[jboss-cvs] JBossAS SVN: r70498 - in projects/security/security-negotiation/trunk/NegotiationToolkit: src/main/org/jboss/security/negotiation/toolkit and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Mar 6 12:04:01 EST 2008
Author: darran.lofthouse at jboss.com
Date: 2008-03-06 12:04:01 -0500 (Thu, 06 Mar 2008)
New Revision: 70498
Added:
projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java
Modified:
projects/security/security-negotiation/trunk/NegotiationToolkit/descriptors/web.xml
Log:
[SECURITY-150] servlet to test the security domain required by the server.
Modified: projects/security/security-negotiation/trunk/NegotiationToolkit/descriptors/web.xml
===================================================================
--- projects/security/security-negotiation/trunk/NegotiationToolkit/descriptors/web.xml 2008-03-06 17:00:38 UTC (rev 70497)
+++ projects/security/security-negotiation/trunk/NegotiationToolkit/descriptors/web.xml 2008-03-06 17:04:01 UTC (rev 70498)
@@ -10,9 +10,20 @@
</servlet-class>
</servlet>
+ <servlet>
+ <servlet-name>SecurityDomainTest</servlet-name>
+ <servlet-class>
+ org.jboss.security.negotiation.toolkit.SecurityDomainTestServlet
+ </servlet-class>
+ </servlet>
+
<servlet-mapping>
<servlet-name>BasicNegotiation</servlet-name>
<url-pattern>/BasicNegotiation</url-pattern>
</servlet-mapping>
-
+ <servlet-mapping>
+ <servlet-name>SecurityDomainTest</servlet-name>
+ <url-pattern>/SecurityDomainTest</url-pattern>
+ </servlet-mapping>
+
</web-app>
\ No newline at end of file
Added: projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java
===================================================================
--- projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java (rev 0)
+++ projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java 2008-03-06 17:04:01 UTC (rev 70498)
@@ -0,0 +1,150 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ *
+ * Copyright 2007, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.security.negotiation.toolkit;
+
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.log4j.Logger;
+
+/**
+ * A servlet to test that the security domain required by the authenticator
+ * can successfully authenticate.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @version $Revision$
+ */
+public class SecurityDomainTestServlet extends HttpServlet
+{
+
+ private static final long serialVersionUID = -3129778766905747055L;
+
+ private static final Logger log = Logger.getLogger(SecurityDomainTestServlet.class);
+
+ @Override
+ protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException,
+ IOException
+ {
+ String securityDomain = req.getParameter("securityDomain");
+
+ PrintWriter writer = resp.getWriter();
+
+ writer.println("<html>");
+ writer.println(" <head>");
+ writer.println(" <title>Negotiation Toolkit</title>");
+ writer.println(" </head>");
+ writer.println(" <body>");
+ writer.println(" <h1>Negotiation Toolkit</h1>");
+ writer.println(" <h2>Security Domain Test</h2>");
+
+ if (securityDomain == null)
+ {
+ displayForm(writer);
+ }
+ else
+ {
+ testDomain(securityDomain, writer);
+ }
+
+ writer.println(" </body>");
+ writer.println("</html>");
+ writer.flush();
+ }
+
+ private void displayForm(final PrintWriter writer)
+ {
+ writer
+ .println(" <p>Please enter the name of the security-domain used for the server to authenticate itself.</p>");
+ writer.println(" <p>");
+ writer.println(" <form method='get'>");
+ writer.println(" Security Domain <input type='text' name='securityDomain' value='host'><br>");
+ writer.println(" <br><input type='submit' value='Test'>");
+ writer.println(" </form>");
+ writer.println(" </p>");
+ }
+
+ private void testDomain(final String securityDomain, final PrintWriter writer)
+ {
+ writer.print("<p>Testing security-domain '");
+ writer.print(securityDomain);
+ writer.println("'</p>");
+
+ try
+ {
+ LoginContext context = new LoginContext(securityDomain);
+ log.debug("Obtained LoginContext for '" + securityDomain + "' security-domain.");
+
+ context.login();
+ writer.println("<h4>Authenticated</h4>");
+
+ Subject subject = context.getSubject();
+
+ ByteArrayInputStream bais = new ByteArrayInputStream(String.valueOf(subject).getBytes());
+ InputStreamReader isr = new InputStreamReader(bais);
+ BufferedReader br = new BufferedReader(isr);
+
+ writer.println("<code>");
+ String currentLine;
+ while ((currentLine = br.readLine()) != null)
+ {
+ writer.print(currentLine);
+ writer.println("<br>");
+ }
+ writer.println("</code>");
+
+ context.logout();
+ log.debug("logged out.");
+ }
+ catch (Exception e)
+ {
+ // TODO - Output full exception detail.
+ writer.println("<h5>Failed!</h5>");
+ writer.print("<p>");
+ writer.print(e.getClass().getName());
+ writer.print(" - ");
+ writer.print(e.getMessage());
+ writer.println("</p>");
+
+ log.error("testDomain Failed", e);
+ }
+ }
+
+ @Override
+ protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException,
+ IOException
+ {
+ // Handle POST the same as GET.
+ doGet(req, resp);
+ }
+}
Property changes on: projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
More information about the jboss-cvs-commits
mailing list