[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...

Shane Bryzak Shane_Bryzak at symantec.com
Mon Jan 8 07:48:00 EST 2007 

  User: sbryzak2
  Date: 07/01/08 07:48:00

  Modified:    src/main/org/jboss/seam/security    Identity.java
                        SeamSecurityManager.java
  Removed:     src/main/org/jboss/seam/security    Role.java
  Log:
  finished JAAS authentication changes
  
  Revision  Changes    Path
  1.8       +26 -32    jboss-seam/src/main/org/jboss/seam/security/Identity.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: Identity.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/Identity.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -b -r1.7 -r1.8
  --- Identity.java	8 Jan 2007 02:55:40 -0000	1.7
  +++ Identity.java	8 Jan 2007 12:48:00 -0000	1.8
  @@ -5,12 +5,12 @@
   
   import java.io.Serializable;
   import java.security.Principal;
  +import java.util.Set;
   
   import javax.security.auth.Subject;
   
   import org.jboss.seam.Component;
   import org.jboss.seam.ScopeType;
  -import org.jboss.seam.Seam;
   import org.jboss.seam.annotations.Install;
   import org.jboss.seam.annotations.Name;
   import org.jboss.seam.annotations.Scope;
  @@ -21,10 +21,6 @@
   @Install(precedence = BUILT_IN, dependencies = "org.jboss.seam.securityManager")
   public class Identity implements Serializable
   {
  -   protected boolean authenticated;
  -
  -   protected boolean valid;
  -   
      protected Principal principal;
      
      protected Subject subject;
  @@ -45,42 +41,37 @@
         if (instance == null)
         {
            throw new IllegalStateException(
  -               "No Identity exists in session scope");
  +               "No Identity could be created");
         }
   
         return instance;
      }
   
  -   public static boolean isSet()
  +   /**
  +    * If there is a principal set, then the user is logged in.
  +    * 
  +    * @return
  +    */
  +   public static boolean loggedIn()
      {
  -      return Contexts.isSessionContextActive()
  -            && Contexts.getSessionContext().isSet(
  -                  Seam.getComponentName(Identity.class));
  +      return instance().getPrincipal() != null;
      }
   
      public Principal getPrincipal()
      {
  -      return principal;
  -   }
  -   
  -   public Subject getSubject()
  -   {
  -      return subject;
  -   }
  -
  -   public final boolean isAuthenticated()
  +      if (principal == null)
      {
  -      return authenticated;
  +         Set<SimplePrincipal> principals = subject.getPrincipals(SimplePrincipal.class);
  +         if (!principals.isEmpty())
  +            principal = principals.iterator().next();
      }
   
  -   public final boolean isValid()
  -   {
  -      return valid;
  +      return principal;
      }
   
  -   public final void invalidate()
  +   public Subject getSubject()
      {
  -      valid = false;
  +      return subject;
      }
   
      /**
  @@ -92,11 +83,14 @@
       */
      public boolean isUserInRole(String role)
      {
  -//      for (Role r : getRoles())
  -//      {
  -//         if (r.getName().equals(role))
  -//            return true;
  -//      }
  +      for (SimpleGroup sg : subject.getPrincipals(SimpleGroup.class))      
  +      {
  +         if ("roles".equals(sg.getName()))
  +         {
  +            return sg.isMember(new SimplePrincipal(role));
  +         }
  +      }
  +      
         return false;
      }
   }
  
  
  
  1.35      +42 -17    jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: SeamSecurityManager.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java,v
  retrieving revision 1.34
  retrieving revision 1.35
  diff -u -b -r1.34 -r1.35
  --- SeamSecurityManager.java	8 Jan 2007 03:49:23 -0000	1.34
  +++ SeamSecurityManager.java	8 Jan 2007 12:48:00 -0000	1.35
  @@ -3,11 +3,17 @@
   import static org.jboss.seam.ScopeType.APPLICATION;
   import static org.jboss.seam.annotations.Install.BUILT_IN;
   
  +import java.io.IOException;
   import java.io.InputStream;
   import java.io.InputStreamReader;
   import java.util.ArrayList;
   import java.util.List;
   
  +import javax.security.auth.callback.Callback;
  +import javax.security.auth.callback.CallbackHandler;
  +import javax.security.auth.callback.NameCallback;
  +import javax.security.auth.callback.PasswordCallback;
  +import javax.security.auth.callback.UnsupportedCallbackException;
   import javax.security.auth.login.LoginContext;
   import javax.security.auth.login.LoginException;
   
  @@ -130,11 +136,7 @@
            return false;
         }
   
  -      Identity ident = Identity.instance();
  -      if (!ident.isValid())
  -         return false;
  -      
  -      return ident.isUserInRole(name);
  +      return Identity.instance().isUserInRole(name);
      }
   
      /**
  @@ -181,25 +183,24 @@
         if (!Contexts.isSessionContextActive())
            throw new IllegalStateException("No active session context found.");
   
  -      Identity ident = Identity.isSet() ? Identity.instance() : null;
         WorkingMemory wm;
         
         if (Contexts.getSessionContext().isSet(SECURITY_CONTEXT_NAME))
            wm = (WorkingMemory) Contexts.getSessionContext().get(SECURITY_CONTEXT_NAME);
         else         
         {
  -         if (ident != null && !ident.isValid())
  -            throw new IllegalStateException("Authenticated Identity is not valid");
  -
            wm = securityRules.newWorkingMemory();
            Contexts.getSessionContext().set(SECURITY_CONTEXT_NAME, wm);
         }
         
  +      // TODO - Re the following; don't assert the Identity, instead assert its
  +      // Principals/Roles ?
  +      
         // Assert the identity into the working memory if one exists and it hasn't
         // been asserted before
  -      if (ident != null && wm.getObjects(ident.getClass()).isEmpty())
  +      if (wm.getObjects(Identity.instance().getClass()).isEmpty())
         {
  -         wm.assertObject(ident);
  +         wm.assertObject(Identity.instance());
   
            // TODO roles no longer come from the identity 
   //         for (Role r : ident.getRoles())
  @@ -214,12 +215,36 @@
      public LoginContext createLoginContext()
          throws LoginException
      {
  -      if (!Identity.isSet())
  -         Contexts.getSessionContext().set(Seam.getComponentName(Identity.class), 
  -               new Identity());
  +      return createLoginContext(null);
  +   }
         
  +   public LoginContext createLoginContext(CallbackHandler cbHandler)
  +       throws LoginException
  +   {     
         return new LoginContext(SecurityConfiguration.LOGIN_MODULE_NAME, 
  -            Identity.instance().getSubject(), null,
  +            Identity.instance().getSubject(), cbHandler,
               SecurityConfiguration.instance().getLoginModuleConfiguration());
      }
  +   
  +   public CallbackHandler createCallbackHandler(final String username, 
  +         final String password)
  +   {
  +      return new CallbackHandler() {
  +         public void handle(Callback[] callbacks) 
  +            throws IOException, UnsupportedCallbackException 
  +         {
  +            for (int i = 0; i < callbacks.length; i++)
  +            {
  +               if (callbacks[i] instanceof NameCallback)
  +                  ((NameCallback) callbacks[i]).setName(username);
  +               else if (callbacks[i] instanceof PasswordCallback)
  +                  ((PasswordCallback) callbacks[i]).setPassword(password.toCharArray());
  +               else
  +                  throw new UnsupportedCallbackException(callbacks[i],
  +                        "Unsupported callback");
  +            }
  +            
  +         }
  +      };
  +   }
   }

More information about the jboss-cvs-commits mailing list