Author: shawkins Date: 2009-04-06 16:21:13 -0400 (Mon, 06 Apr 2009) New Revision: 721 Added: trunk/engine/src/main/java/com/metamatrix/server/ trunk/engine/src/main/java/com/metamatrix/server/serverapi/ Removed: trunk/client/src/main/java/com/metamatrix/platform/security/api/MetaMatrixPrincipalNames.java trunk/common-internal/src/main/java/com/metamatrix/platform/admin/api/MembershipAdminAPI.java trunk/server/src/main/java/com/metamatrix/platform/admin/apiimpl/MembershipAdminAPIImpl.java Modified: trunk/client/src/main/java/com/metamatrix/admin/api/server/ServerSecurityAdmin.java trunk/console/src/main/java/com/metamatrix/console/models/GroupsManager.java trunk/console/src/main/java/com/metamatrix/console/models/ModelManager.java trunk/console/src/main/java/com/metamatrix/console/ui/views/authorization/ProvidersMain.java trunk/console/src/main/java/com/metamatrix/console/ui/views/authorization/SummaryMain.java trunk/console/src/main/java/com/metamatrix/console/ui/views/users/GroupsTabMainPanel.java trunk/console/src/main/java/com/metamatrix/console/ui/views/users/NewGroupsWizardSelectionPanel.java trunk/server/src/main/java/com/metamatrix/admin/server/ServerAdminImpl.java trunk/server/src/main/java/com/metamatrix/admin/server/ServerSecurityAdminImpl.java trunk/server/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java trunk/server/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java trunk/server/src/main/java/com/metamatrix/platform/vm/controller/ProcessController.java trunk/server/src/main/resources/com/metamatrix/admin/util/methodroles.properties Log: TEIID-469 removing membershipadminapi. Modified: trunk/client/src/main/java/com/metamatrix/admin/api/server/ServerSecurityAdmin.java =================================================================== --- trunk/client/src/main/java/com/metamatrix/admin/api/server/ServerSecurityAdmin.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/client/src/main/java/com/metamatrix/admin/api/server/ServerSecurityAdmin.java 2009-04-06 20:21:13 UTC (rev 721) @@ -22,7 +22,9 @@ package com.metamatrix.admin.api.server; +import java.io.Serializable; import java.util.Collection; +import java.util.List; import com.metamatrix.admin.api.core.CoreSecurityAdmin; import com.metamatrix.admin.api.exception.AdminException; @@ -55,7 +57,7 @@ * if there's a system error. * @since 4.3 */ - Collection getRolesForGroup(String groupIdentifier) throws AdminException; + Collection<Role> getRolesForGroup(String groupIdentifier) throws AdminException; /** * Get the Collection of administrative role names possessed by the given user, if any. @@ -64,12 +66,12 @@ * The unique identifier for the user. This is generally a user name. A user is a {@link Principal} and a * Principal name is considered to be unique throughout the MetaMatrix system across all Membership domains. * The {@link AdminObject#WILDCARD WILDCARD} cannot be used here. - * @return The Collection of <code>String</code> role names. + * @return The Collection of {@link Role}s * @throws AdminException * if there's a system error. * @since 4.3 */ - Collection getRolesForUser(String userIdentifier) throws AdminException; + Collection<Role> getRolesForUser(String userIdentifier) throws AdminException; /** * Get the group memberships for the given user. @@ -83,7 +85,7 @@ * if there's a system error. * @since 4.3 */ - Collection getGroupsForUser(String userIdentifier) throws AdminException; + Collection<Group> getGroupsForUser(String userIdentifier) throws AdminException; /** @@ -94,12 +96,12 @@ * a Principal name is considered to be unique throughout the MetaMatrix system across all Membership domains. <br> * Note that by supplying the {@link AdminObject#WILDCARD WILDCARD} identifier, all all users in the system will * retrieved.</br> - * @return The Collection of users. + * @return The Collection of groups. * @throws AdminException * if there's a system error. * @since 4.3 */ - Collection getGroups(String groupIdentifier) throws AdminException; + Collection<Group> getGroups(String groupIdentifier) throws AdminException; /** * Assign to the given {@link Group} the given Administrative Role. @@ -142,11 +144,42 @@ throws AdminException; /** - * Export the data roles defined for the given vdb fromthe current system + * Export the data roles defined for the given vdb from the current system * @param vdbName - Name of the vdb * @param vdbVersion - version of the vdb * @return - char[] stream containing the XML contents of the roles. * @throws AdminException */ char[] exportDataRoles(String vdbName, String vdbVersion) throws AdminException; + + /** + * Authenticate a user with the specified user name and credentials + * for use with the specified application. The application name may also + * be used by the Membership Service to determine the appropriate authentication + * mechanism. + * @param username the user name that is to be authenticated + * @param credential + * @param trustePayload + * @param applicationName the name of the application for which the user + * is authenticating + * @return true if the authentication is successful + * @throws AdminException + */ + boolean authenticateUser(String username, char[] credentials, Serializable trustePayload, String applicationName) throws AdminException; + + /** + * Returns the active authorization provider domain names, in authentication order. + * @return List<String> + * @throws AdminException + */ + List<String> getDomainNames( ) throws AdminException; + + /** + * Return the {@link Group}s for a given domain. The domain name must be an specified + * exactly. See {@link #getActiveDomainNames()} for possible domain names. + * @param domainName + * @return + * @throws AdminException + */ + Collection<Group> getGroupsForDomain(String domainName) throws AdminException; } Deleted: trunk/client/src/main/java/com/metamatrix/platform/security/api/MetaMatrixPrincipalNames.java =================================================================== --- trunk/client/src/main/java/com/metamatrix/platform/security/api/MetaMatrixPrincipalNames.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/client/src/main/java/com/metamatrix/platform/security/api/MetaMatrixPrincipalNames.java 2009-04-06 20:21:13 UTC (rev 721) @@ -1,95 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * See the COPYRIGHT.txt file distributed with this work for information - * regarding copyright ownership. Some portions may be licensed - * to Red Hat, Inc. under one or more contributor license agreements. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2.1 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA. - */ - -package com.metamatrix.platform.security.api; - -import java.io.Serializable; -import java.util.Collection; -import java.util.Set; -import java.util.HashSet; - -/** - * This class wraps two Collections of <code>String</code> names - - * the first is a <code>Collection</code> of names of MetaMatrix - * user principals, the other is a <code>Collection</code> of group - * principal names. These principal names can then be used, by a client, - * to retrieve a {@link MetaMatrixPrincipal} object from the server. - */ -public class MetaMatrixPrincipalNames implements Serializable { - - private Set groupNames; - private Set userNames; - - /** - * The constructor takes two Sets of names - one of group names, one of - * user names. These two sets should never be null (they can be empty), - * but there are no checks against null sets currently. - */ - public MetaMatrixPrincipalNames(Set groupPrincipalNames, Set userPrincipalNames){ - if ( groupPrincipalNames == null ) { - groupNames = new HashSet(); - } - if ( userPrincipalNames == null ) { - userNames = new HashSet(); - } - this.groupNames = groupPrincipalNames; - this.userNames = userPrincipalNames; - } - - /** - * Returns the names of all group principals contained in this - * object - * @return currently returns a <code>Set</code> of <code>String</code> - * names, representing group principals. However, note that this - * implementation may change. - */ - public Collection getGroupPrincipalNames(){ - return this.groupNames; - } - - /** - * Returns the names of all user principals contained in this - * object - * @return currently returns a <code>Set</code> of <code>String</code> - * names, representing user principals. However, note that this - * implementation may change. - */ - public Collection getUserPrincipalNames(){ - return this.userNames; - } - - /** - * Displays the group and user names - */ - public String toString(){ - StringBuffer buffer = new StringBuffer(); - buffer.append("MetaMatrixPrincipalNames: {group names: "); //$NON-NLS-1$ - buffer.append(groupNames); - buffer.append(" }, {user names: "); //$NON-NLS-1$ - buffer.append(userNames); - buffer.append(" }"); //$NON-NLS-1$ - return buffer.toString(); - } -} - - - Deleted: trunk/common-internal/src/main/java/com/metamatrix/platform/admin/api/MembershipAdminAPI.java =================================================================== --- trunk/common-internal/src/main/java/com/metamatrix/platform/admin/api/MembershipAdminAPI.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/common-internal/src/main/java/com/metamatrix/platform/admin/api/MembershipAdminAPI.java 2009-04-06 20:21:13 UTC (rev 721) @@ -1,63 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * See the COPYRIGHT.txt file distributed with this work for information - * regarding copyright ownership. Some portions may be licensed - * to Red Hat, Inc. under one or more contributor license agreements. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2.1 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA. - */ - -package com.metamatrix.platform.admin.api; - -import java.io.Serializable; -import java.util.Collection; -import java.util.List; -import java.util.Set; - -import com.metamatrix.admin.api.exception.security.InvalidSessionException; -import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException; -import com.metamatrix.api.exception.MetaMatrixComponentException; -import com.metamatrix.api.exception.security.AuthorizationException; -import com.metamatrix.api.exception.security.MembershipServiceException; -import com.metamatrix.common.util.MultipleRequestConfirmation; -import com.metamatrix.platform.security.api.Credentials; -import com.metamatrix.platform.security.api.MetaMatrixPrincipal; - -public interface MembershipAdminAPI extends SubSystemAdminAPI { - - List getDomainNames( ) - throws AuthorizationException, InvalidSessionException, MetaMatrixComponentException, MetaMatrixSecurityException; - - Set getGroupsForDomain(String domainName) - throws AuthorizationException, InvalidSessionException, MetaMatrixComponentException, MetaMatrixSecurityException; - - MetaMatrixPrincipal getUserPrincipal(String principalName) - throws AuthorizationException, InvalidSessionException, MetaMatrixComponentException, MetaMatrixSecurityException; - - MultipleRequestConfirmation getUserPrincipals(Collection userNames) - throws AuthorizationException, InvalidSessionException, MetaMatrixComponentException, MetaMatrixSecurityException; - - Collection getGroupPrincipalNames() - throws AuthorizationException, InvalidSessionException, MetaMatrixComponentException, MetaMatrixSecurityException; - - MultipleRequestConfirmation getGroupPrincipals(Collection groupNames) - throws AuthorizationException, InvalidSessionException, MetaMatrixComponentException, MetaMatrixSecurityException; - - boolean authenticateUser(String username, Credentials credential, Serializable trustePayload, String applicationName) - throws MetaMatrixComponentException, MembershipServiceException; - -} - Modified: trunk/console/src/main/java/com/metamatrix/console/models/GroupsManager.java =================================================================== --- trunk/console/src/main/java/com/metamatrix/console/models/GroupsManager.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/console/src/main/java/com/metamatrix/console/models/GroupsManager.java 2009-04-06 20:21:13 UTC (rev 721) @@ -30,9 +30,9 @@ import java.util.Iterator; import java.util.List; import java.util.Map; -import java.util.Set; import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException; +import com.metamatrix.admin.api.objects.Group; import com.metamatrix.api.exception.ComponentNotFoundException; import com.metamatrix.api.exception.security.AuthorizationException; import com.metamatrix.console.connections.ConnectionInfo; @@ -268,94 +268,24 @@ } } - public Collection /*<String>*/ getAllGroupNames() - throws ExternalException, AuthorizationException, - ComponentNotFoundException { - /*try { - MetaMatrixPrincipalNames enterprisePrincipals = - ModelManager.getMembershipAPI(getConnection()) - .getReadonlyPrincipalNames(); - Collection groups = enterprisePrincipals.getGroupPrincipalNames(); - MetaMatrixPrincipalNames metaMatrixPrincipals = - ModelManager.getMembershipAPI(getConnection()) - .getEditablePrincipalNames(); - Collection metaMatrixGroups = metaMatrixPrincipals - .getGroupPrincipalNames(); - groups.addAll(metaMatrixGroups); - return groups; - } catch (AuthorizationException e) { - throw(e); - } catch (ComponentNotFoundException e) { - throw(e); - } catch (Exception e) { - throw new ExternalException(e); - }*/ - return Collections.EMPTY_LIST; - } - - public List /*<String>*/ getDomainNames() - throws ExternalException, AuthorizationException, - ComponentNotFoundException { - List domainNames = Collections.EMPTY_LIST; + public List<String> getDomainNames() { + List<String> domainNames = Collections.emptyList(); try { - domainNames = ModelManager.getMembershipAPI(getConnection()).getDomainNames(); + domainNames = getConnection().getServerAdmin().getDomainNames(); } catch (Exception e) { return domainNames; } return domainNames; } - public void setDomainOrder(List domainNames) - throws ExternalException, AuthorizationException, - ComponentNotFoundException { - try { - //ModelManager.getMembershipAPI(getConnection()).setDomainOrder(domainNames); - } catch (Exception e) { - } - } - - public void setEnableSecurity(boolean enabled) - throws ExternalException, AuthorizationException, - ComponentNotFoundException { - try { - //ModelManager.getMembershipAPI(getConnection()).setEnableSecurity(enabled); - } catch (Exception e) { - } - } - - public void setAdminUsername(String username) - throws ExternalException, AuthorizationException, - ComponentNotFoundException { - try { - //ModelManager.getMembershipAPI(getConnection()).setAdminUsername(username); - } catch (Exception e) { - } - } - - public void setAdminPassword(String password) - throws ExternalException, AuthorizationException, - ComponentNotFoundException { - try { - //ModelManager.getMembershipAPI(getConnection()).setAdminPassword(password); - } catch (Exception e) { - } - } - - public Collection getGroupsForDomain (String theDomain) { - Set groupNames = null; + public Collection<Group> getGroupsForDomain (String theDomain) { try { - - groupNames = ModelManager.getMembershipAPI(getConnection()).getGroupsForDomain(theDomain); - + return getConnection().getServerAdmin().getGroupsForDomain(theDomain); } catch (Exception e) { - return Collections.EMPTY_SET; + } - - if(groupNames!=null) { - return groupNames; - } - return Collections.EMPTY_SET; + return Collections.emptyList(); } public Map getMetaMatrixPropNamesForGroups() { Modified: trunk/console/src/main/java/com/metamatrix/console/models/ModelManager.java =================================================================== --- trunk/console/src/main/java/com/metamatrix/console/models/ModelManager.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/console/src/main/java/com/metamatrix/console/models/ModelManager.java 2009-04-06 20:21:13 UTC (rev 721) @@ -40,7 +40,6 @@ import com.metamatrix.platform.admin.api.AuthorizationAdminAPI; import com.metamatrix.platform.admin.api.ConfigurationAdminAPI; import com.metamatrix.platform.admin.api.ExtensionSourceAdminAPI; -import com.metamatrix.platform.admin.api.MembershipAdminAPI; import com.metamatrix.platform.admin.api.RuntimeStateAdminAPI; import com.metamatrix.platform.admin.api.SubSystemAdminAPI; import com.metamatrix.platform.security.api.MetaMatrixPrincipalName; @@ -320,11 +319,6 @@ return (ConfigurationAdminAPI) getSubSystemAdminAPI(ConfigurationAdminAPI.class, conn); } - public static MembershipAdminAPI getMembershipAPI(ConnectionInfo conn) { - - return (MembershipAdminAPI) getSubSystemAdminAPI(MembershipAdminAPI.class, conn); - } - public static RuntimeStateAdminAPI getRuntimeStateAPI(ConnectionInfo conn) { return (RuntimeStateAdminAPI) getSubSystemAdminAPI(RuntimeStateAdminAPI.class, conn); Modified: trunk/console/src/main/java/com/metamatrix/console/ui/views/authorization/ProvidersMain.java =================================================================== --- trunk/console/src/main/java/com/metamatrix/console/ui/views/authorization/ProvidersMain.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/console/src/main/java/com/metamatrix/console/ui/views/authorization/ProvidersMain.java 2009-04-06 20:21:13 UTC (rev 721) @@ -55,8 +55,6 @@ import javax.swing.event.ListSelectionListener; import javax.swing.table.TableModel; -import com.metamatrix.api.exception.ComponentNotFoundException; -import com.metamatrix.api.exception.security.AuthorizationException; import com.metamatrix.common.config.ResourceNames; import com.metamatrix.common.config.api.AuthenticationProvider; import com.metamatrix.common.config.api.Configuration; @@ -396,9 +394,6 @@ private void setAuthenticationOrder(List authOrder) { try { - // Sets the order on the MembershipService - getGroupsManager().setDomainOrder(authOrder); - // Updates the next startup configuration updateConfiguration(authOrder); } catch (Exception e) { Modified: trunk/console/src/main/java/com/metamatrix/console/ui/views/authorization/SummaryMain.java =================================================================== --- trunk/console/src/main/java/com/metamatrix/console/ui/views/authorization/SummaryMain.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/console/src/main/java/com/metamatrix/console/ui/views/authorization/SummaryMain.java 2009-04-06 20:21:13 UTC (rev 721) @@ -56,8 +56,6 @@ import com.metamatrix.console.util.StaticUtilities; import com.metamatrix.core.util.StringUtil; import com.metamatrix.platform.admin.api.AuthorizationAdminAPI; -import com.metamatrix.platform.admin.api.MembershipAdminAPI; -import com.metamatrix.platform.security.api.Credentials; import com.metamatrix.toolbox.ui.widget.ButtonWidget; import com.metamatrix.toolbox.ui.widget.CheckBox; import com.metamatrix.toolbox.ui.widget.DialogPanel; @@ -466,9 +464,8 @@ return; } - final MembershipAdminAPI membershipAPI = ModelManager.getMembershipAPI(this.connection ); try { - if(! membershipAPI.authenticateUser(this.connection.getUser(), new Credentials(currentPass), null, null) ) { + if(! this.getConnection().getServerAdmin().authenticateUser(this.connection.getUser(), currentPass, null, null) ) { String title = ConsolePlugin.Util.getString("SummaryMain.authErrorDialog.title"); //$NON-NLS-1$ String msg = ConsolePlugin.Util.getString("SummaryMain.authErrorDialog.msg"); //$NON-NLS-1$ StaticUtilities.displayModalDialogWithOK(title, msg); Modified: trunk/console/src/main/java/com/metamatrix/console/ui/views/users/GroupsTabMainPanel.java =================================================================== --- trunk/console/src/main/java/com/metamatrix/console/ui/views/users/GroupsTabMainPanel.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/console/src/main/java/com/metamatrix/console/ui/views/users/GroupsTabMainPanel.java 2009-04-06 20:21:13 UTC (rev 721) @@ -48,7 +48,6 @@ import com.metamatrix.console.util.ExceptionUtility; import com.metamatrix.console.util.ExternalException; import com.metamatrix.console.util.LogContexts; -import com.metamatrix.toolbox.ui.widget.ButtonWidget; import com.metamatrix.toolbox.ui.widget.Splitter; /** @@ -65,7 +64,6 @@ private GroupsManager manager; private RolesList rolesList; - private ButtonWidget addButton; private JPanel rightPanel = new JPanel(); private GroupTabSelectionHandler selectionHandler; private boolean canViewPrincipalInfo; @@ -125,11 +123,6 @@ return showingRolesList; } - public void setAddUser(boolean enableAddUser){ - if (addButton != null) - addButton.setEnabled(enableAddUser); - } - public String getTitle() { //Unused-- needed by WorkspacePanel return ""; Modified: trunk/console/src/main/java/com/metamatrix/console/ui/views/users/NewGroupsWizardSelectionPanel.java =================================================================== --- trunk/console/src/main/java/com/metamatrix/console/ui/views/users/NewGroupsWizardSelectionPanel.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/console/src/main/java/com/metamatrix/console/ui/views/users/NewGroupsWizardSelectionPanel.java 2009-04-06 20:21:13 UTC (rev 721) @@ -48,14 +48,12 @@ import javax.swing.event.ListDataEvent; import javax.swing.event.ListDataListener; -import com.metamatrix.api.exception.ComponentNotFoundException; -import com.metamatrix.api.exception.security.AuthorizationException; +import com.metamatrix.admin.api.objects.Group; import com.metamatrix.console.models.GroupsManager; import com.metamatrix.console.ui.util.BasicWizardSubpanelContainer; import com.metamatrix.console.ui.util.NoMinTextFieldWidget; import com.metamatrix.console.ui.util.WizardInterface; import com.metamatrix.console.ui.util.property.TypeConstants; -import com.metamatrix.console.util.ExternalException; import com.metamatrix.core.MetaMatrixRuntimeException; import com.metamatrix.platform.security.api.MetaMatrixPrincipal; import com.metamatrix.platform.security.api.MetaMatrixPrincipalName; @@ -254,13 +252,12 @@ // -------------------------------------------- String selectedDomain = (String)cbxDomainSelection.getSelectedItem(); - Collection allDomainGroups = getGroupsManager().getGroupsForDomain(selectedDomain); + Collection<Group> allDomainGroups = getGroupsManager().getGroupsForDomain(selectedDomain); // Remove any that are in the supplied 'remove' list this.currentDomainGroups = new ArrayList(allDomainGroups.size()); - Iterator iter = allDomainGroups.iterator(); - while(iter.hasNext()) { - String currentGroup = (String)iter.next()+"@"+selectedDomain; + for (Group group : allDomainGroups) { + String currentGroup = group.getIdentifier(); if(this.listToRemoveFromAvailable != null && !this.listToRemoveFromAvailable.contains(currentGroup)) { this.currentDomainGroups.add(currentGroup); } Copied: trunk/engine/src/main/java/com/metamatrix/server/serverapi (from rev 713, trunk/client/src/main/java/com/metamatrix/server/serverapi) Property changes on: trunk/engine/src/main/java/com/metamatrix/server/serverapi ___________________________________________________________________ Name: svn:mergeinfo + Modified: trunk/server/src/main/java/com/metamatrix/admin/server/ServerAdminImpl.java =================================================================== --- trunk/server/src/main/java/com/metamatrix/admin/server/ServerAdminImpl.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/server/src/main/java/com/metamatrix/admin/server/ServerAdminImpl.java 2009-04-06 20:21:13 UTC (rev 721) @@ -22,13 +22,16 @@ package com.metamatrix.admin.server; +import java.io.Serializable; import java.util.ArrayList; import java.util.Collection; +import java.util.List; import java.util.Properties; import com.metamatrix.admin.api.exception.AdminException; import com.metamatrix.admin.api.objects.AdminOptions; import com.metamatrix.admin.api.objects.ConnectorBinding; +import com.metamatrix.admin.api.objects.Group; import com.metamatrix.admin.api.objects.LogConfiguration; import com.metamatrix.admin.api.objects.ScriptsContainer; import com.metamatrix.admin.api.objects.SystemObject; @@ -949,4 +952,21 @@ return getConfigurationAdmin().getClusterKey(); } + @Override + public boolean authenticateUser(String username, char[] credentials, + Serializable trustePayload, String applicationName) + throws AdminException { + return getSecurityAdmin().authenticateUser(username, credentials, trustePayload, applicationName); + } + + @Override + public List<String> getDomainNames() throws AdminException { + return getSecurityAdmin().getDomainNames(); + } + + @Override + public Collection<Group> getGroupsForDomain(String domainName) + throws AdminException { + return getSecurityAdmin().getGroupsForDomain(domainName); + } } \ No newline at end of file Modified: trunk/server/src/main/java/com/metamatrix/admin/server/ServerSecurityAdminImpl.java =================================================================== --- trunk/server/src/main/java/com/metamatrix/admin/server/ServerSecurityAdminImpl.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/server/src/main/java/com/metamatrix/admin/server/ServerSecurityAdminImpl.java 2009-04-06 20:21:13 UTC (rev 721) @@ -22,9 +22,11 @@ package com.metamatrix.admin.server; +import java.io.Serializable; import java.util.ArrayList; import java.util.Collection; import java.util.Iterator; +import java.util.List; import java.util.Set; import com.metamatrix.admin.api.exception.AdminComponentException; @@ -34,6 +36,7 @@ import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException; import com.metamatrix.admin.api.objects.AdminObject; import com.metamatrix.admin.api.objects.AdminOptions; +import com.metamatrix.admin.api.objects.Group; import com.metamatrix.admin.api.objects.Principal; import com.metamatrix.admin.api.server.AdminRoles; import com.metamatrix.admin.api.server.ServerSecurityAdmin; @@ -41,11 +44,13 @@ import com.metamatrix.admin.objects.MMRole; import com.metamatrix.api.exception.security.AuthorizationException; import com.metamatrix.api.exception.security.AuthorizationMgmtException; +import com.metamatrix.api.exception.security.MembershipServiceException; import com.metamatrix.common.actions.ModificationActionQueue; import com.metamatrix.platform.registry.ClusteredRegistryState; import com.metamatrix.platform.security.api.AuthorizationObjectEditor; import com.metamatrix.platform.security.api.AuthorizationPolicy; import com.metamatrix.platform.security.api.AuthorizationPolicyID; +import com.metamatrix.platform.security.api.Credentials; import com.metamatrix.platform.security.api.MetaMatrixPrincipalName; import com.metamatrix.platform.security.api.SessionToken; import com.metamatrix.platform.security.util.RolePermissionFactory; @@ -126,6 +131,14 @@ executeAuthorizationActions(aoe); } + public boolean authenticateUser(String username, char[] credentials, Serializable trustePayload, String applicationName) throws AdminException { + try { + return getMembershipServiceProxy().authenticateUser(username, new Credentials(credentials), trustePayload, applicationName).isAuthenticated(); + } catch (MembershipServiceException e) { + throw new AdminComponentException(e); + } + } + /** * Execute the actions requeted of the <code>MembershipObjectEditor</code> or throw * an exception if unable for any reason. @@ -209,12 +222,12 @@ * @see com.metamatrix.admin.api.server.ServerSecurityAdmin#getGroups(java.lang.String) * @since 4.3 */ - public Collection getGroups(String groupIdentifier) throws AdminException { + public Collection<Group> getGroups(String groupIdentifier) throws AdminException { if (groupIdentifier == null) { throwProcessingException("AdminImpl.requiredparameter", new Object[] {}); //$NON-NLS-1$ } - Collection groups = new ArrayList(); + Collection<Group> groups = new ArrayList<Group>(); Collection allGroups = null; // Add all groups from internal membership domain try { @@ -292,9 +305,6 @@ return super.importDataRoles(vdbName, vdbVersion, xmlContents, options); } - - - /** * @see com.metamatrix.admin.api.server.ServerSecurityAdmin#exportDataRoles(java.lang.String, java.lang.String) */ @@ -310,4 +320,31 @@ } return super.exportDataRoles(vdbName, vdbVersion); } + + @Override + public List<String> getDomainNames() throws AdminException { + try { + return this.getMembershipServiceProxy().getDomainNames(); + } catch (MembershipServiceException e) { + throw new AdminComponentException(e); + } + } + + @Override + public Collection<Group> getGroupsForDomain(String domainName) + throws AdminException { + if (domainName == null) { + throwProcessingException("AdminImpl.requiredparameter", new Object[] {}); //$NON-NLS-1$ + } + try { + Collection<String> groupNames = this.getMembershipServiceProxy().getGroupsForDomain(domainName); + List<Group> result = new ArrayList<Group>(groupNames.size()); + for (String groupName : groupNames) { + result.add(new MMGroup(new String[] {groupName})); + } + return result; + } catch (MembershipServiceException e) { + throw new AdminComponentException(e); + } + } } \ No newline at end of file Deleted: trunk/server/src/main/java/com/metamatrix/platform/admin/apiimpl/MembershipAdminAPIImpl.java =================================================================== --- trunk/server/src/main/java/com/metamatrix/platform/admin/apiimpl/MembershipAdminAPIImpl.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/server/src/main/java/com/metamatrix/platform/admin/apiimpl/MembershipAdminAPIImpl.java 2009-04-06 20:21:13 UTC (rev 721) @@ -1,194 +0,0 @@ -/* - * JBoss, Home of Professional Open Source. - * See the COPYRIGHT.txt file distributed with this work for information - * regarding copyright ownership. Some portions may be licensed - * to Red Hat, Inc. under one or more contributor license agreements. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2.1 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA. - */ - -package com.metamatrix.platform.admin.apiimpl; - -import java.io.Serializable; -import java.util.Collection; -import java.util.HashSet; -import java.util.Iterator; -import java.util.List; -import java.util.Set; - -import com.metamatrix.admin.api.exception.security.InvalidSessionException; -import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException; -import com.metamatrix.api.exception.MetaMatrixComponentException; -import com.metamatrix.api.exception.security.AuthorizationException; -import com.metamatrix.api.exception.security.InvalidUserException; -import com.metamatrix.api.exception.security.MembershipServiceException; -import com.metamatrix.common.util.MultipleRequestConfirmation; -import com.metamatrix.platform.admin.api.MembershipAdminAPI; -import com.metamatrix.platform.security.api.Credentials; -import com.metamatrix.platform.security.api.MetaMatrixPrincipal; -import com.metamatrix.platform.security.api.MetaMatrixPrincipalName; -import com.metamatrix.platform.security.api.service.MembershipServiceInterface; -import com.metamatrix.platform.util.PlatformProxyHelper; - -public class MembershipAdminAPIImpl extends SubSystemAdminAPIImpl implements MembershipAdminAPI { - - // Auth svc proxy - private MembershipServiceInterface membAdmin; - private static MembershipAdminAPI membershipAdminAPI; - - /** - * ctor - */ - private MembershipAdminAPIImpl() throws MetaMatrixComponentException { - - membAdmin = PlatformProxyHelper.getMembershipServiceProxy(PlatformProxyHelper.ROUND_ROBIN_LOCAL); - } - - public synchronized static MembershipAdminAPI getInstance() throws MetaMatrixComponentException { - if (membershipAdminAPI == null) { - membershipAdminAPI = new MembershipAdminAPIImpl(); - } - return membershipAdminAPI; - } - - public synchronized List getDomainNames( ) throws AuthorizationException, - InvalidSessionException, - MetaMatrixComponentException, - MetaMatrixSecurityException { - // Validate caller's session - AdminAPIHelper.validateSession(getSessionID()); - - // Any administrator may call this read-only method - no need to validate role - return membAdmin.getDomainNames(); - } - - public synchronized Set getGroupsForDomain(String domainName) throws AuthorizationException, - InvalidSessionException, - MetaMatrixComponentException, - MetaMatrixSecurityException { - // Validate caller's session - AdminAPIHelper.validateSession(getSessionID()); - // Any administrator may call this read-only method - no need to validate role - return membAdmin.getGroupsForDomain(domainName); - } - - /** - * Authenticate the given user / credentials as a valid system user using the given payload and application name - * @param username - user to authenticate - * @param credential - credentials to use when validating user - * @param trustedpayload - payload to use when validating user - * @param applicationName - applicationName to use when validating user - * @return Will return either a SuccessfulAuthenticationToken or an UnsuccessfulAuthenticationToken - * @see com.metamatrix.platform.admin.api.MembershipAdminAPI#authenticateUser(java.lang.String, com.metamatrix.platform.security.api.Credentials, java.io.Serializable, java.lang.String) - * - */ - public boolean authenticateUser(String username, Credentials credential, Serializable trustePayload, String applicationName) throws MetaMatrixComponentException, MembershipServiceException { - return membAdmin.authenticateUser(username, credential, trustePayload, applicationName).isAuthenticated(); - } - - public synchronized MetaMatrixPrincipal getUserPrincipal(String principalName) throws AuthorizationException, - InvalidSessionException, - MetaMatrixComponentException, - MetaMatrixSecurityException { - // Validate caller's session - AdminAPIHelper.validateSession(getSessionID()); - // Any administrator may call this read-only method - no need to validate role - return membAdmin.getPrincipal(new MetaMatrixPrincipalName(principalName, MetaMatrixPrincipal.TYPE_USER)); - } - - public synchronized MultipleRequestConfirmation getUserPrincipals(Collection userNames) throws AuthorizationException, - InvalidSessionException, - MetaMatrixComponentException, - MetaMatrixSecurityException { - // Validate caller's session - AdminAPIHelper.validateSession(getSessionID()); - // Any administrator may call this read-only method - no need to validate role - - MultipleRequestConfirmation result = new MultipleRequestConfirmation(); - Collection principals = new HashSet(userNames.size()); - - Iterator iter = userNames.iterator(); - String userName = null; - MetaMatrixPrincipal principal = null; - while (iter.hasNext()) { - userName = (String)iter.next(); - try { - principal = membAdmin.getPrincipal(new MetaMatrixPrincipalName(userName, MetaMatrixPrincipal.TYPE_USER)); - principals.add(principal); - } catch (InvalidUserException e) { - result.addFailure(userName, e); - } catch (MetaMatrixSecurityException e) { - result.addFailure(userName, e); - } - } - result.setResult(principals); - return result; - } - - /** - * Add the given set of principals to the given role. - * - * @param principals - * Set of <code>MetaMatrixPrincipalName</code>s to which to add. - * @param roleName - * The name of the role to which to add the principals. - * @throws InvalidSessionException - * if the administrative session is invalid - * @throws AuthorizationException - * if admninistrator does not have the authority to perform the requested operation. - * @throws MetaMatrixComponentException - * if this service has trouble communicating. - */ - public synchronized MultipleRequestConfirmation getGroupPrincipals(Collection groupNames) throws AuthorizationException, - InvalidSessionException, - MetaMatrixComponentException, - MetaMatrixSecurityException { - // Validate caller's session - // SessionToken token = - AdminAPIHelper.validateSession(getSessionID()); - // Any administrator may call this read-only method - no need to validate role - - MultipleRequestConfirmation result = new MultipleRequestConfirmation(); - Collection principals = new HashSet(groupNames.size()); - - Iterator iter = groupNames.iterator(); - String groupName = null; - MetaMatrixPrincipal principal = null; - while (iter.hasNext()) { - groupName = (String)iter.next(); - try { - principal = membAdmin.getPrincipal(new MetaMatrixPrincipalName(groupName, MetaMatrixPrincipal.TYPE_GROUP)); - principals.add(principal); - } catch (InvalidUserException e) { - result.addFailure(groupName, e); - } catch (MetaMatrixSecurityException e) { - result.addFailure(groupName, e); - } - } - result.setResult(principals); - return result; - } - - public synchronized Collection getGroupPrincipalNames() throws AuthorizationException, - InvalidSessionException, - MetaMatrixComponentException, - MetaMatrixSecurityException { - // Validate caller's session - AdminAPIHelper.validateSession(getSessionID()); - // Any administrator may call this read-only method - no need to validate role - return membAdmin.getGroupNames(); - } -} Modified: trunk/server/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java =================================================================== --- trunk/server/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/server/src/main/java/com/metamatrix/platform/security/api/service/MembershipServiceInterface.java 2009-04-06 20:21:13 UTC (rev 721) @@ -68,6 +68,8 @@ public static final String DOMAIN_PROPERTIES = "propertiesFile"; //$NON-NLS-1$ + public static final String AT = "@"; //$NON-NLS-1$ + /** * Authenticate a user with the specified username and credential * for use with the specified application. The application name may also @@ -100,17 +102,17 @@ * * The username should be fully qualified */ - Set getGroupsForUser(String username) + Set<String> getGroupsForUser(String username) throws MembershipServiceException, InvalidPrincipalException; /** * Obtain the collection of group names. */ - Set getGroupNames() throws MembershipServiceException; + Set<String> getGroupNames() throws MembershipServiceException; - List getDomainNames() throws MembershipServiceException; + List<String> getDomainNames() throws MembershipServiceException; - Set getGroupsForDomain(String domainName) throws MembershipServiceException; + Set<String> getGroupsForDomain(String domainName) throws MembershipServiceException; boolean isSuperUser(String username) throws MembershipServiceException; Modified: trunk/server/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java =================================================================== --- trunk/server/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/server/src/main/java/com/metamatrix/platform/security/membership/service/MembershipServiceImpl.java 2009-04-06 20:21:13 UTC (rev 721) @@ -78,9 +78,7 @@ */ public class MembershipServiceImpl extends AbstractService implements MembershipServiceInterface { - private static final String AT = "@"; //$NON-NLS-1$ - - static class MembershipDomainHolder { + static class MembershipDomainHolder { private MembershipDomain membershipDomain; private String domainName; @@ -338,7 +336,7 @@ if (auth.getDomainName() != null) { domain = auth.getDomainName(); } - return new SuccessfulAuthenticationToken(auth.getPayload(), baseUsername + AT + domain); + return new SuccessfulAuthenticationToken(auth.getPayload(), baseUsername + MembershipServiceInterface.AT + domain); } String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.Null_authentication", entry.getDomainName(), username ); //$NON-NLS-1$ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, msg); @@ -378,7 +376,7 @@ } //strip the escape character from the remaining ats - return result.replaceAll("\\\\"+AT, AT); //$NON-NLS-1$ + return result.replaceAll("\\\\"+MembershipServiceInterface.AT, MembershipServiceInterface.AT); //$NON-NLS-1$ } static String escapeName(String name) { @@ -386,7 +384,7 @@ return name; } - return name.replaceAll(AT, "\\\\"+AT); //$NON-NLS-1$ + return name.replaceAll(MembershipServiceInterface.AT, "\\\\"+MembershipServiceInterface.AT); //$NON-NLS-1$ } static String getDomainName(String username) { @@ -405,7 +403,7 @@ static int getQualifierIndex(String username) { int index = username.length(); - while ((index = username.lastIndexOf(AT, --index)) != -1) { + while ((index = username.lastIndexOf(MembershipServiceInterface.AT, --index)) != -1) { if (index > 0 && username.charAt(index - 1) != '\\') { return index; } @@ -515,14 +513,14 @@ throw new InvalidPrincipalException(PlatformPlugin.Util.getString("MembershipServiceImpl.principal_does_not_exist", name, domain.getDomainName())); //$NON-NLS-1$ } - private Set getDomainSpecificGroups(Set groups, String domainName) { + private Set<String> getDomainSpecificGroups(Set<String> groups, String domainName) { if (groups == null) { - return Collections.EMPTY_SET; + return Collections.emptySet(); } - Set results = new HashSet(); + Set<String> results = new HashSet<String>(); - for (Iterator i = groups.iterator(); i.hasNext();) { - results.add(escapeName((String)i.next()) + AT + domainName); + for (Iterator<String> i = groups.iterator(); i.hasNext();) { + results.add(escapeName(i.next()) + MembershipServiceInterface.AT + domainName); } return results; } @@ -600,7 +598,7 @@ return names; } - public Set getGroupsForDomain(String domainName) throws MembershipServiceException { + public Set<String> getGroupsForDomain(String domainName) throws MembershipServiceException { LogManager.logTrace(LogSecurityConstants.CTX_MEMBERSHIP, new Object[] {"getGroupsForDomain", domainName}); //$NON-NLS-1$ @@ -614,10 +612,10 @@ } } if(dHolder==null) { - return Collections.EMPTY_SET; + return Collections.emptySet(); } try { - return dHolder.getMembershipDomain().getGroupNames(); + return getDomainSpecificGroups(dHolder.getMembershipDomain().getGroupNames(), domainName); } catch (Throwable e) { String msg = PlatformPlugin.Util.getString("MembershipServiceImpl.source_exception", dHolder.getDomainName()); //$NON-NLS-1$ LogManager.logError(LogSecurityConstants.CTX_MEMBERSHIP, e, msg); Modified: trunk/server/src/main/java/com/metamatrix/platform/vm/controller/ProcessController.java =================================================================== --- trunk/server/src/main/java/com/metamatrix/platform/vm/controller/ProcessController.java 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/server/src/main/java/com/metamatrix/platform/vm/controller/ProcessController.java 2009-04-06 20:21:13 UTC (rev 721) @@ -83,13 +83,11 @@ import com.metamatrix.platform.admin.api.AuthorizationAdminAPI; import com.metamatrix.platform.admin.api.ConfigurationAdminAPI; import com.metamatrix.platform.admin.api.ExtensionSourceAdminAPI; -import com.metamatrix.platform.admin.api.MembershipAdminAPI; import com.metamatrix.platform.admin.api.RuntimeStateAdminAPI; import com.metamatrix.platform.admin.apiimpl.AdminHelper; import com.metamatrix.platform.admin.apiimpl.AuthorizationAdminAPIImpl; import com.metamatrix.platform.admin.apiimpl.ConfigurationAdminAPIImpl; import com.metamatrix.platform.admin.apiimpl.ExtensionSourceAdminAPIImpl; -import com.metamatrix.platform.admin.apiimpl.MembershipAdminAPIImpl; import com.metamatrix.platform.admin.apiimpl.RuntimeStateAdminAPIImpl; import com.metamatrix.platform.config.api.service.ConfigurationServiceInterface; import com.metamatrix.platform.config.event.ConfigurationChangeEvent; @@ -210,7 +208,6 @@ private void registerSubSystemAdminAPIs(HostManagement hostManagement) throws MetaMatrixComponentException { this.clientServices.registerClientService(ConfigurationAdminAPI.class, ConfigurationAdminAPIImpl.getInstance(this.registry), PlatformAdminConstants.CTX_CONFIGURATION_ADMIN_API); this.clientServices.registerClientService(RuntimeStateAdminAPI.class, RuntimeStateAdminAPIImpl.getInstance(this.registry, hostManagement), PlatformAdminConstants.CTX_RUNTIME_STATE_ADMIN_API); - this.clientServices.registerClientService(MembershipAdminAPI.class, MembershipAdminAPIImpl.getInstance(), PlatformAdminConstants.CTX_ADMIN_API); this.clientServices.registerClientService(AuthorizationAdminAPI.class, AuthorizationAdminAPIImpl.getInstance(), PlatformAdminConstants.CTX_AUTHORIZATION_ADMIN_API); this.clientServices.registerClientService(ExtensionSourceAdminAPI.class, ExtensionSourceAdminAPIImpl.getInstance(), PlatformAdminConstants.CTX_ADMIN_API); this.clientServices.registerClientService(RuntimeMetadataAdminAPI.class, RuntimeMetadataAdminAPIImpl.getInstance(), PlatformAdminConstants.CTX_RUNTIME_METADATA_ADMIN_API); Modified: trunk/server/src/main/resources/com/metamatrix/admin/util/methodroles.properties =================================================================== --- trunk/server/src/main/resources/com/metamatrix/admin/util/methodroles.properties 2009-04-06 17:38:05 UTC (rev 720) +++ trunk/server/src/main/resources/com/metamatrix/admin/util/methodroles.properties 2009-04-06 20:21:13 UTC (rev 721) @@ -129,10 +129,13 @@ addUser=Admin.SystemAdmin assignRoleToGroup=Admin.SystemAdmin assignRoleToUser=Admin.SystemAdmin +authenticateUser=Anonymous exportDataRoles=Admin.SystemAdmin exportPrincipals=Admin.SystemAdmin getChildrenOfGroup=Admin.SystemAdmin +getDomainNames=Admin.SystemAdmin getGroups=Admin.SystemAdmin +getGroupsForDomain=Admin.SystemAdmin getGroupsForUser=Admin.SystemAdmin getParentsOfGroup=Admin.SystemAdmin getRolesForGroup=Admin.SystemAdmin