Author: shane.bryzak(a)jboss.com Date: 2010-07-14 23:15:53 -0400 (Wed, 14 Jul 2010) New Revision: 13399 Modified: modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java modules/security/trunk/api/src/main/java/org/jboss/seam/security/events/LoggedInEvent.java modules/security/trunk/api/src/main/java/org/jboss/seam/security/events/PostLoggedOutEvent.java modules/security/trunk/api/src/main/java/org/jboss/seam/security/permission/IdentifierStrategy.java modules/security/trunk/examples/idmconsole/src/main/resources/import.sql modules/security/trunk/impl/src/main/java/org/jboss/seam/security/EntitySecurityListener.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/HibernateSecurityInterceptor.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/JpaTokenStore.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/NotLoggedInException.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/RememberMe.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/RunAsOperation.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/SecurityException.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/SecurityInterceptor.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/jaas/SeamLoginModule.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/IdentityManagerImpl.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/RoleAction.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/ClassIdentifierStrategy.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/EntityIdentifierStrategy.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/IdentifierPolicy.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PermissionManager.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PermissionMapper.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PersistentPermissionResolver.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/RoleCheck.java modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/RuleBasedPermissionResolver.java Log: refactored Identity, fix compiler warnings Modified: modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java =================================================================== --- modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -5,6 +5,8 @@ import javax.security.auth.Subject; +import org.picketlink.idm.api.User; + /** * API for authorization and authentication via Seam security. * @@ -29,20 +31,13 @@ boolean tryLogin(); /** - * Return the currently authenticated Principal + * Returns the currently authenticated user * * @return */ - Principal getPrincipal(); + User getUser(); /** - * Return the Subject for the current session. - * - * @return - */ - Subject getSubject(); - - /** * Performs an authorization check, based on the specified security expression string. * * @param expr The security expression string to evaluate Modified: modules/security/trunk/api/src/main/java/org/jboss/seam/security/events/LoggedInEvent.java =================================================================== --- modules/security/trunk/api/src/main/java/org/jboss/seam/security/events/LoggedInEvent.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/api/src/main/java/org/jboss/seam/security/events/LoggedInEvent.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -1,6 +1,6 @@ package org.jboss.seam.security.events; -import java.security.Principal; +import org.picketlink.idm.api.User; /** * This event is raised when user successfully logs in. @@ -9,15 +9,15 @@ */ public class LoggedInEvent { - private Principal principal; + private User user; - public LoggedInEvent(Principal principal) + public LoggedInEvent(User user) { - this.principal = principal; + this.user = user; } - public Principal getPrincipal() + public User getUser() { - return principal; + return user; } } Modified: modules/security/trunk/api/src/main/java/org/jboss/seam/security/events/PostLoggedOutEvent.java =================================================================== --- modules/security/trunk/api/src/main/java/org/jboss/seam/security/events/PostLoggedOutEvent.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/api/src/main/java/org/jboss/seam/security/events/PostLoggedOutEvent.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -1,6 +1,6 @@ package org.jboss.seam.security.events; -import java.security.Principal; +import org.picketlink.idm.api.User; /** * This event is raised just after the user unauthenticates @@ -9,15 +9,15 @@ */ public class PostLoggedOutEvent { - private Principal principal; + private User user; - public PostLoggedOutEvent(Principal principal) + public PostLoggedOutEvent(User user) { - this.principal = principal; + this.user = user; } - public Principal getPrincipal() + public User getUser() { - return principal; + return user; } } Modified: modules/security/trunk/api/src/main/java/org/jboss/seam/security/permission/IdentifierStrategy.java =================================================================== --- modules/security/trunk/api/src/main/java/org/jboss/seam/security/permission/IdentifierStrategy.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/api/src/main/java/org/jboss/seam/security/permission/IdentifierStrategy.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -7,6 +7,6 @@ */ public interface IdentifierStrategy { - boolean canIdentify(Class targetClass); + boolean canIdentify(Class<?> targetClass); String getIdentifier(Object target); } Modified: modules/security/trunk/examples/idmconsole/src/main/resources/import.sql =================================================================== --- modules/security/trunk/examples/idmconsole/src/main/resources/import.sql 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/examples/idmconsole/src/main/resources/import.sql 2010-07-15 03:15:53 UTC (rev 13399) @@ -13,4 +13,4 @@ insert into IdentityObjectRelationshipType (id, name) values (1, 'MEMBER_OF'); insert into IdentityObjectRelationshipType (id, name) values (2, 'ROLE'); -insert into IdentityObjectRelationship (id, name, relationship_type_id, identity_from_id, identity_to_id) values (1, 'admin', 2, 1, 3); +insert into IdentityObjectRelationship (id, name, relationship_type_id, from_identity_id, to_identity_id) values (1, 'admin', 2, 1, 3); Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/EntitySecurityListener.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/EntitySecurityListener.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/EntitySecurityListener.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -1,5 +1,5 @@ package org.jboss.seam.security; - +/* import static org.jboss.seam.security.EntityAction.DELETE; import static org.jboss.seam.security.EntityAction.INSERT; import static org.jboss.seam.security.EntityAction.READ; @@ -9,8 +9,8 @@ import javax.persistence.PrePersist; import javax.persistence.PreRemove; import javax.persistence.PreUpdate; +*/ - /** * Facilitates security checks for entity beans. * Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/HibernateSecurityInterceptor.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/HibernateSecurityInterceptor.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/HibernateSecurityInterceptor.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -1,5 +1,7 @@ package org.jboss.seam.security; +import org.hibernate.EmptyInterceptor; +/* import static org.jboss.seam.security.EntityAction.DELETE; import static org.jboss.seam.security.EntityAction.INSERT; import static org.jboss.seam.security.EntityAction.READ; @@ -7,9 +9,8 @@ import java.io.Serializable; -import org.hibernate.EmptyInterceptor; import org.hibernate.Interceptor; -import org.hibernate.type.Type; +import org.hibernate.type.Type;*/ //import org.jboss.seam.Entity.NotEntityException; /** @@ -20,6 +21,8 @@ */ public class HibernateSecurityInterceptor extends EmptyInterceptor { + private static final long serialVersionUID = 4418010755107869488L; + /* private Interceptor wrappedInterceptor; Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -42,6 +42,7 @@ import org.jboss.seam.security.events.QuietLoginEvent; import org.jboss.seam.security.management.IdentityManager; import org.jboss.seam.security.permission.PermissionMapper; +import org.picketlink.idm.api.User; import org.picketlink.idm.impl.api.PasswordCredential; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -69,8 +70,9 @@ @Inject Instance<RequestSecurityState> requestSecurityState; - private Principal principal; + private User user; private Subject subject; + private String jaasConfigName = null; /** @@ -103,12 +105,6 @@ * Flag that indicates we are in the process of authenticating */ private boolean authenticating = false; - - @Inject - public void create() - { - subject = new Subject(); - } public static boolean isSecurityEnabled() { @@ -122,13 +118,13 @@ public boolean isLoggedIn() { - // If there is a principal set, then the user is logged in. - return getPrincipal() != null; + // If there is a user set, then the user is logged in. + return user != null; } public boolean tryLogin() { - if (!authenticating && getPrincipal() == null && credentials.isSet() && + if (!authenticating && getUser() == null && credentials.isSet() && !requestSecurityState.get().isLoginTried()) { requestSecurityState.get().setLoginTried(true); @@ -137,17 +133,7 @@ return isLoggedIn(); } - - public Principal getPrincipal() - { - return principal; - } - public Subject getSubject() - { - return subject; - } - /** * Performs an authorization check, based on the specified security expression. * @@ -219,7 +205,7 @@ // and then return. if (requestSecurityState.get().isSilentLogin()) { - manager.fireEvent(new LoggedInEvent(principal)); + manager.fireEvent(new LoggedInEvent(user)); return "loggedIn"; } @@ -239,7 +225,7 @@ log.debug("Login successful for: " + credentials); } - manager.fireEvent(new LoggedInEvent(principal)); + manager.fireEvent(new LoggedInEvent(user)); return "loggedIn"; } catch (LoginException ex) @@ -293,7 +279,7 @@ // If we're already authenticated, then don't authenticate again if (!isLoggedIn() && !credentials.isInvalid()) { - principal = null; + user = null; subject = new Subject(); authenticate( getLoginContext() ); } @@ -330,20 +316,20 @@ } /** - * Extracts the principal from the subject, and populates the roles of the - * authenticated user. This method may be overridden by a subclass if + * Extracts the principal from the subject, and uses it to create the User object. + * This method may be overridden by a subclass if * different post-authentication logic should occur. */ protected void postAuthenticate() { // Populate the working memory with the user's principals - for ( Principal p : getSubject().getPrincipals() ) + for ( Principal p : subject.getPrincipals() ) { if ( !(p instanceof Group)) { - if (principal == null) + if (user == null) { - principal = p; + user = new UserImpl(p.getName()); break; } } @@ -387,17 +373,16 @@ */ public void unAuthenticate() { - principal = null; - subject = new Subject(); + user = null; credentials.clear(); } protected LoginContext getLoginContext() throws LoginException - { + { if (getJaasConfigName() != null) { - return new LoginContext(getJaasConfigName(), getSubject(), + return new LoginContext(getJaasConfigName(), subject, createCallbackHandler()); } @@ -405,7 +390,7 @@ Bean<Configuration> configBean = (Bean<Configuration>) manager.getBeans(Configuration.class).iterator().next(); Configuration config = (Configuration) manager.getReference(configBean, Configuration.class, manager.createCreationalContext(configBean)); - return new LoginContext(JaasConfiguration.DEFAULT_JAAS_CONFIG_NAME, getSubject(), + return new LoginContext(JaasConfiguration.DEFAULT_JAAS_CONFIG_NAME, subject, createCallbackHandler(), config); } @@ -481,7 +466,7 @@ { if (isLoggedIn()) { - PostLoggedOutEvent loggedOutEvent = new PostLoggedOutEvent(principal); + PostLoggedOutEvent loggedOutEvent = new PostLoggedOutEvent(user); manager.fireEvent(new PreLoggedOutEvent()); unAuthenticate(); @@ -657,28 +642,27 @@ public synchronized void runAs(RunAsOperation operation) { - Principal savedPrincipal = getPrincipal(); - Subject savedSubject = getSubject(); + User savedUser = getUser(); + if (systemOp == null) + { + systemOp = new ThreadLocal<Boolean>(); + } + + boolean savedSystemOp = systemOp.get(); + try { - principal = operation.getPrincipal(); - subject = operation.getSubject(); + user = operation.getUser(); - if (systemOp == null) - { - systemOp = new ThreadLocal<Boolean>(); - } - systemOp.set(operation.isSystemOperation()); operation.execute(); } finally { - systemOp.set(false); - principal = savedPrincipal; - subject = savedSubject; + systemOp.set(savedSystemOp); + user = savedUser; } } @@ -687,4 +671,9 @@ // TODO Auto-generated method stub } + + public User getUser() + { + return user; + } } Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/JpaTokenStore.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/JpaTokenStore.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/JpaTokenStore.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -10,8 +10,8 @@ import javax.persistence.NoResultException; import javax.persistence.Query; -import org.jboss.seam.security.annotations.TokenUsername; -import org.jboss.seam.security.annotations.TokenValue; +//import org.jboss.seam.security.annotations.TokenUsername; +//import org.jboss.seam.security.annotations.TokenValue; import org.jboss.weld.extensions.util.properties.Property; /** Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/NotLoggedInException.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/NotLoggedInException.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/NotLoggedInException.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -1,11 +1,11 @@ package org.jboss.seam.security; -//import javax.ejb.ApplicationException; - /** * Thrown when an unauthenticated user attempts to execute a restricted action. * * @author Shane Bryzak */ -//@ApplicationException(rollback=true) -public class NotLoggedInException extends SecurityException {} +public class NotLoggedInException extends SecurityException +{ + private static final long serialVersionUID = -2708471484839030465L; +} Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/RememberMe.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/RememberMe.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/RememberMe.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -325,6 +325,7 @@ boolean value; } + /* private class DecodedToken { private String username; @@ -356,5 +357,5 @@ { return value; } - } + }*/ } Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/RunAsOperation.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/RunAsOperation.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/RunAsOperation.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -5,6 +5,8 @@ import javax.security.auth.Subject; +import org.picketlink.idm.api.User; + /** * Defines a security operation that can be executed within a particular * security context. @@ -13,15 +15,12 @@ */ public abstract class RunAsOperation { - private Principal principal; - private Subject subject; + private User user; private boolean systemOp = false; public RunAsOperation() { - //principal = new SimplePrincipal(null); - subject = new Subject(); } /** @@ -37,26 +36,23 @@ public abstract void execute(); - public Principal getPrincipal() + public User getUser() { - return principal; + return user; } - public Subject getSubject() - { - return subject; - } - public RunAsOperation addRole(String role) { - for ( Group sg : getSubject().getPrincipals(Group.class) ) + // FIXME this all has to change + + /*for ( Group sg : getSubject().getPrincipals(Group.class) ) { if ( IdentityImpl.ROLES_GROUP.equals( sg.getName() ) ) { //sg.addMember(new SimplePrincipal(role)); break; } - } + }*/ // TODO fix this //SimpleGroup roleGroup = new SimpleGroup(IdentityImpl.ROLES_GROUP); Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/SecurityException.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/SecurityException.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/SecurityException.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -9,6 +9,8 @@ */ public abstract class SecurityException extends RuntimeException { + private static final long serialVersionUID = 789326682407249952L; + public SecurityException() { super(); Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/SecurityInterceptor.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/SecurityInterceptor.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/SecurityInterceptor.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -41,6 +41,7 @@ private class Restriction { + @SuppressWarnings("unused") private String expression; private String permissionTarget; Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/jaas/SeamLoginModule.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/jaas/SeamLoginModule.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/jaas/SeamLoginModule.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -16,7 +16,6 @@ import org.jboss.seam.security.callbacks.IdentityCallback; import org.jboss.seam.security.callbacks.IdentityManagerCallback; import org.jboss.seam.security.management.IdentityManager; -import org.picketlink.idm.api.Role; import org.picketlink.idm.impl.api.PasswordCredential; import org.slf4j.Logger; import org.slf4j.LoggerFactory; Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/IdentityManagerImpl.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/IdentityManagerImpl.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/IdentityManagerImpl.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -9,16 +9,14 @@ import javax.enterprise.inject.spi.BeanManager; import javax.inject.Inject; -import org.jboss.seam.transaction.Transactional; import org.jboss.seam.security.GroupImpl; import org.jboss.seam.security.Identity; import org.jboss.seam.security.UserImpl; import org.jboss.seam.security.util.Strings; +import org.jboss.seam.transaction.Transactional; import org.picketlink.idm.api.Credential; import org.picketlink.idm.api.Group; -import org.picketlink.idm.api.IdentitySearchCriteria; import org.picketlink.idm.api.IdentitySession; -import org.picketlink.idm.api.IdentityType; import org.picketlink.idm.api.Role; import org.picketlink.idm.api.RoleType; import org.picketlink.idm.api.User; Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -42,8 +42,8 @@ import org.picketlink.idm.spi.store.FeaturesMetaData; import org.picketlink.idm.spi.store.IdentityStoreInvocationContext; import org.picketlink.idm.spi.store.IdentityStoreSession; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +/*import org.slf4j.Logger; +import org.slf4j.LoggerFactory;*/ /** * IdentityStore implementation that allows identity related data to be @@ -55,7 +55,7 @@ { private static final long serialVersionUID = 7729139146633529501L; - private Logger log = LoggerFactory.getLogger(JpaIdentityStore.class); + //private Logger log = LoggerFactory.getLogger(JpaIdentityStore.class); public static final String OPTION_IDENTITY_CLASS_NAME = "identityEntityClassName"; public static final String OPTION_CREDENTIAL_CLASS_NAME = "credentialEntityClassName"; @@ -1208,7 +1208,7 @@ CriteriaBuilder builder = em.getCriteriaBuilder(); CriteriaQuery<?> criteria = builder.createQuery(identityClass); - Root<?> root = criteria.from(identityClass); + criteria.from(identityClass); Property<?> identityNameProp = modelProperties.get(PROPERTY_IDENTITY_NAME); Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/RoleAction.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/RoleAction.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/RoleAction.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -1,7 +1,6 @@ package org.jboss.seam.security.management.action; import java.io.Serializable; -import java.util.ArrayList; import java.util.List; import javax.enterprise.context.Conversation; @@ -75,7 +74,7 @@ private String saveExistingRole() { - // TODO rewrite + // FIXME rewrite /*List<String> grantedRoles = identityManager.getRoleGroups(role); if (grantedRoles != null) Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/ClassIdentifierStrategy.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/ClassIdentifierStrategy.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/ClassIdentifierStrategy.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -15,24 +15,24 @@ @Dependent public class ClassIdentifierStrategy implements IdentifierStrategy { - private Map<Class,String> identifierNames = new ConcurrentHashMap<Class,String>(); + private Map<Class<?>,String> identifierNames = new ConcurrentHashMap<Class<?>,String>(); - public boolean canIdentify(Class targetClass) + public boolean canIdentify(Class<?> targetClass) { return Class.class.equals(targetClass); } public String getIdentifier(Object target) { - if (!(target instanceof Class)) + if (!(target instanceof Class<?>)) { throw new IllegalArgumentException("Target [" + target + "] must be instance of Class"); } - return getIdentifierName((Class) target); + return getIdentifierName((Class<?>) target); } - private String getIdentifierName(Class cls) + private String getIdentifierName(Class<?> cls) { if (!identifierNames.containsKey(cls)) { Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/EntityIdentifierStrategy.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/EntityIdentifierStrategy.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/EntityIdentifierStrategy.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -19,7 +19,7 @@ */ public class EntityIdentifierStrategy implements IdentifierStrategy { - private Map<Class,String> identifierNames = new ConcurrentHashMap<Class,String>(); + private Map<Class<?>,String> identifierNames = new ConcurrentHashMap<Class<?>,String>(); //@Inject PersistenceProvider persistenceProvider; //@Inject Expressions expressions; @@ -27,22 +27,20 @@ @Inject BeanManager manager; @Inject Instance<EntityManager> entityManagerInstance; - public boolean canIdentify(Class targetClass) + public boolean canIdentify(Class<?> targetClass) { return targetClass.isAnnotationPresent(Entity.class); } public String getIdentifier(Object target) - { - /** - return String.format("%s:%s", getIdentifierName(target.getClass()), - - persistenceProvider.getId(target, lookupEntityManager()).toString()); - */ - return null; + { + return String.format("%s:%s", getIdentifierName(target.getClass()), + // FIXME + null); + //persistenceProvider.getId(target, lookupEntityManager()).toString()); } - private String getIdentifierName(Class cls) + private String getIdentifierName(Class<?> cls) { if (!identifierNames.containsKey(cls)) { @@ -68,11 +66,4 @@ return identifierNames.get(cls); } - - private EntityManager lookupEntityManager() - { - //return entityManager.getValue(); - //return BeanManagerHelper.getInstanceByType(manager, EntityManager.class); - return entityManagerInstance.get(); - } } Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/IdentifierPolicy.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/IdentifierPolicy.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/IdentifierPolicy.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -20,7 +20,7 @@ @ApplicationScoped public class IdentifierPolicy { - private Map<Class,IdentifierStrategy> strategies = new ConcurrentHashMap<Class,IdentifierStrategy>(); + private Map<Class<?>,IdentifierStrategy> strategies = new ConcurrentHashMap<Class<?>,IdentifierStrategy>(); private Set<IdentifierStrategy> registeredStrategies = new HashSet<IdentifierStrategy>(); Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PermissionManager.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PermissionManager.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PermissionManager.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -7,8 +7,8 @@ import javax.inject.Named; import org.jboss.seam.security.Identity; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +/*import org.slf4j.Logger; +import org.slf4j.LoggerFactory;*/ /** * Permission management component, used to grant or revoke permissions on specific objects or of @@ -25,7 +25,7 @@ public static final String PERMISSION_GRANT = "seam.grant-permission"; public static final String PERMISSION_REVOKE = "seam.revoke-permission"; - private Logger log = LoggerFactory.getLogger(PermissionManager.class); + //private Logger log = LoggerFactory.getLogger(PermissionManager.class); @Inject PermissionStore permissionStore; @Inject Identity identity; Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PermissionMapper.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PermissionMapper.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PermissionMapper.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -10,12 +10,10 @@ import java.util.Set; import javax.enterprise.context.ApplicationScoped; -import javax.enterprise.context.SessionScoped; import javax.enterprise.context.spi.CreationalContext; -import javax.inject.Inject; -import javax.enterprise.inject.Produces; import javax.enterprise.inject.spi.Bean; import javax.enterprise.inject.spi.BeanManager; +import javax.inject.Inject; /** * Maps permission checks to resolver chains @@ -27,12 +25,13 @@ { private static final long serialVersionUID = 7692687882996064772L; - private Map<Class<?>,Map<String,String>> resolverChains = new HashMap<Class<?>,Map<String,String>>(); + //private Map<Class<?>,Map<String,String>> resolverChains = new HashMap<Class<?>,Map<String,String>>(); private List<PermissionResolver> defaultResolverChain; @Inject BeanManager manager; + @SuppressWarnings("unchecked") @Inject public void init() { Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PersistentPermissionResolver.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PersistentPermissionResolver.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/PersistentPermissionResolver.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -45,7 +45,7 @@ List<Permission> permissions = permissionStore.listPermissions(target, action); - String username = identity.getPrincipal().getName(); + String username = identity.getUser().getId(); if (permissions != null) { @@ -85,7 +85,7 @@ List<Permission> permissions = permissionStore.listPermissions(targets, action); - String username = identity.getPrincipal().getName(); + String username = identity.getUser().getId(); Iterator<?> iter = targets.iterator(); while (iter.hasNext()) Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/RoleCheck.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/RoleCheck.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/RoleCheck.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -9,6 +9,8 @@ */ public class RoleCheck implements Serializable { + private static final long serialVersionUID = -9129682144406056768L; + private String name; private boolean granted; Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/RuleBasedPermissionResolver.java =================================================================== --- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/RuleBasedPermissionResolver.java 2010-07-15 02:32:37 UTC (rev 13398) +++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/permission/RuleBasedPermissionResolver.java 2010-07-15 03:15:53 UTC (rev 13399) @@ -1,7 +1,6 @@ package org.jboss.seam.security.permission; import java.io.Serializable; -import java.security.Principal; import java.security.acl.Group; import java.util.ArrayList; import java.util.Enumeration; @@ -15,9 +14,8 @@ import javax.enterprise.event.Observes; import org.drools.KnowledgeBase; -import org.drools.RuleBase; -import org.drools.StatefulSession; -import org.drools.ClassObjectFilter; +/*import org.drools.StatefulSession; +import org.drools.ClassObjectFilter;*/ import org.drools.runtime.StatefulKnowledgeSession; import org.drools.runtime.rule.FactHandle; //import org.jboss.seam.drools.SeamGlobalResolver; @@ -25,8 +23,8 @@ import org.jboss.seam.security.IdentityImpl; import org.jboss.seam.security.events.PostLoggedOutEvent; import org.jboss.seam.security.events.PostAuthenticateEvent; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +/*import org.slf4j.Logger; +import org.slf4j.LoggerFactory;*/ /** * A permission resolver that uses a Drools rule base to perform permission checks @@ -38,7 +36,7 @@ { private static final long serialVersionUID = -7572627522601793024L; - private Logger log = LoggerFactory.getLogger(RuleBasedPermissionResolver.class); + //private Logger log = LoggerFactory.getLogger(RuleBasedPermissionResolver.class); private StatefulKnowledgeSession securityContext; @@ -148,6 +146,7 @@ // Check if there are any additional requirements securityContext.fireAllRules(); + /* if (check.hasRequirements()) { for (String requirement : check.getRequirements()) @@ -159,7 +158,7 @@ handles.add (securityContext.insert(value)); } } - } + }*/ synchronizeContext(); @@ -197,18 +196,18 @@ { if (getSecurityContext() != null) { - getSecurityContext().insert(identity.getPrincipal()); + getSecurityContext().insert(identity.getUser()); - for ( Group sg : identity.getSubject().getPrincipals(Group.class) ) +/* for ( Group sg : identity.getSubject().getPrincipals(Group.class) ) { if ( IdentityImpl.ROLES_GROUP.equals( sg.getName() ) ) { Enumeration<?> e = sg.members(); while (e.hasMoreElements()) - { - Principal role = (Principal) e.nextElement(); + {*/ + //Principal role = (Principal) e.nextElement(); - boolean found = false; + //boolean found = false; //Iterator<?> iter = getSecurityContext().getObjects( // new ClassObjectFilter(RoleImpl.class)).iterator(); @@ -230,9 +229,9 @@ getSecurityContext().insert(new RoleImpl(role.getName())); }*/ - } - } - } + // } + // } + // } //Iterator<?> iter = getSecurityContext().getObjects(new ClassObjectFilter(RoleImpl.class)).iterator(); //while (iter.hasNext()) @@ -277,7 +276,7 @@ { if (getSecurityContext() != null) { - getSecurityContext().insert(identity.getPrincipal()); + getSecurityContext().insert(identity.getUser()); // If we were authenticated with the JpaIdentityStore, then insert the authenticated // UserAccount into the security context.