[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...
Shane Bryzak
Shane_Bryzak at symantec.com
Mon Jan 8 07:48:00 EST 2007
User: sbryzak2
Date: 07/01/08 07:48:00
Modified: src/main/org/jboss/seam/security Identity.java
SeamSecurityManager.java
Removed: src/main/org/jboss/seam/security Role.java
Log:
finished JAAS authentication changes
Revision Changes Path
1.8 +26 -32 jboss-seam/src/main/org/jboss/seam/security/Identity.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: Identity.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/Identity.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -b -r1.7 -r1.8
--- Identity.java 8 Jan 2007 02:55:40 -0000 1.7
+++ Identity.java 8 Jan 2007 12:48:00 -0000 1.8
@@ -5,12 +5,12 @@
import java.io.Serializable;
import java.security.Principal;
+import java.util.Set;
import javax.security.auth.Subject;
import org.jboss.seam.Component;
import org.jboss.seam.ScopeType;
-import org.jboss.seam.Seam;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
@@ -21,10 +21,6 @@
@Install(precedence = BUILT_IN, dependencies = "org.jboss.seam.securityManager")
public class Identity implements Serializable
{
- protected boolean authenticated;
-
- protected boolean valid;
-
protected Principal principal;
protected Subject subject;
@@ -45,42 +41,37 @@
if (instance == null)
{
throw new IllegalStateException(
- "No Identity exists in session scope");
+ "No Identity could be created");
}
return instance;
}
- public static boolean isSet()
+ /**
+ * If there is a principal set, then the user is logged in.
+ *
+ * @return
+ */
+ public static boolean loggedIn()
{
- return Contexts.isSessionContextActive()
- && Contexts.getSessionContext().isSet(
- Seam.getComponentName(Identity.class));
+ return instance().getPrincipal() != null;
}
public Principal getPrincipal()
{
- return principal;
- }
-
- public Subject getSubject()
- {
- return subject;
- }
-
- public final boolean isAuthenticated()
+ if (principal == null)
{
- return authenticated;
+ Set<SimplePrincipal> principals = subject.getPrincipals(SimplePrincipal.class);
+ if (!principals.isEmpty())
+ principal = principals.iterator().next();
}
- public final boolean isValid()
- {
- return valid;
+ return principal;
}
- public final void invalidate()
+ public Subject getSubject()
{
- valid = false;
+ return subject;
}
/**
@@ -92,11 +83,14 @@
*/
public boolean isUserInRole(String role)
{
-// for (Role r : getRoles())
-// {
-// if (r.getName().equals(role))
-// return true;
-// }
+ for (SimpleGroup sg : subject.getPrincipals(SimpleGroup.class))
+ {
+ if ("roles".equals(sg.getName()))
+ {
+ return sg.isMember(new SimplePrincipal(role));
+ }
+ }
+
return false;
}
}
1.35 +42 -17 jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SeamSecurityManager.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -b -r1.34 -r1.35
--- SeamSecurityManager.java 8 Jan 2007 03:49:23 -0000 1.34
+++ SeamSecurityManager.java 8 Jan 2007 12:48:00 -0000 1.35
@@ -3,11 +3,17 @@
import static org.jboss.seam.ScopeType.APPLICATION;
import static org.jboss.seam.annotations.Install.BUILT_IN;
+import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.List;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
@@ -130,11 +136,7 @@
return false;
}
- Identity ident = Identity.instance();
- if (!ident.isValid())
- return false;
-
- return ident.isUserInRole(name);
+ return Identity.instance().isUserInRole(name);
}
/**
@@ -181,25 +183,24 @@
if (!Contexts.isSessionContextActive())
throw new IllegalStateException("No active session context found.");
- Identity ident = Identity.isSet() ? Identity.instance() : null;
WorkingMemory wm;
if (Contexts.getSessionContext().isSet(SECURITY_CONTEXT_NAME))
wm = (WorkingMemory) Contexts.getSessionContext().get(SECURITY_CONTEXT_NAME);
else
{
- if (ident != null && !ident.isValid())
- throw new IllegalStateException("Authenticated Identity is not valid");
-
wm = securityRules.newWorkingMemory();
Contexts.getSessionContext().set(SECURITY_CONTEXT_NAME, wm);
}
+ // TODO - Re the following; don't assert the Identity, instead assert its
+ // Principals/Roles ?
+
// Assert the identity into the working memory if one exists and it hasn't
// been asserted before
- if (ident != null && wm.getObjects(ident.getClass()).isEmpty())
+ if (wm.getObjects(Identity.instance().getClass()).isEmpty())
{
- wm.assertObject(ident);
+ wm.assertObject(Identity.instance());
// TODO roles no longer come from the identity
// for (Role r : ident.getRoles())
@@ -214,12 +215,36 @@
public LoginContext createLoginContext()
throws LoginException
{
- if (!Identity.isSet())
- Contexts.getSessionContext().set(Seam.getComponentName(Identity.class),
- new Identity());
+ return createLoginContext(null);
+ }
+ public LoginContext createLoginContext(CallbackHandler cbHandler)
+ throws LoginException
+ {
return new LoginContext(SecurityConfiguration.LOGIN_MODULE_NAME,
- Identity.instance().getSubject(), null,
+ Identity.instance().getSubject(), cbHandler,
SecurityConfiguration.instance().getLoginModuleConfiguration());
}
+
+ public CallbackHandler createCallbackHandler(final String username,
+ final String password)
+ {
+ return new CallbackHandler() {
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException
+ {
+ for (int i = 0; i < callbacks.length; i++)
+ {
+ if (callbacks[i] instanceof NameCallback)
+ ((NameCallback) callbacks[i]).setName(username);
+ else if (callbacks[i] instanceof PasswordCallback)
+ ((PasswordCallback) callbacks[i]).setPassword(password.toCharArray());
+ else
+ throw new UnsupportedCallbackException(callbacks[i],
+ "Unsupported callback");
+ }
+
+ }
+ };
+ }
}
More information about the jboss-cvs-commits
mailing list