[jboss-cvs] JBossAS SVN: r66516 - in trunk/tomcat/src/main/org/jboss/web/tomcat: service/deployers and 1 other directory.

Sat Oct 27 04:49:08 EDT 2007

Author: scott.stark at jboss.org
Date: 2007-10-27 04:49:07 -0400 (Sat, 27 Oct 2007)
New Revision: 66516

Modified:
   trunk/tomcat/src/main/org/jboss/web/tomcat/security/RunAsListener.java
   trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationValve.java
   trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/JBossContextConfig.java
Log:
Fix NPE in JBossContextConfig and update security role principal name usage

Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/RunAsListener.java
===================================================================

--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/RunAsListener.java	2007-10-27 08:23:57 UTC (rev 66515)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/RunAsListener.java	2007-10-27 08:49:07 UTC (rev 66516)
@@ -22,6 +22,7 @@
 package org.jboss.web.tomcat.security;
 
 import java.security.PrivilegedActionException;
+import java.util.Set;
 
 import org.apache.catalina.InstanceEvent;
 import org.apache.catalina.InstanceListener;
@@ -29,6 +30,7 @@
 import org.jboss.logging.Logger;
 import org.jboss.metadata.javaee.spec.SecurityRoleMetaData;
 import org.jboss.metadata.web.jboss.JBossWebMetaData;
+import org.jboss.metadata.web.spec.ServletMetaData;
 import org.jboss.security.RunAsIdentity;
 import org.jboss.security.SecurityConstants;
 import org.jboss.security.SecurityContext;
@@ -70,15 +72,21 @@
       {
          boolean trace = log.isTraceEnabled();
          String name = servlet.getName();
+         ServletMetaData servletMD = metaData.getServlets().get(name);
          SecurityRoleMetaData identity = metaData.getRunAsIdentity(name);
          RunAsIdentity runAsIdentity = null;
          if(identity != null)
          {
-            String principalName = identity.getPrincipalName();
-            if (principalName == null)
-               principalName = identity.getRoleName();
-            runAsIdentity = new RunAsIdentity(identity.getRoleName(), principalName, 
-                  identity.getPrincipals());             
+            String principalName = null; // TODO: servletMD.getRunAsPrincipal();
+            if (principalName != null)
+            {
+               Set<String> extraRoles = identity.getPrincipals();
+               runAsIdentity = new RunAsIdentity(identity.getRoleName(), principalName, extraRoles);
+            }
+            else
+            {
+               runAsIdentity = new RunAsIdentity(identity.getRoleName(), null);
+            }
          }
          
          if (trace)

Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationValve.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationValve.java	2007-10-27 08:23:57 UTC (rev 66515)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationValve.java	2007-10-27 08:49:07 UTC (rev 66516)
@@ -23,6 +23,8 @@
 
 import java.io.IOException;
 import java.security.Principal;
+import java.util.Set;
+
 import javax.naming.InitialContext;
 import javax.naming.NamingException;
 import javax.servlet.ServletException;
@@ -38,6 +40,7 @@
 import org.jboss.logging.Logger;
 import org.jboss.metadata.javaee.spec.SecurityRoleMetaData;
 import org.jboss.metadata.web.jboss.JBossWebMetaData;
+import org.jboss.metadata.web.spec.ServletMetaData;
 import org.jboss.security.AuthenticationManager;
 import org.jboss.security.RunAsIdentity;   
 import org.jboss.security.plugins.JaasSecurityManagerServiceMBean; 
@@ -114,18 +117,25 @@
             if (servlet != null)
             {
                String name = servlet.getName();
+               ServletMetaData servletMD = metaData.getServlets().get(name);
                SecurityRoleMetaData identity = metaData.getRunAsIdentity(name);
-               RunAsIdentity runAs = null;
-               if (identity != null)
+               RunAsIdentity runAsIdentity = null;
+               if(identity != null)
                {
                   if (trace)
                      log.trace(name + ", runAs: " + identity);
-                  String principalName = identity.getPrincipalName();
-                  if (principalName == null)
-                     principalName = identity.getRoleName();
-                  runAs = new RunAsIdentity(identity.getRoleName(), principalName, identity.getPrincipals());
+                  String principalName = null; // TODO: servletMD.getRunAsPrincipal();
+                  if (principalName != null)
+                  {
+                     Set<String> extraRoles = identity.getPrincipals();
+                     runAsIdentity = new RunAsIdentity(identity.getRoleName(), principalName, extraRoles);
+                  }
+                  else
+                  {
+                     runAsIdentity = new RunAsIdentity(identity.getRoleName(), null);
+                  }
                }
-               SecurityAssociationActions.pushRunAsIdentity(runAs); 
+               SecurityAssociationActions.pushRunAsIdentity(runAsIdentity); 
             }
             userPrincipal.set(caller);
 

Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/JBossContextConfig.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/JBossContextConfig.java	2007-10-27 08:23:57 UTC (rev 66515)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/JBossContextConfig.java	2007-10-27 08:49:07 UTC (rev 66516)
@@ -142,6 +142,7 @@
        			new org.apache.catalina.deploy.FilterDef();
        		filterDef.setFilterName(value.getName());
        		filterDef.setFilterClass(value.getFilterClass());
+            if(value.getInitParam() != null)
             for(ParamValueMetaData param : value.getInitParam())
             {
                filterDef.addInitParameter(param.getParamName(), param.getParamValue());


