[jboss-cvs] JBossAS SVN: r81591 - in projects/security/security-jboss-sx/trunk/jbosssx/src: main/java/org/jboss/security/auth/container/modules and 6 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 25 21:40:35 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-11-25 21:40:35 -0500 (Tue, 25 Nov 2008)
New Revision: 81591
Added:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/callback/JBossCallbackHandler.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/jaas/JBossCallbackHandlerUnitTestCase.java
Modified:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/container/modules/HttpServletServerAuthModule.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/message/config/JBossServerAuthConfig.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossSecurityContext.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/auth/JaasSecurityManagerBase.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/auth/SynchronizedJaasSecurityManager.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/WebJASPIAuthMgrUnitTestCase.java
projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/securitycontext/SecurityContextTestCase.java
Log:
SECURITY-333:
SECURITY-333:
Added: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/callback/JBossCallbackHandler.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/callback/JBossCallbackHandler.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/callback/JBossCallbackHandler.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -0,0 +1,172 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.auth.callback;
+
+import java.io.IOException;
+import java.io.Serializable;
+import java.lang.reflect.Method;
+import java.security.Principal;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.jacc.PolicyContextException;
+
+/**
+ * Serializable Callback Handler
+ * @author Anil.Saldhana at redhat.com
+ * @since 25 November 2008
+ */
+public class JBossCallbackHandler implements CallbackHandler, Serializable
+{
+ private static final long serialVersionUID = 1L;
+
+ private Principal principal;
+ private Object credential;
+
+ public JBossCallbackHandler()
+ {
+ }
+
+ /** Initialize the UsernamePasswordHandler with the principal
+ and credentials to use.
+ */
+ public JBossCallbackHandler(Principal principal, Object credential)
+ {
+ this.principal = principal;
+ this.credential = credential;
+ }
+
+ public void setSecurityInfo(Principal principal, Object credential)
+ {
+ this.principal = principal;
+ this.credential = credential;
+ }
+
+ /** Handles SecurityAssociationCallback, ObjectCallback, NameCallback and
+ PasswordCallback types. A NameCallback name property is set to
+ the Prinicpal.getName() value. A PasswordCallback password property is
+ set to the getPassword() value. The preferred SecurityAssociationCallback
+ has its principal and credential properties set to the instance principal
+ and credential. An ObjectCallback has its credential set to the credential
+ value.
+
+ @see #getPassword()
+ @exception UnsupportedCallbackException - thrown if any callback of
+ type other than SecurityAssociationCallback, ObjectCallback, NameCallback
+ or PasswordCallback are seen.
+ */
+ public void handle(Callback[] callbacks) throws
+ UnsupportedCallbackException, IOException
+ {
+ for (int i = 0; i < callbacks.length; i++)
+ {
+ Callback c = callbacks[i];
+ if (c instanceof SecurityAssociationCallback)
+ {
+ SecurityAssociationCallback sac = (SecurityAssociationCallback) c;
+ sac.setPrincipal(principal);
+ sac.setCredential(credential);
+ }
+ else if (c instanceof ObjectCallback)
+ {
+ ObjectCallback oc = (ObjectCallback) c;
+ oc.setCredential(credential);
+ }
+ else if (c instanceof NameCallback)
+ {
+ NameCallback nc = (NameCallback) c;
+ if (principal != null)
+ nc.setName(principal.getName());
+ }
+ else if (c instanceof PasswordCallback)
+ {
+ PasswordCallback pc = (PasswordCallback) c;
+ char[] password = getPassword();
+ if (password != null)
+ pc.setPassword(password);
+ }
+ else
+ {
+ // Try the JACC context CallbackHandler
+ try
+ {
+ CallbackHandler handler = SecurityActions.getContextCallbackHandler();
+ if( handler != null )
+ {
+ Callback[] unknown = {c};
+ handler.handle(unknown);
+ return;
+ }
+ }
+ catch (PolicyContextException e)
+ {
+ }
+ throw new UnsupportedCallbackException(c, "Unrecognized Callback");
+ }
+ }
+ }
+
+ /** Try to convert the credential value into a char[] using the
+ first of the following attempts which succeeds:
+
+ 1. Check for instanceof char[]
+ 2. Check for instanceof String and then use toCharArray()
+ 3. See if credential has a toCharArray() method and use it
+ 4. Use toString() followed by toCharArray().
+ @return a char[] representation of the credential.
+ */
+ private char[] getPassword()
+ {
+ char[] password = null;
+ if (credential instanceof char[])
+ {
+ password = (char[]) credential;
+ }
+ else if (credential instanceof String)
+ {
+ String s = (String) credential;
+ password = s.toCharArray();
+ }
+ else
+ {
+ try
+ {
+ Class<?>[] types = {};
+ Method m = credential.getClass().getMethod("toCharArray", types);
+ Object[] args = {};
+ password = (char[]) m.invoke(credential, args);
+ }
+ catch (Exception e)
+ {
+ if (credential != null)
+ {
+ String s = credential.toString();
+ password = s.toCharArray();
+ }
+ }
+ }
+ return password;
+ }
+}
\ No newline at end of file
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/container/modules/HttpServletServerAuthModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/container/modules/HttpServletServerAuthModule.java 2008-11-26 02:38:30 UTC (rev 81590)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/container/modules/HttpServletServerAuthModule.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -31,7 +31,7 @@
import javax.servlet.http.HttpServletResponse;
import org.jboss.security.SimplePrincipal;
-import org.jboss.security.auth.callback.SecurityAssociationHandler;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
//$Id$
@@ -58,7 +58,7 @@
@Override
protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
{
- callbackHandler = new SecurityAssociationHandler(getUserName(messageInfo),
+ callbackHandler = new JBossCallbackHandler(getUserName(messageInfo),
getCredential(messageInfo));
return super.validate(clientSubject, messageInfo);
}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/message/config/JBossServerAuthConfig.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/message/config/JBossServerAuthConfig.java 2008-11-26 02:38:30 UTC (rev 81590)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/auth/message/config/JBossServerAuthConfig.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -38,7 +38,7 @@
import org.jboss.security.SecurityConstants;
import org.jboss.security.SecurityContext;
-import org.jboss.security.auth.callback.SecurityAssociationHandler;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
import org.jboss.security.auth.container.config.AuthModuleEntry;
import org.jboss.security.auth.container.modules.DelegatingServerAuthModule;
import org.jboss.security.auth.login.AuthenticationInfo;
@@ -60,7 +60,7 @@
{
private String layer;
private String contextId;
- private CallbackHandler callbackHandler = new SecurityAssociationHandler();
+ private CallbackHandler callbackHandler = new JBossCallbackHandler();
@SuppressWarnings("unchecked")
private List modules = new ArrayList();
@SuppressWarnings({"unused", "unchecked"})
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossSecurityContext.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossSecurityContext.java 2008-11-26 02:38:30 UTC (rev 81590)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/JBossSecurityContext.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -28,7 +28,7 @@
import org.jboss.security.SecurityManagerLocator;
import org.jboss.security.SubjectInfo;
import org.jboss.security.audit.AuditManager;
-import org.jboss.security.auth.callback.SecurityAssociationHandler;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
import org.jboss.security.identitytrust.IdentityTrustManager;
import org.jboss.security.mapping.MappingManager;
@@ -79,13 +79,16 @@
protected ISecurityManagement iSecurityManagement;
- protected CallbackHandler callbackHandler = new SecurityAssociationHandler();
+ protected transient CallbackHandler callbackHandler = new JBossCallbackHandler();
- protected SecurityContextUtil util = null;
+ protected transient SecurityContextUtil util = null;
public JBossSecurityContext(String securityDomain)
{
this.securityDomain = securityDomain;
+ if(this.callbackHandler == null)
+ this.callbackHandler = new JBossCallbackHandler();
+
iSecurityManagement = new DefaultSecurityManagement(this.callbackHandler);
util = getUtil();
//Create a null subjectinfo as default
@@ -345,4 +348,4 @@
}
return super.clone();
}
-}
+}
\ No newline at end of file
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/auth/JaasSecurityManagerBase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/auth/JaasSecurityManagerBase.java 2008-11-26 02:38:30 UTC (rev 81590)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/auth/JaasSecurityManagerBase.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -45,7 +45,7 @@
import org.jboss.security.SecurityContextAssociation;
import org.jboss.security.SecurityUtil;
import org.jboss.security.SubjectSecurityManager;
-import org.jboss.security.auth.callback.SecurityAssociationHandler;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
import org.jboss.util.CachePolicy;
import org.jboss.util.TimedCachePolicy;
@@ -222,7 +222,7 @@
*/
public JaasSecurityManagerBase()
{
- this("other", new SecurityAssociationHandler());
+ this("other", new JBossCallbackHandler());
}
/** Creates a JaasSecurityManager for with a securityDomain
name of that given by the 'securityDomain' argument.
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/auth/SynchronizedJaasSecurityManager.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/auth/SynchronizedJaasSecurityManager.java 2008-11-26 02:38:30 UTC (rev 81590)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/security/plugins/auth/SynchronizedJaasSecurityManager.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -45,7 +45,7 @@
import org.jboss.security.SecurityContextAssociation;
import org.jboss.security.SecurityUtil;
import org.jboss.security.SubjectSecurityManager;
-import org.jboss.security.auth.callback.SecurityAssociationHandler;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
import org.jboss.security.plugins.auth.JaasSecurityManagerBase.DomainInfo;
import org.jboss.util.CachePolicy;
import org.jboss.util.TimedCachePolicy;
@@ -98,7 +98,7 @@
*/
public SynchronizedJaasSecurityManager()
{
- this("other", new SecurityAssociationHandler());
+ this("other", new JBossCallbackHandler());
}
/** Creates a JaasSecurityManager for with a securityDomain
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/WebJASPIAuthMgrUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/WebJASPIAuthMgrUnitTestCase.java 2008-11-26 02:38:30 UTC (rev 81590)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/WebJASPIAuthMgrUnitTestCase.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -32,7 +32,7 @@
import org.jboss.security.ServerAuthenticationManager;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.auth.callback.AppCallbackHandler;
-import org.jboss.security.auth.callback.SecurityAssociationHandler;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
import org.jboss.security.auth.login.XMLLoginConfigImpl;
import org.jboss.security.auth.message.GenericMessageInfo;
import org.jboss.security.plugins.JBossSecurityContext;
@@ -68,7 +68,7 @@
HttpServletRequest hsr = getHttpServletRequest("jduke", "theduke");
MessageInfo mi = new GenericMessageInfo(hsr, (HttpServletResponse) null);
ServerAuthenticationManager am = new JASPIServerAuthenticationManager(securityDomain, acbh);
- assertTrue(am.isValid(mi, (Subject)null, "HTTP", new SecurityAssociationHandler()));
+ assertTrue(am.isValid(mi, (Subject)null, "HTTP", new JBossCallbackHandler()));
}
@Override
Added: projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/jaas/JBossCallbackHandlerUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/jaas/JBossCallbackHandlerUnitTestCase.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/jaas/JBossCallbackHandlerUnitTestCase.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -0,0 +1,99 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaas;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.jboss.security.auth.callback.ObjectCallback;
+import org.jboss.security.auth.callback.SecurityAssociationCallback;
+import org.jboss.security.plugins.JBossSecurityContext;
+
+import junit.framework.TestCase;
+
+/**
+ * Unit Test the JBossCallbackHandler
+ * @author Anil.Saldhana at redhat.com
+ * @since 25 November 2008
+ */
+public class JBossCallbackHandlerUnitTestCase extends TestCase
+{
+ public void testCtr() throws Exception
+ {
+ JBossCallbackHandler cbh = new JBossCallbackHandler(new SimplePrincipal("anil"), "testpass");
+ validate(cbh);
+ }
+
+ public void testSetSecurityInfo() throws Exception
+ {
+ JBossCallbackHandler cbh = new JBossCallbackHandler();
+ cbh.setSecurityInfo(new SimplePrincipal("anil"), "testpass");
+ validate(cbh);
+ }
+
+ public void testSerializability() throws Exception
+ {
+ JBossCallbackHandler cbh = new JBossCallbackHandler();
+ cbh.setSecurityInfo(new SimplePrincipal("anil"), "testpass");
+
+ // Serialize to a byte array
+ ByteArrayOutputStream bos = new ByteArrayOutputStream() ;
+ ObjectOutputStream out = new ObjectOutputStream(bos) ;
+ out.writeObject(cbh);
+ out.close();
+
+ //Deserialize from a byte array
+ JBossCallbackHandler otherCBH = null;
+ ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(bos.toByteArray()));
+ otherCBH = (JBossCallbackHandler) in.readObject();
+ in.close();
+ assertNotNull("The deserialized cbh is not null:", otherCBH);
+ validate(otherCBH);
+ }
+
+ private void validate(JBossCallbackHandler cbh) throws Exception
+ {
+ SecurityAssociationCallback sacb = new SecurityAssociationCallback();
+ NameCallback ncb = new NameCallback("Enter Name");
+ ObjectCallback ocb = new ObjectCallback("Enter pass");
+ PasswordCallback passcb = new PasswordCallback("Enter pass", false);
+
+ Callback[] callbacks = new Callback[] {sacb, ncb, ocb, passcb};
+
+ cbh.handle(callbacks);
+
+ assertEquals("anil", sacb.getPrincipal().getName());
+ assertEquals("testpass", sacb.getCredential());
+
+ assertEquals("anil", ncb.getName());
+ assertEquals("testpass", ocb.getCredential());
+ assertEquals("testpass", new String(passcb.getPassword()));
+ }
+}
\ No newline at end of file
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/securitycontext/SecurityContextTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/securitycontext/SecurityContextTestCase.java 2008-11-26 02:38:30 UTC (rev 81590)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/securitycontext/SecurityContextTestCase.java 2008-11-26 02:40:35 UTC (rev 81591)
@@ -21,6 +21,10 @@
*/
package org.jboss.test.securitycontext;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
import java.util.List;
import javax.security.auth.Subject;
@@ -39,6 +43,7 @@
import org.jboss.security.mapping.MappingContext;
import org.jboss.security.mapping.providers.DeploymentRolesMappingProvider;
import org.jboss.security.plugins.JBossSecurityContext;
+import org.jboss.security.plugins.JBossSecurityContextUtil;
/**
@@ -91,6 +96,8 @@
{
SecurityContext sc = SecurityContextFactory.createSecurityContext(securityDomain);
assertTrue("Instance of JBossSecurityContext", sc instanceof JBossSecurityContext);
+ assertTrue("Instance of JBossSecurityContextUtil", sc.getUtil() instanceof JBossSecurityContextUtil);
+
//Create an instance of TestSecurityContext
sc = SecurityContextFactory.createSecurityContext(securityDomain,
TestSecurityContext.class.getName());
@@ -124,4 +131,24 @@
assertNotNull(scRoles);
assertTrue(scRoles.containsAll(new SimpleRole("testRole")));
}
+
+ //Validates JBossSecurityContext is serializable
+ public void testJBossSecurityContextSerialization() throws Exception
+ {
+ JBossSecurityContext jsc = new JBossSecurityContext("other");
+
+ // Serialize to a byte array
+ ByteArrayOutputStream bos = new ByteArrayOutputStream() ;
+ ObjectOutputStream out = new ObjectOutputStream(bos) ;
+ out.writeObject(jsc);
+ out.close();
+
+ //Deserialize from a byte array
+ JBossSecurityContext otherSC = null;
+ ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(bos.toByteArray()));
+ otherSC = (JBossSecurityContext) in.readObject();
+ in.close();
+ assertNotNull("The deserialized security context is not null:", otherSC);
+ assertEquals("other", otherSC.getSecurityDomain());
+ }
}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list