teiid SVN: r4081 - in trunk: engine/src/main/java/org/teiid/dqp/service and 4 other directories. - teiid-commits

Wednesday, 9 May 2012

Author: shawkins
Date: 2012-05-09 11:34:45 -0400 (Wed, 09 May 2012)
New Revision: 4081

Modified:
   trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java
   trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java
   trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
   trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
   trunk/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java
   trunk/jboss-integration/src/main/java/org/teiid/jboss/TransportService.java
   trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
   trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java
Log:
TEIID-2037 applying changes forward.

Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java
===================================================================
---
trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java	2012-05-09
15:09:08 UTC (rev 4080)
+++
trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java	2012-05-09
15:34:45 UTC (rev 4081)
@@ -241,7 +241,7 @@
 			runnable.run();
 		} finally {
 			if (associated) {
-				securityHelper.clearSecurityContext(this.getSecurityDomain());			
+				securityHelper.clearSecurityContext();			
 			}
 			DQPWorkContext.releaseWorkContext();
 			if (previous != null) {
@@ -254,7 +254,7 @@
 		DQPWorkContext.setWorkContext(this);
 		boolean associated = false;
 		if (securityHelper != null && this.getSubject() != null) {
-			associated = securityHelper.associateSecurityContext(this.getSecurityDomain(),
this.getSecurityContext());			
+			associated = securityHelper.associateSecurityContext(this.getSecurityContext());			
 		}
 		return associated;
 	}

Modified: trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java
===================================================================

--- trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java	2012-05-09
15:09:08 UTC (rev 4080)
+++ trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java	2012-05-09
15:34:45 UTC (rev 4081)
@@ -148,7 +148,9 @@
 	
 	String getGssSecurityDomain();
 	
-	void associateSubjectInContext(String securityDomain, Subject subject); 
+	boolean associateSubjectInContext(String securityDomain, Subject subject); 
 	
 	Subject getSubjectInContext(String securityDomain);
+
+	public void clearSubjectInContext();
 }

Modified: trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java	2012-05-09 15:09:08
UTC (rev 4080)
+++ trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java	2012-05-09 15:34:45
UTC (rev 4081)
@@ -28,9 +28,9 @@
 
 public interface SecurityHelper {
 	
-	boolean associateSecurityContext(String securityDomain, Object context);
+	boolean associateSecurityContext(Object context);
 	
-	void clearSecurityContext(String securityDomain);
+	void clearSecurityContext();
 	
 	Object getSecurityContext(String securityDomain);
 	

Modified: trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
===================================================================
---
trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java	2012-05-09
15:09:08 UTC (rev 4080)
+++
trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java	2012-05-09
15:34:45 UTC (rev 4081)
@@ -36,9 +36,9 @@
 	private static final long serialVersionUID = 3598997061994110254L;
 
 	@Override
-	public boolean associateSecurityContext(String securityDomain, Object newContext) {
+	public boolean associateSecurityContext(Object newContext) {
 		SecurityContext context = SecurityActions.getSecurityContext();
-		if (context == null || (!context.getSecurityDomain().equals(securityDomain) &&
newContext != null)) {
+		if (context == null || (newContext != null && newContext != context)) {
 			SecurityActions.setSecurityContext((SecurityContext)newContext);
 			return true;
 		}
@@ -46,11 +46,8 @@
 	}
 
 	@Override
-	public void clearSecurityContext(String securityDomain) {
-		SecurityContext sc = SecurityActions.getSecurityContext();
-		if (sc != null && sc.getSecurityDomain().equals(securityDomain)) {
-			SecurityActions.clearSecurityContext();
-		}
+	public void clearSecurityContext() {
+		SecurityActions.clearSecurityContext();
 	}
 	
 	@Override
@@ -64,8 +61,7 @@
 	
 	@Override
 	public Object createSecurityContext(String securityDomain, Principal p, Object
credentials, Subject subject) {
-		SecurityActions.pushSecurityContext(p, credentials, subject, securityDomain);
-		return getSecurityContext(securityDomain);
+		return SecurityActions.createSecurityContext(p, credentials, subject, securityDomain);
 	}
 
 	@Override

Modified: trunk/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java
===================================================================
--- trunk/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java	2012-05-09
15:09:08 UTC (rev 4080)
+++ trunk/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java	2012-05-09
15:34:45 UTC (rev 4081)
@@ -68,18 +68,17 @@
 	      });
 	   }	 
 	   
-	   static void pushSecurityContext(final Principal p, final Object cred, final Subject
subject, final String securityDomain)
+	   static SecurityContext createSecurityContext(final Principal p, final Object cred,
final Subject subject, final String securityDomain)
 	   {
-			AccessController.doPrivileged(new PrivilegedAction<Object>() {
-				public Object run() {
+			return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>() {
+				public SecurityContext run() {
 					SecurityContext sc;
 					try {
 						sc = SecurityContextFactory.createSecurityContext(p, cred, subject,
securityDomain);
 					} catch (Exception e) {
 						throw new RuntimeException(e);
 					}
-					setSecurityContext(sc);
-					return null;
+					return sc;
 				}
 			});
 	   }	   

Modified: trunk/jboss-integration/src/main/java/org/teiid/jboss/TransportService.java
===================================================================
--- trunk/jboss-integration/src/main/java/org/teiid/jboss/TransportService.java	2012-05-09
15:09:08 UTC (rev 4080)
+++ trunk/jboss-integration/src/main/java/org/teiid/jboss/TransportService.java	2012-05-09
15:34:45 UTC (rev 4081)
@@ -119,6 +119,7 @@
 		this.sessionService.setAuthenticationType(getAuthenticationType());
 		this.sessionService.setGssSecurityDomain(this.krb5Domain);
 		this.sessionService.start();
+		this.csr.setAuthenticationType(this.sessionService.getAuthenticationType());
 		
     	// create the necessary services
 		this.logon = new LogonImpl(this.sessionService, "teiid-cluster");
//$NON-NLS-1$

Modified: trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java	2012-05-09
15:09:08 UTC (rev 4080)
+++ trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java	2012-05-09
15:34:45 UTC (rev 4081)
@@ -388,13 +388,13 @@
 	}
 	
 	@Override
-	public void associateSubjectInContext(String securityDomain, Subject subject) {
+	public boolean associateSubjectInContext(String securityDomain, Subject subject) {
     	Principal principal = null;
     	for(Principal p:subject.getPrincipals()) {
 			principal = p;
 			break;
     	}
-    	this.securityHelper.associateSecurityContext(securityDomain,
this.securityHelper.createSecurityContext(securityDomain, principal, null, subject));		
+    	return
this.securityHelper.associateSecurityContext(this.securityHelper.createSecurityContext(securityDomain,
principal, null, subject));		
 	}
 	
 	@Override
@@ -409,6 +409,11 @@
 	@Override
 	public String getGssSecurityDomain(){
 		return this.gssSecurityDomain;
+	}
+
+	@Override
+	public void clearSubjectInContext() {
+		this.securityHelper.clearSecurityContext();
 	}	
 	
     protected Collection<String> getDomainsForUser(List<String> domains,
String username) {

Modified: trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java	2012-05-09 15:09:08 UTC
(rev 4080)
+++ trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java	2012-05-09 15:34:45 UTC
(rev 4081)
@@ -158,7 +158,7 @@
 		
         String user = connProps.getProperty(TeiidURL.CONNECTION.USER_NAME);
         String password = connProps.getProperty(TeiidURL.CONNECTION.PASSWORD);		
-		
+		boolean associated = false;
 		try {
 			String securityDomain = service.getGssSecurityDomain();
 			if (securityDomain == null) {
@@ -174,7 +174,7 @@
 			}
 			
 			if (result.context.isEstablished()) {
-				service.associateSubjectInContext(securityDomain, subject);
+				associated = service.associateSubjectInContext(securityDomain, subject);
 			}
 			
 			if (!result.context.isEstablished() || !createSession) {
@@ -186,10 +186,15 @@
 			
 			LogManager.logDetail(LogConstants.CTX_SECURITY, "Kerberos context
established"); //$NON-NLS-1$
 			//connProps.setProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION,
"true"); //$NON-NLS-1$
-			return logon(connProps, result.serviceTicket);
+			LogonResult loginInResult =  logon(connProps, result.serviceTicket);
+			return loginInResult;
 		} catch (LoginException e) {
 			 throw new LogonException(RuntimePlugin.Event.TEIID40061, e,
RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40061));
-		} 
+		} finally {
+			if (associated) {
+				service.clearSubjectInContext();
+			}
+		}
 	}
 	
 	private String updateDQPContext(SessionMetadata s) {


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

teiid SVN: r4081 - in trunk: engine/src/main/java/org/teiid/dqp/service and 4 other directories.