Author: rareddy Date: 2012-07-24 17:01:05 -0400 (Tue, 24 Jul 2012) New Revision: 4266 Added: trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestDQPWorkContext.java trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java trunk/runtime/src/main/java/org/teiid/runtime/DoNothingSecurityHelper.java trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java trunk/runtime/src/main/java/org/teiid/transport/LocalServerConnection.java Log: TEIID-2109: correctly propagate the security context that is currently on the thread through in LocalConnection scenarios. Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java =================================================================== --- trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java 2012-07-24 19:55:03 UTC (rev 4265) +++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java 2012-07-24 21:01:05 UTC (rev 4266) @@ -220,6 +220,10 @@ return session.getSecurityContext(); } + public void setSecurityContext(Object securityContext) { + session.setSecurityContext(securityContext); + } + public VDBMetaData getVDB() { return session.getVdb(); } Modified: trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java =================================================================== --- trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java 2012-07-24 19:55:03 UTC (rev 4265) +++ trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java 2012-07-24 21:01:05 UTC (rev 4266) @@ -32,11 +32,13 @@ void clearSecurityContext(); - Object getSecurityContext(String securityDomain); + Object getSecurityContext(); Object createSecurityContext(String securityDomain, Principal p, Object credentials, Subject subject); Subject getSubjectInContext(String securityDomain); boolean sameSubject(String securityDomain, Object context, Subject subject); + + String getSecurityDomain(Object context); } Modified: trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestDQPWorkContext.java =================================================================== --- trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestDQPWorkContext.java 2012-07-24 19:55:03 UTC (rev 4265) +++ trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestDQPWorkContext.java 2012-07-24 21:01:05 UTC (rev 4266) @@ -101,7 +101,7 @@ return null; } @Override - public Object getSecurityContext(String securityDomain) { + public Object getSecurityContext() { return this.mycontext; } @Override @@ -118,6 +118,10 @@ this.mycontext = context; return old; } + @Override + public String getSecurityDomain(Object context) { + return null; + } }; Object previousSC = sc.createSecurityContext("test", null, null, null); //$NON-NLS-1$ sc.associateSecurityContext(previousSC); @@ -135,13 +139,13 @@ Runnable r = new Runnable() { @Override public void run() { - assertEquals(currentSC, sc.getSecurityContext(null)); + assertEquals(currentSC, sc.getSecurityContext()); } }; message.runInContext(r); - assertEquals(previousSC, sc.getSecurityContext(null)); + assertEquals(previousSC, sc.getSecurityContext()); } Modified: trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java =================================================================== --- trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java 2012-07-24 19:55:03 UTC (rev 4265) +++ trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java 2012-07-24 21:01:05 UTC (rev 4266) @@ -50,12 +50,8 @@ } @Override - public Object getSecurityContext(String securityDomain) { - SecurityContext sc = SecurityActions.getSecurityContext(); - if (sc != null && sc.getSecurityDomain().equals(securityDomain)) { - return sc; - } - return null; + public Object getSecurityContext() { + return SecurityActions.getSecurityContext(); } @Override @@ -89,5 +85,10 @@ } return false; } + + @Override + public String getSecurityDomain(Object context) { + return ((SecurityContext)context).getSecurityDomain(); + } } Modified: trunk/runtime/src/main/java/org/teiid/runtime/DoNothingSecurityHelper.java =================================================================== --- trunk/runtime/src/main/java/org/teiid/runtime/DoNothingSecurityHelper.java 2012-07-24 19:55:03 UTC (rev 4265) +++ trunk/runtime/src/main/java/org/teiid/runtime/DoNothingSecurityHelper.java 2012-07-24 21:01:05 UTC (rev 4266) @@ -45,7 +45,7 @@ } @Override - public Object getSecurityContext(String securityDomain) { + public Object getSecurityContext() { return new Object(); } @@ -64,4 +64,9 @@ public Object associateSecurityContext(Object context) { return null; } + + @Override + public String getSecurityDomain(Object context) { + return null; + } } \ No newline at end of file Modified: trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java =================================================================== --- trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java 2012-07-24 19:55:03 UTC (rev 4265) +++ trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java 2012-07-24 21:01:05 UTC (rev 4266) @@ -198,7 +198,7 @@ for (String domain:getDomainsForUser(domains, userName)) { Subject existing = this.securityHelper.getSubjectInContext(domain); if (existing != null) { - return new TeiidLoginContext(getUserName(existing, userName)+AT+domain, existing, domain, this.securityHelper.getSecurityContext(domain)); + return new TeiidLoginContext(getUserName(existing, userName)+AT+domain, existing, domain, this.securityHelper.getSecurityContext()); } } throw new LoginException(RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40087)); Modified: trunk/runtime/src/main/java/org/teiid/transport/LocalServerConnection.java =================================================================== --- trunk/runtime/src/main/java/org/teiid/transport/LocalServerConnection.java 2012-07-24 19:55:03 UTC (rev 4265) +++ trunk/runtime/src/main/java/org/teiid/transport/LocalServerConnection.java 2012-07-24 21:01:05 UTC (rev 4266) @@ -81,6 +81,7 @@ workContext.setSecurityHelper(csr.getSecurityHelper()); workContext.setUseCallingThread(useCallingThread); + workContext.setSecurityContext(csr.getSecurityHelper().getSecurityContext()); authenticate(); passthrough = Boolean.valueOf(connectionProperties.getProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION, "false")); //$NON-NLS-1$ } Added: trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java =================================================================== --- trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java (rev 0) +++ trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java 2012-07-24 21:01:05 UTC (rev 4266) @@ -0,0 +1,118 @@ +/* + * JBoss, Home of Professional Open Source. + * See the COPYRIGHT.txt file distributed with this work for information + * regarding copyright ownership. Some portions may be licensed + * to Red Hat, Inc. under one or more contributor license agreements. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA. + */ +package org.teiid.jdbc; + +import static org.junit.Assert.*; + +import java.security.Principal; + +import javax.security.auth.Subject; + +import org.junit.AfterClass; +import org.junit.BeforeClass; +import org.junit.Test; +import org.teiid.core.util.UnitTestUtil; +import org.teiid.runtime.EmbeddedConfiguration; +import org.teiid.security.SecurityHelper; + +@SuppressWarnings("nls") +public class TestPassthroughAuthentication { + + static FakeServer server = new FakeServer(false); + static TestableSecurityHelper securityHelper = new TestableSecurityHelper(); + + @AfterClass public static void oneTimeTearDown() { + server.stop(); + } + + @BeforeClass public static void oneTimeSetup() throws Exception { + server.setUseCallingThread(true); + server.start(new EmbeddedConfiguration() { + public SecurityHelper getSecurityHelper() { + return securityHelper; + } + }, false); + } + + @Test + public void test() throws Exception { + try { + server.deployVDB("not_there", UnitTestUtil.getTestDataPath() + "/PartsSupplier.vdb"); + try { + server.createConnection("jdbc:teiid:not_there.1;passthroughAuthentication=true"); + fail(); + } catch (Exception e) { + } + + securityHelper.associateSecurityContext("testSC"); + try { + server.createConnection("jdbc:teiid:not_there.1;passthroughAuthentication=true"); + } catch (Exception e) { + fail(); + } + } finally { + server.undeployVDB("not_there"); + } + } + + private static class TestableSecurityHelper implements SecurityHelper { + Object ctx; + @Override + public Object associateSecurityContext(Object context) { + return ctx = context; + } + @Override + public void clearSecurityContext() { + ctx = null; + } + @Override + public Object getSecurityContext() { + return this.ctx; + } + @Override + public Object createSecurityContext(String securityDomain, + Principal p, Object credentials, Subject subject) { + return securityDomain+"SC"; + } + + @Override + public Subject getSubjectInContext(String securityDomain) { + if (securityDomain.equals("teiid-security") && getSecurityContext() != null && getSecurityContext().equals("testSC")) { + Subject s = new Subject(); + return s; + } + return null; + } + + @Override + public boolean sameSubject(String securityDomain, + Object context, Subject subject) { + return false; + } + + @Override + public String getSecurityDomain(Object context) { + return null; + } + + }; +} Property changes on: trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java ___________________________________________________________________ Added: svn:mime-type + text/plain