.getJavaClass().isInterface())
{
- ret.getInterfaces().add(tp);
+ ret.addInterface(tp);
}
else
{
- ret.getBeans().add(tp);
+ ret.addBean(tp);
}
if (tp.isOverride() || tp.isExtend())
{
@@ -138,21 +140,21 @@
{
if (rb.getJavaClass().isInterface())
{
- ret.getInterfaceFieldValues().put(tp.getType(), fields);
+ ret.addInterfaceFieldValues(tp.getType(), fields);
}
else
{
- ret.getFieldValues().put(tp, fields);
+ ret.addFieldValue(tp, fields);
}
}
}
else if (type == ResultType.QUALIFIER)
{
- ret.getQualifiers().add((Class) rb.getJavaClass());
+ ret.addQualifier((Class) rb.getJavaClass());
}
else if (type == ResultType.INTERCEPTOR_BINDING)
{
- ret.getInterceptorBindings().add((Class) rb.getJavaClass());
+ ret.addInterceptorBinding((Class) rb.getJavaClass());
}
else if (type == ResultType.STEREOTYPE)
{
@@ -166,6 +168,16 @@
ret.addVeto(it.getJavaClass());
}
}
+ else if (rb.getType() == XmlItemType.GENERIC_BEAN)
+ {
+ GenericBeanXmlItem item = (GenericBeanXmlItem) rb;
+ Set<Class> classes = new HashSet<Class>();
+ for (ClassXmlItem c : rb.getChildrenOfType(ClassXmlItem.class))
+ {
+ classes.add(c.getJavaClass());
+ }
+ ret.addGenericBean(new GenericBeanResult(item.getJavaClass(), classes));
+ }
}
protected XmlItem resolveNode(SaxNode node, XmlItem parent)
@@ -429,7 +441,7 @@
}
count++;
}
- ret.getStereotypes().put((Class) rb.getJavaClass(), values);
+ ret.addStereotype((Class) rb.getJavaClass(), values);
}
Modified: modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/XmlItemType.java
===================================================================
--- modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/XmlItemType.java 2010-04-13 09:31:41 UTC (rev 12447)
+++ modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/model/XmlItemType.java 2010-04-13 09:33:27 UTC (rev 12448)
@@ -6,5 +6,5 @@
public enum XmlItemType
{
- CLASS, METHOD, FIELD, ANNOTATION, VALUE, VETO, ENTRY, KEY, DEPENDENCY, PARAMETERS, PARAMETER, ARRAY, OVERRIDE, SPECIALIZES, TYPE;
+ CLASS, METHOD, FIELD, ANNOTATION, VALUE, VETO, ENTRY, KEY, DEPENDENCY, PARAMETERS, PARAMETER, ARRAY, OVERRIDE, SPECIALIZES, TYPE, GENERIC_BEAN;
}
Modified: modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/parser/namespace/RootNamespaceElementResolver.java
===================================================================
--- modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/parser/namespace/RootNamespaceElementResolver.java 2010-04-13 09:31:41 UTC (rev 12447)
+++ modules/xml/trunk/impl/src/main/java/org/jboss/seam/xml/parser/namespace/RootNamespaceElementResolver.java 2010-04-13 09:33:27 UTC (rev 12448)
@@ -7,6 +7,7 @@
import org.jboss.seam.xml.model.ArrayXmlItem;
import org.jboss.seam.xml.model.ClassXmlItem;
import org.jboss.seam.xml.model.EntryXmlItem;
+import org.jboss.seam.xml.model.GenericBeanXmlItem;
import org.jboss.seam.xml.model.KeyXmlItem;
import org.jboss.seam.xml.model.OverrideXmlItem;
import org.jboss.seam.xml.model.ParameterXmlItem;
@@ -73,7 +74,10 @@
{
return new TypeXmlItem(parent, node.getDocument(), node.getLineNo());
}
-
+ else if (item.equals("genericBean"))
+ {
+ return new GenericBeanXmlItem(parent, node.getAttributes(), node.getDocument(), node.getLineNo());
+ }
// now deal with primitive types
Class<?> primType = null;
16 years
- 1
- 0
Seam SVN: r12447 - modules/security/trunk/api/src/main/java/org/jboss/seam/security.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2010-04-13 05:31:41 -0400 (Tue, 13 Apr 2010)
New Revision: 12447
Added:
modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java
Log:
added Identity interface
Added: modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java
===================================================================
--- modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java (rev 0)
+++ modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java 2010-04-13 09:31:41 UTC (rev 12447)
@@ -0,0 +1,146 @@
+package org.jboss.seam.security;
+
+import java.security.Principal;
+import java.util.Collection;
+
+import javax.security.auth.Subject;
+
+/**
+ * API for authorization and authentication via Seam security.
+ *
+ * @author Shane Bryzak
+ */
+public interface Identity
+{
+ /**
+ * Simple check that returns true if the user is logged in, without attempting to authenticate
+ *
+ * @return true if the user is logged in
+ */
+ boolean isLoggedIn();
+
+ /**
+ * Will attempt to authenticate quietly if the user's credentials are set and they haven't
+ * authenticated already. A quiet authentication doesn't throw any exceptions if authentication
+ * fails.
+ *
+ * @return true if the user is logged in, false otherwise
+ */
+ boolean tryLogin();
+
+ /**
+ * Return the currently authenticated Principal
+ *
+ * @return
+ */
+ Principal getPrincipal();
+
+ /**
+ * Return the Subject for the current session.
+ *
+ * @return
+ */
+ Subject getSubject();
+
+ /**
+ * Performs an authorization check, based on the specified security expression string.
+ *
+ * @param expr The security expression string to evaluate
+ * @throws NotLoggedInException Thrown if the authorization check fails and
+ * the user is not authenticated
+ * @throws AuthorizationException Thrown if the authorization check fails and
+ * the user is authenticated
+ */
+ void checkRestriction(String expr);
+
+ /**
+ * Attempts to authenticate the user. This method is distinct to the
+ * authenticate() method in that it raises events in response to whether
+ * authentication is successful or not. The following events may be raised
+ * by calling login():
+ *
+ * org.jboss.seam.security.events.LoggedInEvent - raised when authentication is successful
+ * org.jboss.seam.security.events.LoginFailedEvent - raised when authentication fails
+ * org.jboss.seam.security.events.AlreadyLoggedInEvent - raised if the user is already authenticated
+ *
+ * @return String returns "loggedIn" if user is authenticated, or null if not.
+ */
+ String login();
+
+ /**
+ * Attempts a quiet login, suppressing any login exceptions and not creating
+ * any faces messages. This method is intended to be used primarily as an
+ * internal API call, however has been made public for convenience.
+ */
+ void quietLogin();
+
+ /**
+ * Logs out the currently authenticated user
+ */
+ void logout();
+
+ /**
+ * Checks if the authenticated user is a member of the specified role.
+ *
+ * @param role String The name of the role to check
+ * @return boolean True if the user is a member of the specified role
+ */
+ boolean hasRole(String role);
+
+ /**
+ * Adds a role to the authenticated user. If the user is not logged in,
+ * the role will be added to a list of roles that will be granted to the
+ * user upon successful authentication, but only during the authentication
+ * process.
+ *
+ * @param role The name of the role to add
+ */
+ boolean addRole(String role); /**
+
+ * Removes a role from the authenticated user
+ *
+ * @param role The name of the role to remove
+ */
+ void removeRole(String role);
+
+ /**
+ * Checks that the current authenticated user is a member of
+ * the specified role.
+ *
+ * @param role String The name of the role to check
+ * @throws AuthorizationException if the authenticated user is not a member of the role
+ */
+ void checkRole(String role);
+
+ /**
+ * Checks if the currently authenticated user can perform the specified action
+ * on the specified target object.
+ *
+ * @param target The target object for which the user wishes to perform a restricted action
+ * @param action The action that the user wishes to perform
+ * @throws NotLoggedInException if the current user is not authenticated
+ * @throws AuthorizationException if the current user does not have the necessary
+ * privileges to perform the specified action on the specified target object.
+ */
+ void checkPermission(Object target, String action);
+
+ /**
+ * Filters a collection of objects by a specified action, by removing the
+ * objects from the collection for which the user doesn't have the necessary
+ * privileges to perform the specified action against that object.
+ *
+ * @param collection The Collection to filter
+ * @param action The name of the action to filter by
+ */
+ void filterByPermission(Collection<?> collection, String action);
+
+ /**
+ * Checks if the currently authenticated user has the necessary privileges to perform the
+ * specified action on the specified target object.
+ *
+ * @param target
+ * @param action
+ * @return true if the user has the required privileges, otherwise false
+ */
+ boolean hasPermission(Object target, String action);
+}
16 years
- 1
- 0
Seam SVN: r12446 - in modules/security/trunk: api and 15 other directories.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2010-04-13 05:09:07 -0400 (Tue, 13 Apr 2010)
New Revision: 12446
Added:
modules/security/trunk/api/
modules/security/trunk/api/pom.xml
modules/security/trunk/api/src/
modules/security/trunk/api/src/main/
modules/security/trunk/api/src/main/java/
modules/security/trunk/api/src/main/java/org/
modules/security/trunk/api/src/main/java/org/jboss/
modules/security/trunk/api/src/main/java/org/jboss/seam/
modules/security/trunk/api/src/main/java/org/jboss/seam/security/
modules/security/trunk/impl/
modules/security/trunk/impl/pom.xml
modules/security/trunk/impl/src/
modules/security/trunk/impl/src/main/
modules/security/trunk/impl/src/main/java/
modules/security/trunk/impl/src/main/java/org/
modules/security/trunk/impl/src/main/java/org/jboss/
modules/security/trunk/impl/src/main/java/org/jboss/seam/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/callbacks/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/crypto/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/jaas/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/util/
Removed:
modules/security/trunk/core/src/main/java/org/jboss/seam/security/Identity.java
Modified:
modules/security/trunk/pom.xml
Log:
split into api and impl projects
Added: modules/security/trunk/api/pom.xml
===================================================================
--- modules/security/trunk/api/pom.xml (rev 0)
+++ modules/security/trunk/api/pom.xml 2010-04-13 09:09:07 UTC (rev 12446)
@@ -0,0 +1,36 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.jboss.seam.security</groupId>
+ <artifactId>seam-security-parent</artifactId>
+ <version>3.0.0-SNAPSHOT</version>
+ </parent>
+
+ <groupId>org.jboss.seam.security</groupId>
+ <artifactId>seam-security-api</artifactId>
+ <version>3.0.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+ <name>Seam Security API</name>
+
+ <dependencies>
+
+ <dependency>
+ <groupId>javax.enterprise</groupId>
+ <artifactId>cdi-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <version>2.6.1</version>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
Deleted: modules/security/trunk/core/src/main/java/org/jboss/seam/security/Identity.java
===================================================================
--- modules/security/trunk/core/src/main/java/org/jboss/seam/security/Identity.java 2010-04-13 08:51:07 UTC (rev 12445)
+++ modules/security/trunk/core/src/main/java/org/jboss/seam/security/Identity.java 2010-04-13 09:09:07 UTC (rev 12446)
@@ -1,674 +0,0 @@
-package org.jboss.seam.security;
-
-import java.io.IOException;
-import java.io.Serializable;
-import java.security.Principal;
-import java.security.acl.Group;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.Set;
-
-import javax.el.ValueExpression;
-import javax.enterprise.context.SessionScoped;
-import javax.inject.Inject;
-import javax.inject.Named;
-import javax.enterprise.inject.Instance;
-import javax.enterprise.inject.spi.Bean;
-import javax.enterprise.inject.spi.BeanManager;
-import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-
-import org.jboss.seam.security.callbacks.AuthenticatorCallback;
-import org.jboss.seam.security.callbacks.IdentityCallback;
-import org.jboss.seam.security.callbacks.IdentityManagerCallback;
-import org.jboss.seam.security.events.AlreadyLoggedInEvent;
-import org.jboss.seam.security.events.LoggedInEvent;
-import org.jboss.seam.security.events.LoggedOutEvent;
-import org.jboss.seam.security.events.LoginFailedEvent;
-import org.jboss.seam.security.events.NotAuthorizedEvent;
-import org.jboss.seam.security.events.NotLoggedInEvent;
-import org.jboss.seam.security.events.PostAuthenticateEvent;
-import org.jboss.seam.security.events.PreAuthenticateEvent;
-import org.jboss.seam.security.events.QuietLoginEvent;
-import org.jboss.seam.security.management.IdentityManager;
-import org.jboss.seam.security.permission.PermissionMapper;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * API for authorization and authentication via Seam security.
- *
- * @author Shane Bryzak
- */
-@Named
-@SessionScoped
-public class Identity implements Serializable
-{
- private static final long serialVersionUID = 3751659008033189259L;
-
- protected static boolean securityEnabled = true;
-
- public static final String ROLES_GROUP = "Roles";
-
- Logger log = LoggerFactory.getLogger(Identity.class);
-
- @Inject private BeanManager manager;
- @Inject private Credentials credentials;
- @Inject private PermissionMapper permissionMapper;
-
- @Inject private IdentityManager identityManager;
-
- @Inject Instance<RequestSecurityState> requestSecurityState;
-
- private Principal principal;
- private Subject subject;
- private String jaasConfigName = null;
- private List<String> preAuthenticationRoles = new ArrayList<String>();
-
- private transient ThreadLocal<Boolean> systemOp;
-
- /**
- * Flag that indicates we are in the process of authenticating
- */
- private boolean authenticating = false;
-
- @Inject
- public void create()
- {
- subject = new Subject();
- }
-
- public static boolean isSecurityEnabled()
- {
- return securityEnabled;
- }
-
- public static void setSecurityEnabled(boolean enabled)
- {
- securityEnabled = enabled;
- }
-
- /**
- * Simple check that returns true if the user is logged in, without attempting to authenticate
- *
- * @return true if the user is logged in
- */
- public boolean isLoggedIn()
- {
- // If there is a principal set, then the user is logged in.
- return getPrincipal() != null;
- }
-
- /**
- * Will attempt to authenticate quietly if the user's credentials are set and they haven't
- * authenticated already. A quiet authentication doesn't throw any exceptions if authentication
- * fails.
- *
- * @return true if the user is logged in, false otherwise
- */
- public boolean tryLogin()
- {
- if (!authenticating && getPrincipal() == null && credentials.isSet() &&
- !requestSecurityState.get().isLoginTried())
- {
- requestSecurityState.get().setLoginTried(true);
- quietLogin();
- }
-
- return isLoggedIn();
- }
-
- public Principal getPrincipal()
- {
- return principal;
- }
-
- public Subject getSubject()
- {
- return subject;
- }
-
- /**
- * Performs an authorization check, based on the specified security expression.
- *
- * @param expr The security expression to evaluate
- * @throws NotLoggedInException Thrown if the authorization check fails and
- * the user is not authenticated
- * @throws AuthorizationException Thrown if the authorization check fails and
- * the user is authenticated
- */
- // QUESTION should we add the dependency on el-api for the sake of avoiding reinstantiating the VE?
-
- // TODO redesign restrictions system to be typesafe
- /*
- public void checkRestriction(ValueExpression expression)
- {
- if (!securityEnabled)
- {
- return;
- }
-
- if (!expressions.getValue(expression, Boolean.class))
- {
- if (!isLoggedIn())
- {
- manager.fireEvent(new NotLoggedInEvent());
-
- log.debug(String.format(
- "Error evaluating expression [%s] - User not logged in", expression.getExpressionString()));
- throw new NotLoggedInException();
- }
- else
- {
- manager.fireEvent(new NotAuthorizedEvent());
- throw new AuthorizationException(String.format(
- "Authorization check failed for expression [%s]", expression.getExpressionString()));
- }
- }
- }*/
-
- /**
- * Performs an authorization check, based on the specified security expression string.
- *
- * @param expr The security expression string to evaluate
- * @throws NotLoggedInException Thrown if the authorization check fails and
- * the user is not authenticated
- * @throws AuthorizationException Thrown if the authorization check fails and
- * the user is authenticated
- */
-
- /*
- public void checkRestriction(String expr)
- {
- if (!securityEnabled)
- {
- return;
- }
-
- checkRestriction(expressions.createValueExpression(expr, Boolean.class).toUnifiedValueExpression());
- }*/
-
- /**
- * Attempts to authenticate the user. This method is distinct to the
- * authenticate() method in that it raises events in response to whether
- * authentication is successful or not. The following events may be raised
- * by calling login():
- *
- * org.jboss.seam.security.loginSuccessful - raised when authentication is successful
- * org.jboss.seam.security.loginFailed - raised when authentication fails
- * org.jboss.seam.security.alreadyLoggedIn - raised if the user is already authenticated
- *
- * @return String returns "loggedIn" if user is authenticated, or null if not.
- */
- public String login()
- {
- try
- {
- if (isLoggedIn())
- {
- // If authentication has already occurred during this request via a silent login,
- // and login() is explicitly called then we still want to raise the LOGIN_SUCCESSFUL event,
- // and then return.
- if (requestSecurityState.get().isSilentLogin())
- {
- manager.fireEvent(new LoggedInEvent(principal));
- return "loggedIn";
- }
-
- manager.fireEvent(new AlreadyLoggedInEvent());
- return "loggedIn";
- }
-
- authenticate();
-
- if (!isLoggedIn())
- {
- throw new LoginException();
- }
-
- if ( log.isDebugEnabled() )
- {
- log.debug("Login successful for: " + credentials);
- }
-
- manager.fireEvent(new LoggedInEvent(principal));
- return "loggedIn";
- }
- catch (LoginException ex)
- {
- credentials.invalidate();
-
- if ( log.isDebugEnabled() )
- {
- log.debug("Login failed for: " + credentials, ex);
- }
-
- manager.fireEvent(new LoginFailedEvent(ex));
- }
-
- return null;
- }
-
- /**
- * Attempts a quiet login, suppressing any login exceptions and not creating
- * any faces messages. This method is intended to be used primarily as an
- * internal API call, however has been made public for convenience.
- */
- public void quietLogin()
- {
- try
- {
- manager.fireEvent(new QuietLoginEvent());
-
- // Ensure that we haven't been authenticated as a result of the EVENT_QUIET_LOGIN event
- if (!isLoggedIn())
- {
- if (credentials.isSet())
- {
- authenticate();
-
- if (isLoggedIn())
- {
- requestSecurityState.get().setSilentLogin(true);
- }
- }
- }
- }
- catch (LoginException ex)
- {
- credentials.invalidate();
- }
- }
-
- /**
- *
- * @throws LoginException
- */
- public synchronized void authenticate()
- throws LoginException
- {
- // If we're already authenticated, then don't authenticate again
- if (!isLoggedIn() && !credentials.isInvalid())
- {
- principal = null;
- subject = new Subject();
- authenticate( getLoginContext() );
- }
- }
-
-
- protected void authenticate(LoginContext loginContext)
- throws LoginException
- {
- try
- {
- authenticating = true;
- preAuthenticate();
- loginContext.login();
- postAuthenticate();
- }
- finally
- {
- // Set password to null whether authentication is successful or not
- credentials.setPassword(null);
- authenticating = false;
- }
- }
-
- /**
- * Clears any roles added by calling addRole() while not authenticated.
- * This method may be overridden by a subclass if different
- * pre-authentication logic should occur.
- */
- protected void preAuthenticate()
- {
- preAuthenticationRoles.clear();
- manager.fireEvent(new PreAuthenticateEvent());
- }
-
- /**
- * Extracts the principal from the subject, and populates the roles of the
- * authenticated user. This method may be overridden by a subclass if
- * different post-authentication logic should occur.
- */
- protected void postAuthenticate()
- {
- // Populate the working memory with the user's principals
- for ( Principal p : getSubject().getPrincipals() )
- {
- if ( !(p instanceof Group))
- {
- if (principal == null)
- {
- principal = p;
- break;
- }
- }
- }
-
- if (!preAuthenticationRoles.isEmpty() && isLoggedIn())
- {
- for (String role : preAuthenticationRoles)
- {
- addRole(role);
- }
- preAuthenticationRoles.clear();
- }
-
- credentials.setPassword(null);
-
- manager.fireEvent(new PostAuthenticateEvent());
- }
-
- /**
- * Resets all security state and credentials
- */
- public void unAuthenticate()
- {
- principal = null;
- subject = new Subject();
-
- credentials.clear();
- }
-
- protected LoginContext getLoginContext() throws LoginException
- {
- if (getJaasConfigName() != null)
- {
- return new LoginContext(getJaasConfigName(), getSubject(),
- createCallbackHandler());
- }
-
- @SuppressWarnings("unchecked")
- Bean<Configuration> configBean = (Bean<Configuration>) manager.getBeans(Configuration.class).iterator().next();
- Configuration config = (Configuration) manager.getReference(configBean, Configuration.class, manager.createCreationalContext(configBean));
-
- return new LoginContext(JaasConfiguration.DEFAULT_JAAS_CONFIG_NAME, getSubject(),
- createCallbackHandler(), config);
- }
-
-
- /**
- * Creates a callback handler that can handle a standard username/password
- * callback, using the credentials username and password properties
- */
- public CallbackHandler createCallbackHandler()
- {
- final Identity identity = this;
- final Authenticator authenticator;
-
- Set<Bean<?>> authenticators = manager.getBeans(Authenticator.class);
- if (authenticators.size() == 1)
- {
- @SuppressWarnings("unchecked")
- Bean<Authenticator> authenticatorBean = (Bean<Authenticator>) authenticators.iterator().next();
- authenticator = (Authenticator) manager.getReference(authenticatorBean, Authenticator.class, manager.createCreationalContext(authenticatorBean));
- }
- else if (authenticators.size() > 1)
- {
- throw new IllegalStateException("More than one Authenticator bean found - please ensure " +
- "only one Authenticator implementation is provided");
- }
- else
- {
- authenticator = null;
- }
-
- return new CallbackHandler()
- {
- public void handle(Callback[] callbacks)
- throws IOException, UnsupportedCallbackException
- {
- for (int i=0; i < callbacks.length; i++)
- {
- if (callbacks[i] instanceof NameCallback)
- {
- ( (NameCallback) callbacks[i] ).setName(credentials.getUsername());
- }
- else if (callbacks[i] instanceof PasswordCallback)
- {
- ( (PasswordCallback) callbacks[i] ).setPassword( credentials.getPassword() != null ?
- credentials.getPassword().toCharArray() : null );
- }
- else if (callbacks[i] instanceof IdentityCallback)
- {
- ((IdentityCallback ) callbacks[i]).setIdentity(identity);
- }
- else if (callbacks[i] instanceof AuthenticatorCallback)
- {
- ((AuthenticatorCallback) callbacks[i]).setAuthenticator(authenticator);
- }
- else if (callbacks[i] instanceof IdentityManagerCallback)
- {
- ((IdentityManagerCallback) callbacks[i]).setIdentityManager(identityManager);
- }
- else
- {
- log.warn("Unsupported callback " + callbacks[i]);
- }
- }
- }
- };
- }
-
- public void logout()
- {
- if (isLoggedIn())
- {
- LoggedOutEvent loggedOutEvent = new LoggedOutEvent(principal);
- unAuthenticate();
-
- // TODO - invalidate the session
- // Session.instance().invalidate();
-
- manager.fireEvent(loggedOutEvent);
- }
- }
-
- /**
- * Checks if the authenticated user is a member of the specified role.
- *
- * @param role String The name of the role to check
- * @return boolean True if the user is a member of the specified role
- */
- public boolean hasRole(String role)
- {
- if (!securityEnabled) return true;
- if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return true;
-
- tryLogin();
-
- for ( Group sg : getSubject().getPrincipals(Group.class) )
- {
- if ( ROLES_GROUP.equals( sg.getName() ) )
- {
- return sg.isMember( new Role(role) );
- }
- }
- return false;
- }
-
- /**
- * Adds a role to the authenticated user. If the user is not logged in,
- * the role will be added to a list of roles that will be granted to the
- * user upon successful authentication, but only during the authentication
- * process.
- *
- * @param role The name of the role to add
- */
- public boolean addRole(String role)
- {
- if (role == null || "".equals(role)) return false;
-
- if (!isLoggedIn())
- {
- preAuthenticationRoles.add(role);
- return false;
- }
- else
- {
- for ( Group sg : getSubject().getPrincipals(Group.class) )
- {
- if ( ROLES_GROUP.equals( sg.getName() ) )
- {
- return sg.addMember(new Role(role));
- }
- }
-
- SimpleGroup roleGroup = new SimpleGroup(ROLES_GROUP);
- roleGroup.addMember(new Role(role));
- getSubject().getPrincipals().add(roleGroup);
- return true;
- }
- }
-
- /**
- * Removes a role from the authenticated user
- *
- * @param role The name of the role to remove
- */
- public void removeRole(String role)
- {
- for ( Group sg : getSubject().getPrincipals(Group.class) )
- {
- if ( ROLES_GROUP.equals( sg.getName() ) )
- {
- Enumeration<?> e = sg.members();
- while (e.hasMoreElements())
- {
- Principal member = (Principal) e.nextElement();
- if (member.getName().equals(role))
- {
- sg.removeMember(member);
- break;
- }
- }
-
- }
- }
- }
-
- /**
- * Checks that the current authenticated user is a member of
- * the specified role.
- *
- * @param role String The name of the role to check
- * @throws AuthorizationException if the authenticated user is not a member of the role
- */
- public void checkRole(String role)
- {
- tryLogin();
-
- if ( !hasRole(role) )
- {
- if ( !isLoggedIn() )
- {
- manager.fireEvent(new NotLoggedInEvent());
- throw new NotLoggedInException();
- }
- else
- {
- manager.fireEvent(new NotAuthorizedEvent());
- throw new AuthorizationException(String.format(
- "Authorization check failed for role [%s]", role));
- }
- }
- }
-
- public void checkPermission(Object target, String action)
- {
- if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return;
-
- tryLogin();
-
- if ( !hasPermission(target, action) )
- {
- if ( !isLoggedIn() )
- {
- manager.fireEvent(new NotLoggedInEvent());
- throw new NotLoggedInException();
- }
- else
- {
- manager.fireEvent(new NotAuthorizedEvent());
- throw new AuthorizationException(String.format(
- "Authorization check failed for permission[%s,%s]", target, action));
- }
- }
- }
-
- public void filterByPermission(Collection<?> collection, String action)
- {
- permissionMapper.filterByPermission(collection, action);
- }
-
- public boolean hasPermission(Object target, String action)
- {
- if (!securityEnabled) return true;
- if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return true;
- if (permissionMapper == null) return false;
- if (target == null) return false;
-
- return permissionMapper.resolvePermission(target, action);
- }
-
- /**
- * Evaluates the specified security expression, which must return a boolean
- * value.
- *
- * @param expr String The expression to evaluate
- * @return boolean The result of the expression evaluation
- */
- /*
- protected boolean evaluateExpression(String expr)
- {
- return expressions.createValueExpression(expr, Boolean.class).getValue();
- }*/
-
- public String getJaasConfigName()
- {
- return jaasConfigName;
- }
-
- public void setJaasConfigName(String jaasConfigName)
- {
- this.jaasConfigName = jaasConfigName;
- }
-
- public synchronized void runAs(RunAsOperation operation)
- {
- Principal savedPrincipal = getPrincipal();
- Subject savedSubject = getSubject();
-
- try
- {
- principal = operation.getPrincipal();
- subject = operation.getSubject();
-
- if (systemOp == null)
- {
- systemOp = new ThreadLocal<Boolean>();
- }
-
- systemOp.set(operation.isSystemOperation());
-
- operation.execute();
- }
- finally
- {
- systemOp.set(false);
- principal = savedPrincipal;
- subject = savedSubject;
- }
- }
-}
Added: modules/security/trunk/impl/pom.xml
===================================================================
--- modules/security/trunk/impl/pom.xml (rev 0)
+++ modules/security/trunk/impl/pom.xml 2010-04-13 09:09:07 UTC (rev 12446)
@@ -0,0 +1,72 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.jboss.seam.security</groupId>
+ <artifactId>seam-security-parent</artifactId>
+ <version>3.0.0-SNAPSHOT</version>
+ </parent>
+
+ <groupId>org.jboss.seam.security</groupId>
+ <artifactId>seam-security-impl</artifactId>
+ <version>3.0.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+ <name>Seam Security Implementation</name>
+
+ <dependencies>
+ <dependency>
+ <groupId>javax.el</groupId>
+ <artifactId>el-api</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>javax.validation</groupId>
+ <artifactId>validation-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>javax.enterprise</groupId>
+ <artifactId>cdi-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>javax.persistence</groupId>
+ <artifactId>persistence-api</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.seam.drools</groupId>
+ <artifactId>seam-drools-core</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.seam</groupId>
+ <artifactId>seam-persistence</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-core</artifactId>
+ </dependency>
+
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <version>2.6.1</version>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
Copied: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java (from rev 12256, modules/security/trunk/core/src/main/java/org/jboss/seam/security/Identity.java)
===================================================================
--- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java (rev 0)
+++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java 2010-04-13 09:09:07 UTC (rev 12446)
@@ -0,0 +1,674 @@
+package org.jboss.seam.security;
+
+import java.io.IOException;
+import java.io.Serializable;
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.List;
+import java.util.Set;
+
+import javax.el.ValueExpression;
+import javax.enterprise.context.SessionScoped;
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.enterprise.inject.Instance;
+import javax.enterprise.inject.spi.Bean;
+import javax.enterprise.inject.spi.BeanManager;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+import org.jboss.seam.security.callbacks.AuthenticatorCallback;
+import org.jboss.seam.security.callbacks.IdentityCallback;
+import org.jboss.seam.security.callbacks.IdentityManagerCallback;
+import org.jboss.seam.security.events.AlreadyLoggedInEvent;
+import org.jboss.seam.security.events.LoggedInEvent;
+import org.jboss.seam.security.events.LoggedOutEvent;
+import org.jboss.seam.security.events.LoginFailedEvent;
+import org.jboss.seam.security.events.NotAuthorizedEvent;
+import org.jboss.seam.security.events.NotLoggedInEvent;
+import org.jboss.seam.security.events.PostAuthenticateEvent;
+import org.jboss.seam.security.events.PreAuthenticateEvent;
+import org.jboss.seam.security.events.QuietLoginEvent;
+import org.jboss.seam.security.management.IdentityManager;
+import org.jboss.seam.security.permission.PermissionMapper;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * API for authorization and authentication via Seam security.
+ *
+ * @author Shane Bryzak
+ */
+@Named
+@SessionScoped
+public class Identity implements Serializable
+{
+ private static final long serialVersionUID = 3751659008033189259L;
+
+ protected static boolean securityEnabled = true;
+
+ public static final String ROLES_GROUP = "Roles";
+
+ Logger log = LoggerFactory.getLogger(Identity.class);
+
+ @Inject private BeanManager manager;
+ @Inject private Credentials credentials;
+ @Inject private PermissionMapper permissionMapper;
+
+ @Inject private IdentityManager identityManager;
+
+ @Inject Instance<RequestSecurityState> requestSecurityState;
+
+ private Principal principal;
+ private Subject subject;
+ private String jaasConfigName = null;
+ private List<String> preAuthenticationRoles = new ArrayList<String>();
+
+ private transient ThreadLocal<Boolean> systemOp;
+
+ /**
+ * Flag that indicates we are in the process of authenticating
+ */
+ private boolean authenticating = false;
+
+ @Inject
+ public void create()
+ {
+ subject = new Subject();
+ }
+
+ public static boolean isSecurityEnabled()
+ {
+ return securityEnabled;
+ }
+
+ public static void setSecurityEnabled(boolean enabled)
+ {
+ securityEnabled = enabled;
+ }
+
+ /**
+ * Simple check that returns true if the user is logged in, without attempting to authenticate
+ *
+ * @return true if the user is logged in
+ */
+ public boolean isLoggedIn()
+ {
+ // If there is a principal set, then the user is logged in.
+ return getPrincipal() != null;
+ }
+
+ /**
+ * Will attempt to authenticate quietly if the user's credentials are set and they haven't
+ * authenticated already. A quiet authentication doesn't throw any exceptions if authentication
+ * fails.
+ *
+ * @return true if the user is logged in, false otherwise
+ */
+ public boolean tryLogin()
+ {
+ if (!authenticating && getPrincipal() == null && credentials.isSet() &&
+ !requestSecurityState.get().isLoginTried())
+ {
+ requestSecurityState.get().setLoginTried(true);
+ quietLogin();
+ }
+
+ return isLoggedIn();
+ }
+
+ public Principal getPrincipal()
+ {
+ return principal;
+ }
+
+ public Subject getSubject()
+ {
+ return subject;
+ }
+
+ /**
+ * Performs an authorization check, based on the specified security expression.
+ *
+ * @param expr The security expression to evaluate
+ * @throws NotLoggedInException Thrown if the authorization check fails and
+ * the user is not authenticated
+ * @throws AuthorizationException Thrown if the authorization check fails and
+ * the user is authenticated
+ */
+ // QUESTION should we add the dependency on el-api for the sake of avoiding reinstantiating the VE?
+
+ // TODO redesign restrictions system to be typesafe
+ /*
+ public void checkRestriction(ValueExpression expression)
+ {
+ if (!securityEnabled)
+ {
+ return;
+ }
+
+ if (!expressions.getValue(expression, Boolean.class))
+ {
+ if (!isLoggedIn())
+ {
+ manager.fireEvent(new NotLoggedInEvent());
+
+ log.debug(String.format(
+ "Error evaluating expression [%s] - User not logged in", expression.getExpressionString()));
+ throw new NotLoggedInException();
+ }
+ else
+ {
+ manager.fireEvent(new NotAuthorizedEvent());
+ throw new AuthorizationException(String.format(
+ "Authorization check failed for expression [%s]", expression.getExpressionString()));
+ }
+ }
+ }*/
+
+ /**
+ * Performs an authorization check, based on the specified security expression string.
+ *
+ * @param expr The security expression string to evaluate
+ * @throws NotLoggedInException Thrown if the authorization check fails and
+ * the user is not authenticated
+ * @throws AuthorizationException Thrown if the authorization check fails and
+ * the user is authenticated
+ */
+
+ /*
+ public void checkRestriction(String expr)
+ {
+ if (!securityEnabled)
+ {
+ return;
+ }
+
+ checkRestriction(expressions.createValueExpression(expr, Boolean.class).toUnifiedValueExpression());
+ }*/
+
+ /**
+ * Attempts to authenticate the user. This method is distinct to the
+ * authenticate() method in that it raises events in response to whether
+ * authentication is successful or not. The following events may be raised
+ * by calling login():
+ *
+ * org.jboss.seam.security.loginSuccessful - raised when authentication is successful
+ * org.jboss.seam.security.loginFailed - raised when authentication fails
+ * org.jboss.seam.security.alreadyLoggedIn - raised if the user is already authenticated
+ *
+ * @return String returns "loggedIn" if user is authenticated, or null if not.
+ */
+ public String login()
+ {
+ try
+ {
+ if (isLoggedIn())
+ {
+ // If authentication has already occurred during this request via a silent login,
+ // and login() is explicitly called then we still want to raise the LOGIN_SUCCESSFUL event,
+ // and then return.
+ if (requestSecurityState.get().isSilentLogin())
+ {
+ manager.fireEvent(new LoggedInEvent(principal));
+ return "loggedIn";
+ }
+
+ manager.fireEvent(new AlreadyLoggedInEvent());
+ return "loggedIn";
+ }
+
+ authenticate();
+
+ if (!isLoggedIn())
+ {
+ throw new LoginException();
+ }
+
+ if ( log.isDebugEnabled() )
+ {
+ log.debug("Login successful for: " + credentials);
+ }
+
+ manager.fireEvent(new LoggedInEvent(principal));
+ return "loggedIn";
+ }
+ catch (LoginException ex)
+ {
+ credentials.invalidate();
+
+ if ( log.isDebugEnabled() )
+ {
+ log.debug("Login failed for: " + credentials, ex);
+ }
+
+ manager.fireEvent(new LoginFailedEvent(ex));
+ }
+
+ return null;
+ }
+
+ /**
+ * Attempts a quiet login, suppressing any login exceptions and not creating
+ * any faces messages. This method is intended to be used primarily as an
+ * internal API call, however has been made public for convenience.
+ */
+ public void quietLogin()
+ {
+ try
+ {
+ manager.fireEvent(new QuietLoginEvent());
+
+ // Ensure that we haven't been authenticated as a result of the EVENT_QUIET_LOGIN event
+ if (!isLoggedIn())
+ {
+ if (credentials.isSet())
+ {
+ authenticate();
+
+ if (isLoggedIn())
+ {
+ requestSecurityState.get().setSilentLogin(true);
+ }
+ }
+ }
+ }
+ catch (LoginException ex)
+ {
+ credentials.invalidate();
+ }
+ }
+
+ /**
+ *
+ * @throws LoginException
+ */
+ public synchronized void authenticate()
+ throws LoginException
+ {
+ // If we're already authenticated, then don't authenticate again
+ if (!isLoggedIn() && !credentials.isInvalid())
+ {
+ principal = null;
+ subject = new Subject();
+ authenticate( getLoginContext() );
+ }
+ }
+
+
+ protected void authenticate(LoginContext loginContext)
+ throws LoginException
+ {
+ try
+ {
+ authenticating = true;
+ preAuthenticate();
+ loginContext.login();
+ postAuthenticate();
+ }
+ finally
+ {
+ // Set password to null whether authentication is successful or not
+ credentials.setPassword(null);
+ authenticating = false;
+ }
+ }
+
+ /**
+ * Clears any roles added by calling addRole() while not authenticated.
+ * This method may be overridden by a subclass if different
+ * pre-authentication logic should occur.
+ */
+ protected void preAuthenticate()
+ {
+ preAuthenticationRoles.clear();
+ manager.fireEvent(new PreAuthenticateEvent());
+ }
+
+ /**
+ * Extracts the principal from the subject, and populates the roles of the
+ * authenticated user. This method may be overridden by a subclass if
+ * different post-authentication logic should occur.
+ */
+ protected void postAuthenticate()
+ {
+ // Populate the working memory with the user's principals
+ for ( Principal p : getSubject().getPrincipals() )
+ {
+ if ( !(p instanceof Group))
+ {
+ if (principal == null)
+ {
+ principal = p;
+ break;
+ }
+ }
+ }
+
+ if (!preAuthenticationRoles.isEmpty() && isLoggedIn())
+ {
+ for (String role : preAuthenticationRoles)
+ {
+ addRole(role);
+ }
+ preAuthenticationRoles.clear();
+ }
+
+ credentials.setPassword(null);
+
+ manager.fireEvent(new PostAuthenticateEvent());
+ }
+
+ /**
+ * Resets all security state and credentials
+ */
+ public void unAuthenticate()
+ {
+ principal = null;
+ subject = new Subject();
+
+ credentials.clear();
+ }
+
+ protected LoginContext getLoginContext() throws LoginException
+ {
+ if (getJaasConfigName() != null)
+ {
+ return new LoginContext(getJaasConfigName(), getSubject(),
+ createCallbackHandler());
+ }
+
+ @SuppressWarnings("unchecked")
+ Bean<Configuration> configBean = (Bean<Configuration>) manager.getBeans(Configuration.class).iterator().next();
+ Configuration config = (Configuration) manager.getReference(configBean, Configuration.class, manager.createCreationalContext(configBean));
+
+ return new LoginContext(JaasConfiguration.DEFAULT_JAAS_CONFIG_NAME, getSubject(),
+ createCallbackHandler(), config);
+ }
+
+
+ /**
+ * Creates a callback handler that can handle a standard username/password
+ * callback, using the credentials username and password properties
+ */
+ public CallbackHandler createCallbackHandler()
+ {
+ final Identity identity = this;
+ final Authenticator authenticator;
+
+ Set<Bean<?>> authenticators = manager.getBeans(Authenticator.class);
+ if (authenticators.size() == 1)
+ {
+ @SuppressWarnings("unchecked")
+ Bean<Authenticator> authenticatorBean = (Bean<Authenticator>) authenticators.iterator().next();
+ authenticator = (Authenticator) manager.getReference(authenticatorBean, Authenticator.class, manager.createCreationalContext(authenticatorBean));
+ }
+ else if (authenticators.size() > 1)
+ {
+ throw new IllegalStateException("More than one Authenticator bean found - please ensure " +
+ "only one Authenticator implementation is provided");
+ }
+ else
+ {
+ authenticator = null;
+ }
+
+ return new CallbackHandler()
+ {
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException
+ {
+ for (int i=0; i < callbacks.length; i++)
+ {
+ if (callbacks[i] instanceof NameCallback)
+ {
+ ( (NameCallback) callbacks[i] ).setName(credentials.getUsername());
+ }
+ else if (callbacks[i] instanceof PasswordCallback)
+ {
+ ( (PasswordCallback) callbacks[i] ).setPassword( credentials.getPassword() != null ?
+ credentials.getPassword().toCharArray() : null );
+ }
+ else if (callbacks[i] instanceof IdentityCallback)
+ {
+ ((IdentityCallback ) callbacks[i]).setIdentity(identity);
+ }
+ else if (callbacks[i] instanceof AuthenticatorCallback)
+ {
+ ((AuthenticatorCallback) callbacks[i]).setAuthenticator(authenticator);
+ }
+ else if (callbacks[i] instanceof IdentityManagerCallback)
+ {
+ ((IdentityManagerCallback) callbacks[i]).setIdentityManager(identityManager);
+ }
+ else
+ {
+ log.warn("Unsupported callback " + callbacks[i]);
+ }
+ }
+ }
+ };
+ }
+
+ public void logout()
+ {
+ if (isLoggedIn())
+ {
+ LoggedOutEvent loggedOutEvent = new LoggedOutEvent(principal);
+ unAuthenticate();
+
+ // TODO - invalidate the session
+ // Session.instance().invalidate();
+
+ manager.fireEvent(loggedOutEvent);
+ }
+ }
+
+ /**
+ * Checks if the authenticated user is a member of the specified role.
+ *
+ * @param role String The name of the role to check
+ * @return boolean True if the user is a member of the specified role
+ */
+ public boolean hasRole(String role)
+ {
+ if (!securityEnabled) return true;
+ if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return true;
+
+ tryLogin();
+
+ for ( Group sg : getSubject().getPrincipals(Group.class) )
+ {
+ if ( ROLES_GROUP.equals( sg.getName() ) )
+ {
+ return sg.isMember( new Role(role) );
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Adds a role to the authenticated user. If the user is not logged in,
+ * the role will be added to a list of roles that will be granted to the
+ * user upon successful authentication, but only during the authentication
+ * process.
+ *
+ * @param role The name of the role to add
+ */
+ public boolean addRole(String role)
+ {
+ if (role == null || "".equals(role)) return false;
+
+ if (!isLoggedIn())
+ {
+ preAuthenticationRoles.add(role);
+ return false;
+ }
+ else
+ {
+ for ( Group sg : getSubject().getPrincipals(Group.class) )
+ {
+ if ( ROLES_GROUP.equals( sg.getName() ) )
+ {
+ return sg.addMember(new Role(role));
+ }
+ }
+
+ SimpleGroup roleGroup = new SimpleGroup(ROLES_GROUP);
+ roleGroup.addMember(new Role(role));
+ getSubject().getPrincipals().add(roleGroup);
+ return true;
+ }
+ }
+
+ /**
+ * Removes a role from the authenticated user
+ *
+ * @param role The name of the role to remove
+ */
+ public void removeRole(String role)
+ {
+ for ( Group sg : getSubject().getPrincipals(Group.class) )
+ {
+ if ( ROLES_GROUP.equals( sg.getName() ) )
+ {
+ Enumeration<?> e = sg.members();
+ while (e.hasMoreElements())
+ {
+ Principal member = (Principal) e.nextElement();
+ if (member.getName().equals(role))
+ {
+ sg.removeMember(member);
+ break;
+ }
+ }
+
+ }
+ }
+ }
+
+ /**
+ * Checks that the current authenticated user is a member of
+ * the specified role.
+ *
+ * @param role String The name of the role to check
+ * @throws AuthorizationException if the authenticated user is not a member of the role
+ */
+ public void checkRole(String role)
+ {
+ tryLogin();
+
+ if ( !hasRole(role) )
+ {
+ if ( !isLoggedIn() )
+ {
+ manager.fireEvent(new NotLoggedInEvent());
+ throw new NotLoggedInException();
+ }
+ else
+ {
+ manager.fireEvent(new NotAuthorizedEvent());
+ throw new AuthorizationException(String.format(
+ "Authorization check failed for role [%s]", role));
+ }
+ }
+ }
+
+ public void checkPermission(Object target, String action)
+ {
+ if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return;
+
+ tryLogin();
+
+ if ( !hasPermission(target, action) )
+ {
+ if ( !isLoggedIn() )
+ {
+ manager.fireEvent(new NotLoggedInEvent());
+ throw new NotLoggedInException();
+ }
+ else
+ {
+ manager.fireEvent(new NotAuthorizedEvent());
+ throw new AuthorizationException(String.format(
+ "Authorization check failed for permission[%s,%s]", target, action));
+ }
+ }
+ }
+
+ public void filterByPermission(Collection<?> collection, String action)
+ {
+ permissionMapper.filterByPermission(collection, action);
+ }
+
+ public boolean hasPermission(Object target, String action)
+ {
+ if (!securityEnabled) return true;
+ if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return true;
+ if (permissionMapper == null) return false;
+ if (target == null) return false;
+
+ return permissionMapper.resolvePermission(target, action);
+ }
+
+ /**
+ * Evaluates the specified security expression, which must return a boolean
+ * value.
+ *
+ * @param expr String The expression to evaluate
+ * @return boolean The result of the expression evaluation
+ */
+ /*
+ protected boolean evaluateExpression(String expr)
+ {
+ return expressions.createValueExpression(expr, Boolean.class).getValue();
+ }*/
+
+ public String getJaasConfigName()
+ {
+ return jaasConfigName;
+ }
+
+ public void setJaasConfigName(String jaasConfigName)
+ {
+ this.jaasConfigName = jaasConfigName;
+ }
+
+ public synchronized void runAs(RunAsOperation operation)
+ {
+ Principal savedPrincipal = getPrincipal();
+ Subject savedSubject = getSubject();
+
+ try
+ {
+ principal = operation.getPrincipal();
+ subject = operation.getSubject();
+
+ if (systemOp == null)
+ {
+ systemOp = new ThreadLocal<Boolean>();
+ }
+
+ systemOp.set(operation.isSystemOperation());
+
+ operation.execute();
+ }
+ finally
+ {
+ systemOp.set(false);
+ principal = savedPrincipal;
+ subject = savedSubject;
+ }
+ }
+}
Modified: modules/security/trunk/pom.xml
===================================================================
--- modules/security/trunk/pom.xml 2010-04-13 08:51:07 UTC (rev 12445)
+++ modules/security/trunk/pom.xml 2010-04-13 09:09:07 UTC (rev 12446)
@@ -16,7 +16,8 @@
<name>Seam Security Parent</name>
<modules>
- <module>core</module>
+ <module>api</module>
+ <module>impl</module>
<!--module>docs</module-->
<module>examples/seamspace</module>
</modules>
@@ -59,10 +60,16 @@
</dependency>
<dependency>
- <groupId>org.drools</groupId>
- <artifactId>drools-core</artifactId>
- <version>5.1.0.M1</version>
+ <groupId>org.jboss.seam.drools</groupId>
+ <artifactId>seam-drools-core</artifactId>
+ <version>3.0.0-SNAPSHOT</version>
</dependency>
+
+ <dependency>
+ <groupId>org.jboss.seam</groupId>
+ <artifactId>seam-persistence</artifactId>
+ <version>3.0.0-SNAPSHOT</version>
+ </dependency>
<dependency>
<groupId>org.hibernate</groupId>
16 years
- 1
- 0
Seam SVN: r12445 - branches/community/Seam_2_2/src/test/ftest/seamgen.
by seam-commits@lists.jboss.org
Author: mgencur(a)redhat.com
Date: 2010-04-13 04:51:07 -0400 (Tue, 13 Apr 2010)
New Revision: 12445
Modified:
branches/community/Seam_2_2/src/test/ftest/seamgen/build.xml
Log:
fixed testng import - to testng-jdk15.jar
Modified: branches/community/Seam_2_2/src/test/ftest/seamgen/build.xml
===================================================================
--- branches/community/Seam_2_2/src/test/ftest/seamgen/build.xml 2010-04-13 08:45:08 UTC (rev 12444)
+++ branches/community/Seam_2_2/src/test/ftest/seamgen/build.xml 2010-04-13 08:51:07 UTC (rev 12445)
@@ -45,7 +45,7 @@
<path id="classpath.build">
<fileset dir="${root.lib.dir}">
- <include name="testng.jar"/>
+ <include name="testng-jdk15.jar"/>
</fileset>
<fileset dir="${ftest.lib.dir}" includes="**/*.jar" />
</path>
16 years
- 1
- 0
Seam SVN: r12444 - branches/community/Seam_2_2/src/test/ftest/seamgen.
by seam-commits@lists.jboss.org
Author: mgencur(a)redhat.com
Date: 2010-04-13 04:45:08 -0400 (Tue, 13 Apr 2010)
New Revision: 12444
Modified:
branches/community/Seam_2_2/src/test/ftest/seamgen/build.xml
Log:
copying of webdriver resources for seamgen
Modified: branches/community/Seam_2_2/src/test/ftest/seamgen/build.xml
===================================================================
--- branches/community/Seam_2_2/src/test/ftest/seamgen/build.xml 2010-04-13 08:25:19 UTC (rev 12443)
+++ branches/community/Seam_2_2/src/test/ftest/seamgen/build.xml 2010-04-13 08:45:08 UTC (rev 12444)
@@ -71,6 +71,10 @@
<ant antfile="${ftest.dir}/examples/build.xml" target="copy.selenium" />
</target>
+ <target name="copy.webdriver">
+ <ant antfile="${ftest.dir}/examples/build.xml" target="copy.webdriver" />
+ </target>
+
<target name="build" depends="build.common" description="Compiles the Test">
<mkdir dir="${classes.dir}" />
<javac srcdir="${src.dir}" destdir="${classes.dir}" classpathref="classpath.build" debug="true" />
@@ -81,7 +85,7 @@
</copy>
</target>
- <target name="build.common" depends="copy.selenium" description="Compiles the common selenium test code">
+ <target name="build.common" depends="copy.selenium, copy.webdriver" description="Compiles the common selenium test code">
<mkdir dir="${classes.dir}" />
<javac srcdir="${common.src.dir}" destdir="${classes.dir}" classpathref="classpath.build" debug="true" />
<copy todir="${classes.dir}">
16 years
- 1
- 0
Seam SVN: r12443 - modules/faces/trunk/docs/reference/src/main/docbook/en-US.
by seam-commits@lists.jboss.org
Author: nickarls
Date: 2010-04-13 04:25:19 -0400 (Tue, 13 Apr 2010)
New Revision: 12443
Added:
modules/faces/trunk/docs/reference/src/main/docbook/en-US/events.xml
Log:
docs for jsf phase events
Added: modules/faces/trunk/docs/reference/src/main/docbook/en-US/events.xml
===================================================================
--- modules/faces/trunk/docs/reference/src/main/docbook/en-US/events.xml (rev 0)
+++ modules/faces/trunk/docs/reference/src/main/docbook/en-US/events.xml 2010-04-13 08:25:19 UTC (rev 12443)
@@ -0,0 +1,160 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" []>
+<chapter id="events">
+ <title>JSF event propagation</title>
+ <para>
+ By including the seam-faces module in your web application you will also have the
+ JSF events propagated to the CDI event bridge so you can observe them in your beans.
+ The event bridge works by installing JSF listeners at appropriate extension points and
+ firing events on the BeanManager with associated qualifiers, passing along the event object.
+ There are two categories of events, JSF phase events and JSF system events.
+ </para>
+
+ <section id="events.installation">
+ <title>Installation</title>
+ <para>
+ The event bridges are installed automatically by including the seam-faces.jar and seam-faces-api.jar
+ in the web application library folder. If you are using Maven as your build tool, you can add the
+ following dependency:
+ </para>
+ <programlisting role="XML"><![CDATA[
+ <dependency>
+ <groupId>org.jboss.seam</groupId>
+ <artifactId>seam-faces</artifactId>
+ <version>3.0.0-SNAPSHOT</version>
+ </dependency>]]></programlisting>
+ </section>
+ <section id="events.phases">
+ <title>JSF phases events</title>
+ <para>
+ A JSF phase listener is a class that implements the <literal>javax.faces.event.PhaseListener</literal> and
+ is registered in the web applications <literal>faces-config.xml</literal>. By implementing the methods of the
+ interfaces, the user can observe events fired before or after any of the six lifecycle phases of a JSF request:
+ <literal>restore view</literal>, <literal>apply request values</literal>, <literal>process validations</literal>,
+ <literal>update model values</literal>, <literal>invoke application</literal> or <literal>render view</literal>.
+ </para>
+ <para>
+ Instead of registering your own phase listener, you can use the seam-faces module to have the events propagated
+ to the CDI event bus where they can be observed using the normal CDI <literal>@Observes</literal> methods. Bringing
+ the events to your beans saves you the trouble of registering your own phase listeners and gives you the added
+ benfit of injection, alternatives, interceptors and other features of CDI you already have available in your beans!
+ </para>
+ <para>
+ CDI observation works by providing a method in a managed bean that has a method parameter annotated
+ <literal>@Observes</literal>. This method parameter is the event object passed along when firing the event and
+ can be further narrowed down by adding qualifiers. The naming of the method itself is not significant.
+ See the Seam Reference Guide for more information on events and observing.
+ </para>
+ <para>
+ The event object passed along from the phase listener is a <literal>javax.faces.event.PhaseEvent</literal>. So if
+ you would like to observe the full spectrum of events propagated you would write the following method in your
+ observer bean
+ <programlisting role="Java">
+ public void observeAll(@Observes PhaseEvent e)
+ {
+ // Do something with the event object
+ }
+ </programlisting>
+ </para>
+ <para>
+ Since the example above flushes you with a lot of events you have to sort out yourself, you might want to
+ consider flitering them out a bit. We mentioned that there are six phases in the JSF lifecycle and each of
+ these phases fire one event before executing and one after. This will result in 12 events fired, six
+ "before" and six "after" events which have their corresponding temportal qualifiers <literal>@Before</literal> and
+ <literal>@After</literal>. In order to split out the events into these categories, you would write two
+ observer methods like
+ <programlisting role="Java">
+ public void observeBefore(@Observes @Before PhaseEvent e)
+ {
+ // Do something with the "before" event object
+ }
+
+ public void observeAfter(@Observes @After PhaseEvent e)
+ {
+ // Do something with the "after" event object
+ }
+ </programlisting>
+ </para>
+ <para>
+ If you are interested in both the "before" and "after" event of a particular phase, you can limit them
+ by adding a lifecycle qualifer that corresponds to the phase:
+ <programlisting role="Java">
+ public void observeRenderResponse(@Observes @RenderResponse PhaseEvent e)
+ {
+ // Do something with the "render response" event object
+ }
+ </programlisting>
+ </para>
+ <para>
+ By combining a temporal qualifier with a lifecycel one you can achieve the tightest qualification:
+ <programlisting role="Java">
+ public void observeBeforeRenderResponse(@Observes @Before @RenderResponse PhaseEvent e)
+ {
+ // Do something with the "before render response" event object
+ }
+ </programlisting>
+ </para>
+ <para>
+ This is the full list of temporal and lifecycle qualifers
+ <informaltable>
+ <tgroup cols="3">
+ <colspec colnum="1" colwidth="1*" />
+ <colspec colnum="2" colwidth="1*" />
+ <colspec colnum="3" colwidth="3*" />
+ <thead>
+ <row>
+ <entry>Qualifier</entry>
+ <entry>Type</entry>
+ <entry>Description</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>@Before</entry>
+ <entry>temporal</entry>
+ <entry>Qualifies events before lifecycle phases</entry>
+ </row>
+ <row>
+ <entry>@After</entry>
+ <entry>temporal</entry>
+ <entry>Qualifies events after lifecycle phases</entry>
+ </row>
+ <row>
+ <entry>@RestoreView</entry>
+ <entry>lifecycle</entry>
+ <entry>Qualifies events from the "restore view" phase</entry>
+ </row>
+ <row>
+ <entry>@ApplyRequestValues</entry>
+ <entry>lifecycle</entry>
+ <entry>Qualifies events from the "apply request values" phase</entry>
+ </row>
+ <row>
+ <entry>@ProcessValidations</entry>
+ <entry>lifecycle</entry>
+ <entry>Qualifies events from the "process validations" phase</entry>
+ </row>
+ <row>
+ <entry>@UpdateModelValues</entry>
+ <entry>lifecycle</entry>
+ <entry>Qualifies events from the "update model values" phase</entry>
+ </row>
+ <row>
+ <entry>@InvokeApplication</entry>
+ <entry>lifecycle</entry>
+ <entry>Qualifies events from the "invoke application" phase</entry>
+ </row>
+ <row>
+ <entry>@RenderResponse</entry>
+ <entry>lifecycle</entry>
+ <entry>Qualifies events from the "render response" phase</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+ The event object is always a <literal>javax.faces.event.PhaseEvent</literal> and according to the general
+ CDI principle, filtering is tightened by adding qualifiers and loosened by omitting them.
+ </para>
+ </section>
+</chapter>
\ No newline at end of file
16 years
- 1
- 0
Seam SVN: r12442 - modules/faces/trunk/docs/reference/src/main/docbook/en-US.
by seam-commits@lists.jboss.org
Author: nickarls
Date: 2010-04-13 04:24:43 -0400 (Tue, 13 Apr 2010)
New Revision: 12442
Modified:
modules/faces/trunk/docs/reference/src/main/docbook/en-US/master.xml
Log:
docs for jsf phase events
Modified: modules/faces/trunk/docs/reference/src/main/docbook/en-US/master.xml
===================================================================
--- modules/faces/trunk/docs/reference/src/main/docbook/en-US/master.xml 2010-04-13 06:30:19 UTC (rev 12441)
+++ modules/faces/trunk/docs/reference/src/main/docbook/en-US/master.xml 2010-04-13 08:24:43 UTC (rev 12442)
@@ -8,6 +8,7 @@
<toc />
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="preface.xml" />
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="events.xml" />
<!--
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="chapterXX.xml" />
16 years
- 1
- 0
Seam SVN: r12441 - in modules/faces/trunk/impl: src/main/java/org/jboss/seam/faces/cdi and 1 other directories.
by seam-commits@lists.jboss.org
Author: nickarls
Date: 2010-04-13 02:30:19 -0400 (Tue, 13 Apr 2010)
New Revision: 12441
Added:
modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/BeanManagerProvider.java
modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/JndiBeanManagerProvider.java
modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/ServletContextBeanManagerProvider.java
Modified:
modules/faces/trunk/impl/pom.xml
modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/BeanManagerAware.java
modules/faces/trunk/impl/src/main/resources/META-INF/faces-config.xml
Log:
BeanManager providers for lookup, start with ServletContext attribute, fallback to JNDI
Modified: modules/faces/trunk/impl/pom.xml
===================================================================
--- modules/faces/trunk/impl/pom.xml 2010-04-13 06:23:47 UTC (rev 12440)
+++ modules/faces/trunk/impl/pom.xml 2010-04-13 06:30:19 UTC (rev 12441)
@@ -33,6 +33,13 @@
<dependencies>
<dependency>
+ <!-- Required until the Servlet 3.0 API can be resolved in Central -->
+ <groupId>org.glassfish</groupId>
+ <artifactId>javax.servlet</artifactId>
+ <version>3.0</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
<artifactId>seam-faces-api</artifactId>
<groupId>org.jboss.seam.faces</groupId>
<version>${project.version}</version>
Modified: modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/BeanManagerAware.java
===================================================================
--- modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/BeanManagerAware.java 2010-04-13 06:23:47 UTC (rev 12440)
+++ modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/BeanManagerAware.java 2010-04-13 06:30:19 UTC (rev 12441)
@@ -26,27 +26,25 @@
import javax.enterprise.inject.spi.BeanManager;
import javax.inject.Inject;
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
/**
+ * Super-class for listeners that need a reference to the BeanManager
*
* @author Nicklas Karlsson
- *
*/
public class BeanManagerAware
{
@Inject
BeanManager beanManager;
- // FIXME: hack to work around invalid binding in JBoss AS 6 M2
- private static final List<String> beanManagerLocations;
+ private static final List<BeanManagerProvider> beanManagerProviders;
static
{
- beanManagerLocations = new ArrayList<String>();
- beanManagerLocations.add("java:comp/BeanManager");
- beanManagerLocations.add("java:app/BeanManager");
+ beanManagerProviders = new ArrayList<BeanManagerProvider>();
+ beanManagerProviders.add(ServletContextBeanManagerProvider.DEFAULT);
+ beanManagerProviders.add(JndiBeanManagerProvider.DEFAULT);
+ beanManagerProviders.add(JndiBeanManagerProvider.JBOSS_HACK);
}
protected BeanManager getBeanManager()
@@ -60,17 +58,17 @@
private BeanManager lookupBeanManager()
{
- for (String location : beanManagerLocations)
+ BeanManager result = null;
+
+ for (BeanManagerProvider provider : beanManagerProviders)
{
- try
+ result = provider.getBeanManager();
+ if (result != null)
{
- return (BeanManager) new InitialContext().lookup(location);
+ break;
}
- catch (NamingException e)
- {
- // No panic, keep trying
- }
}
- throw new IllegalArgumentException("Could not find BeanManager in " + beanManagerLocations);
+ return result;
}
+
}
Added: modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/BeanManagerProvider.java
===================================================================
--- modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/BeanManagerProvider.java (rev 0)
+++ modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/BeanManagerProvider.java 2010-04-13 06:30:19 UTC (rev 12441)
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.faces.cdi;
+
+import javax.enterprise.inject.spi.BeanManager;
+
+/**
+ * Provider for obtaining a BeanManager
+ *
+ * @author Nicklas Karlsson
+ *
+ */
+public interface BeanManagerProvider
+{
+ /**
+ * Try to obtain a BeanManager
+ *
+ * @return The BeanManager (or null if non found at this location)
+ */
+ public abstract BeanManager getBeanManager();
+}
Added: modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/JndiBeanManagerProvider.java
===================================================================
--- modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/JndiBeanManagerProvider.java (rev 0)
+++ modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/JndiBeanManagerProvider.java 2010-04-13 06:30:19 UTC (rev 12441)
@@ -0,0 +1,60 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.faces.cdi;
+
+import javax.enterprise.inject.spi.BeanManager;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+
+/**
+ * A BeanManager provider for JNDI contexts
+ *
+ * @author Nicklas Karlsson
+ *
+ */
+public class JndiBeanManagerProvider implements BeanManagerProvider
+{
+ private String location;
+
+ public static final JndiBeanManagerProvider DEFAULT = new JndiBeanManagerProvider("java:comp/BeanManager");
+ public static final JndiBeanManagerProvider JBOSS_HACK = new JndiBeanManagerProvider("java:app/BeanManager");
+
+ protected JndiBeanManagerProvider(String location)
+ {
+ this.location = location;
+ }
+
+ @Override
+ public BeanManager getBeanManager()
+ {
+ try
+ {
+ return (BeanManager) new InitialContext().lookup(location);
+ }
+ catch (NamingException e)
+ {
+ // No panic, it's just not there
+ }
+ return null;
+ }
+
+}
Added: modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/ServletContextBeanManagerProvider.java
===================================================================
--- modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/ServletContextBeanManagerProvider.java (rev 0)
+++ modules/faces/trunk/impl/src/main/java/org/jboss/seam/faces/cdi/ServletContextBeanManagerProvider.java 2010-04-13 06:30:19 UTC (rev 12441)
@@ -0,0 +1,45 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.faces.cdi;
+
+import javax.enterprise.inject.spi.BeanManager;
+import javax.faces.context.FacesContext;
+import javax.servlet.ServletContext;
+
+/**
+ * A BeanManager provider for the Servlet Context attribute "javax.enterprise.inject.spi.BeanManager"
+ *
+ * @author Nicklas Karlsson
+ *
+ */
+public class ServletContextBeanManagerProvider implements BeanManagerProvider
+{
+ public static final ServletContextBeanManagerProvider DEFAULT = new ServletContextBeanManagerProvider();
+
+ @Override
+ public BeanManager getBeanManager()
+ {
+ ServletContext servletContext = (ServletContext) FacesContext.getCurrentInstance().getExternalContext();
+ return (BeanManager) servletContext.getAttribute(BeanManager.class.getName());
+ }
+
+}
Modified: modules/faces/trunk/impl/src/main/resources/META-INF/faces-config.xml
===================================================================
--- modules/faces/trunk/impl/src/main/resources/META-INF/faces-config.xml 2010-04-13 06:23:47 UTC (rev 12440)
+++ modules/faces/trunk/impl/src/main/resources/META-INF/faces-config.xml 2010-04-13 06:30:19 UTC (rev 12441)
@@ -1,30 +1,8 @@
-<!--
-JBoss, Home of Professional Open Source
-Copyright 2010, Red Hat, Inc., and individual contributors
-by the @authors tag. See the copyright.txt in the distribution for a
-full listing of individual contributors.
-
-This is free software; you can redistribute it and/or modify it
-under the terms of the GNU Lesser General Public License as
-published by the Free Software Foundation; either version 2.1 of
-the License, or (at your option) any later version.
-
-This software is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-Lesser General Public License for more details.
-
-You should have received a copy of the GNU Lesser General Public
-License along with this software; if not, write to the Free
-Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-02110-1301 USA, or see the FSF site: http://www.fsf.org.
--->
<?xml version="1.0" encoding="UTF-8"?>
<faces-config xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
- version="2.0"
- id="seam3">
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
+ version="2.0" id="seam3">
<name>seam3</name>
@@ -36,8 +14,8 @@
<lifecycle>
<phase-listener>org.jboss.seam.faces.context.FlashScopedContext</phase-listener>
- <phase-listener>org.jboss.seam.faces.event.DelegatingPhaseListener</phase-listener>
- </lifecycle>
+ <phase-listener>org.jboss.seam.faces.event.DelegatingPhaseListener</phase-listener>
+ </lifecycle>
<application>
<system-event-listener>
@@ -64,7 +42,7 @@
<system-event-listener-class>org.jboss.seam.faces.event.DelegatingSystemEventListener</system-event-listener-class>
<system-event-class>javax.faces.event.PreDestroyCustomScopeEvent</system-event-class>
</system-event-listener>
- </application>
+ </application>
<component>
<component-type>org.jboss.seam.faces.ViewAction</component-type>
16 years
- 1
- 0