[jboss-cvs] JBossAS SVN: r80167 - in trunk: tomcat/src/main/org/jboss/web/tomcat/service/deployers and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Oct 28 17:50:24 EDT 2008
Author: sguilhen at redhat.com
Date: 2008-10-28 17:50:24 -0400 (Tue, 28 Oct 2008)
New Revision: 80167
Modified:
trunk/server/src/main/org/jboss/ejb/EjbModule.java
trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/DeployerConfig.java
trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployer.java
trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java
Log:
SECURITY-258: added code to register/remove ACLs specified in jboss-acl-policy.xml upon deployment/undeployment of web and ejb modules.
Modified: trunk/server/src/main/org/jboss/ejb/EjbModule.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/EjbModule.java 2008-10-28 21:45:40 UTC (rev 80166)
+++ trunk/server/src/main/org/jboss/ejb/EjbModule.java 2008-10-28 21:50:24 UTC (rev 80167)
@@ -1,24 +1,24 @@
/*
-* JBoss, Home of Professional Open Source
-* Copyright 2005, JBoss Inc., and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.ejb;
import java.lang.reflect.Method;
@@ -85,15 +85,14 @@
import org.w3c.dom.Element;
/**
- * An EjbModule represents a collection of beans that are deployed as a
- * unit.
- *
- * <p>The beans may use the EjbModule to access other beans within the same
- * deployment unit.
- *
+ * An EjbModule represents a collection of beans that are deployed as a unit.
+ *
+ * <p>
+ * The beans may use the EjbModule to access other beans within the same deployment unit.
+ *
* @see Container
* @see EJBDeployer
- *
+ *
* @author <a href="mailto:rickard.oberg at telkel.com">Rickard Oberg</a>
* @author <a href="mailto:d_jencks at users.sourceforge.net">David Jencks</a>
* @author <a href="mailto:reverbel at ime.usp.br">Francisco Reverbel</a>
@@ -191,12 +190,12 @@
this.name = name;
// FIXME all this deployment unit access should be replaced with deployers processing updating the metadata
- //Ask the ejb deployer whether we are call by value
+ // Ask the ejb deployer whether we are call by value
Boolean flag = unit.getAttachment("EJB.callByValue", Boolean.class);
DeploymentUnit temp = unit;
while (flag == null && temp != null)
{
- //Ask the ear deployer whether we are call by value
+ // Ask the ear deployer whether we are call by value
flag = temp.getAttachment("EAR.callByValue", Boolean.class);
if (flag != null)
break;
@@ -205,7 +204,7 @@
if (flag != null)
callByValue = flag.booleanValue();
- //Set the unauthenticated identity on the metadata if absent
+ // Set the unauthenticated identity on the metadata if absent
if (metaData.getUnauthenticatedPrincipal() == null)
{
String unauthenticatedPrincipal = unit.getAttachment("EJB.unauthenticatedIdentity", String.class);
@@ -221,6 +220,7 @@
/**
* @deprecated DeploymentInfo is obsolete
*/
+ @Deprecated
public EjbModule(final DeploymentInfo di, TransactionManager tm, ObjectName webServiceName)
{
this.name = "deprecated";
@@ -283,8 +283,8 @@
/**
* Add a container to this deployment unit.
- *
- * @param con
+ *
+ * @param con
*/
private void addContainer(Container con) throws DeploymentException
{
@@ -298,8 +298,8 @@
/**
* Remove a container from this deployment unit.
- *
- * @param con
+ *
+ * @param con
*/
public void removeContainer(Container con)
{
@@ -334,11 +334,10 @@
/**
* Get a container from this deployment unit that corresponds to a given name
- *
- * @param name ejb-name name defined in ejb-jar.xml
- *
- * @return container for the named bean, or null if the container was
- * not found
+ *
+ * @param name ejb-name name defined in ejb-jar.xml
+ *
+ * @return container for the named bean, or null if the container was not found
*/
public Container getContainer(String name)
{
@@ -347,9 +346,8 @@
/**
* Get all containers in this deployment unit.
- *
- * @return a collection of containers for each enterprise bean in this
- * deployment unit.
+ *
+ * @return a collection of containers for each enterprise bean in this deployment unit.
* @jmx:managed-attribute
*/
public Collection getContainers()
@@ -359,7 +357,7 @@
/**
* Get the class loader of this deployment unit.
- *
+ *
* @return
*/
public ClassLoader getClassLoader()
@@ -369,8 +367,8 @@
/**
* Set the class loader of this deployment unit
- *
- * @param cl
+ *
+ * @param cl
*/
public void setClassLoader(ClassLoader cl)
{
@@ -379,8 +377,8 @@
/**
* Get the URL from which this deployment unit was deployed
- *
- * @return The URL from which this Application was deployed.
+ *
+ * @return The URL from which this Application was deployed.
*/
public URL getURL()
{
@@ -389,6 +387,7 @@
// Service implementation ----------------------------------------
+ @Override
protected void createService() throws Exception
{
serviceController = (ServiceControllerMBean) MBeanProxyExt.create(ServiceControllerMBean.class,
@@ -396,39 +395,39 @@
log.debug("createService, begin");
- //Set up the beans in this module.
+ // Set up the beans in this module.
try
{
Iterator beans = appMetaData.getEnterpriseBeans();
String contextID = appMetaData.getJaccContextID();
if (contextID == null)
contextID = deploymentUnit.getSimpleName();
- //appMetaData.gsetJaccContextID(contextID);
- /*PolicyConfiguration pc = null; */
+ // appMetaData.gsetJaccContextID(contextID);
+ /* PolicyConfiguration pc = null; */
while (beans.hasNext())
{
BeanMetaData bean = (BeanMetaData) beans.next();
log.info("Deploying " + bean.getEjbName());
Container con = createContainer(bean, deploymentUnit);
addContainer(con);
- //@todo support overriding the context id via metadata is needed
+ // @todo support overriding the context id via metadata is needed
con.setJaccContextID(contextID);
}
- //only one iteration should be necessary, but we won't sweat it.
- //2 iterations are needed by cmp...jdbc/bridge/JDBCCMRFieldBridge which
- //assumes persistence managers are all set up for every
- //bean in the relationship!
+ // only one iteration should be necessary, but we won't sweat it.
+ // 2 iterations are needed by cmp...jdbc/bridge/JDBCCMRFieldBridge which
+ // assumes persistence managers are all set up for every
+ // bean in the relationship!
ListIterator iter = containerOrdering.listIterator();
while (iter.hasNext())
{
Container con = (Container) iter.next();
ObjectName jmxName = con.getJmxName();
- /* Add the container mbean to the deployment mbeans so the state
- of the deployment can be tracked.
- */
+ /*
+ * Add the container mbean to the deployment mbeans so the state of the deployment can be tracked.
+ */
server.registerMBean(con, jmxName);
- //deploymentUnit.mbeans.add(jmxName);
+ // deploymentUnit.mbeans.add(jmxName);
BeanMetaData metaData = con.getBeanMetaData();
Collection<ObjectName> depends = new ArrayList<ObjectName>();
for (String dependsName : metaData.getDepends())
@@ -465,10 +464,10 @@
log.debug("Bound jmxName=" + jmxName + ", hash=" + jmxHash + "into Registry");
}
- //Register any available XACML Policies
+ // Register any available XACML Policies
String securityDomain = SecurityUtil.unprefixSecurityDomain(appMetaData.getSecurityDomain());
if (securityDomain == null)
- securityDomain = SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY; //Fallback
+ securityDomain = SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY; // Fallback
VirtualFile xacmlFile = deploymentUnit.getMetaDataFile("jboss-xacml-policy.xml");
if (xacmlFile != null)
{
@@ -477,6 +476,13 @@
policyRegistration.registerPolicy(contextID, PolicyRegistration.XACML, xacmlFile.toURL());
}
}
+
+ // register any available ACL policies.
+ VirtualFile aclPolicyFile = deploymentUnit.getMetaDataFile("jboss-acl-policy.xml");
+ if (aclPolicyFile != null && this.policyRegistration != null)
+ {
+ this.policyRegistration.registerPolicy(contextID, PolicyRegistration.ACL, aclPolicyFile.toURL());
+ }
}
catch (Exception e)
{
@@ -487,13 +493,12 @@
}
/**
- * The mbean Service interface <code>start</code> method calls
- * the start method on each contatiner, then the init method on each
- * container. Conversion to a different registration system with one-phase
- * startup is conceivable.
- *
+ * The mbean Service interface <code>start</code> method calls the start method on each contatiner, then the init
+ * method on each container. Conversion to a different registration system with one-phase startup is conceivable.
+ *
* @exception Exception if an error occurs
*/
+ @Override
protected void startService() throws Exception
{
// before EntityContainer returns from the startService, its PM should be usable
@@ -531,6 +536,7 @@
/**
* Stops all the containers of this application.
*/
+ @Override
protected void stopService() throws Exception
{
ListIterator iter = containerOrdering.listIterator(containerOrdering.size());
@@ -554,6 +560,7 @@
}
}
+ @Override
protected void destroyService() throws Exception
{
WebServiceMBean webServer = null;
@@ -566,10 +573,11 @@
String contextID = appMetaData.getJaccContextID();
if (contextID == null)
contextID = deploymentUnit.getSimpleName();
- //Unregister any xacml policies
+ // Unregister any xacml and acl policies
if (this.policyRegistration != null)
{
- policyRegistration.deRegisterPolicy(contextID, PolicyRegistration.XACML);
+ this.policyRegistration.deRegisterPolicy(contextID, PolicyRegistration.XACML);
+ this.policyRegistration.deRegisterPolicy(contextID, PolicyRegistration.ACL);
}
while (iter.hasPrevious())
@@ -586,7 +594,7 @@
Registry.unbind(new Integer(jmxHash));
// Unregister the web classloader
- //Removing the wcl should probably be done in stop of the container,
+ // Removing the wcl should probably be done in stop of the container,
// but I don't want to look for errors today.
if (webServer != null)
{
@@ -629,7 +637,7 @@
Iterator<String> invokerBindings = con.getBeanMetaData().getInvokerBindings();
while (invokerBindings.hasNext())
{
- String invoker = (String) invokerBindings.next();
+ String invoker = invokerBindings.next();
EJBProxyFactory ci = con.lookupProxyFactory(invoker);
if (ci != null)
{
@@ -758,7 +766,7 @@
// Set persistence manager
container.setPersistenceManager((StatefulSessionPersistenceManager) cl.loadClass(conf.getPersistenceManager())
.newInstance());
- //Set the bean Lock Manager
+ // Set the bean Lock Manager
container.setLockManager(createBeanLockManager(container, false, conf.getLockClass(), cl));
return container;
@@ -781,7 +789,7 @@
ClassLoader cl = unit.getClassLoader();
container.setInstanceCache(createInstanceCache(conf, cl));
container.setInstancePool(createInstancePool(conf, cl));
- //Set the bean Lock Manager
+ // Set the bean Lock Manager
boolean reentrant = ((EntityMetaData) bean).isReentrant();
BeanLockManager lockMgr = createBeanLockManager(container, reentrant, conf.getLockClass(), cl);
container.setLockManager(lockMgr);
@@ -798,7 +806,7 @@
// CMP takes a manager and a store
org.jboss.ejb.plugins.CMPPersistenceManager persistenceManager = new org.jboss.ejb.plugins.CMPPersistenceManager();
- //Load the store from configuration
+ // Load the store from configuration
Class pmClass = cl.loadClass(conf.getPersistenceManager());
EntityPersistenceStore pm = (EntityPersistenceStore) pmClass.newInstance();
persistenceManager.setPersistenceStore(pm);
@@ -820,7 +828,7 @@
DeploymentUnit unit) throws NamingException, DeploymentException
{
// Create local classloader for this container
- // For loading resources that must come from the local jar. Not for loading classes!
+ // For loading resources that must come from the local jar. Not for loading classes!
// The VFS should be used for this
// container.setLocalClassLoader(new URLClassLoader(new URL[0], localCl));
// Set metadata (do it *before* creating the container's WebClassLoader)
@@ -846,8 +854,7 @@
if (webServiceName != null)
{
WebServiceMBean webServer = (WebServiceMBean) MBeanProxyExt.create(WebServiceMBean.class, webServiceName);
- URL[] codebase =
- {webServer.addClassLoader(wcl)};
+ URL[] codebase = {webServer.addClassLoader(wcl)};
wcl.setWebURLs(codebase);
} // end of if ()
@@ -890,7 +897,7 @@
SecurityDomainContext sdc = (SecurityDomainContext) iniCtx.lookup(domainCtx);
Object securityMgr = sdc.getSecurityManager();
- //Object securityMgr = iniCtx.lookup(confSecurityDomain);
+ // Object securityMgr = iniCtx.lookup(confSecurityDomain);
AuthenticationManager ejbS = (AuthenticationManager) securityMgr;
RealmMapping rM = (RealmMapping) securityMgr;
container.setSecurityManager(ejbS);
@@ -982,14 +989,12 @@
}
/**
- * Given a container-interceptors element of a container-configuration,
- * add the indicated interceptors to the container depending on the container
- * transcation type.
- *
- * @param container the container instance to setup.
- * @param transType one of the BMT, CMT or ANY constants.
- * @param element the container-interceptors element from the
- * container-configuration.
+ * Given a container-interceptors element of a container-configuration, add the indicated interceptors to the
+ * container depending on the container transcation type.
+ *
+ * @param container the container instance to setup.
+ * @param transType one of the BMT, CMT or ANY constants.
+ * @param element the container-interceptors element from the container-configuration.
*/
private void addInterceptors(Container container, int transType, Element element) throws DeploymentException
{
@@ -997,17 +1002,17 @@
Iterator interceptorElements = MetaData.getChildrenByTagName(element, "interceptor");
String transTypeString = stringTransactionValue(transType);
ClassLoader loader = container.getClassLoader();
- /* First build the container interceptor stack from interceptorElements
- match transType values
- */
+ /*
+ * First build the container interceptor stack from interceptorElements match transType values
+ */
ArrayList istack = new ArrayList();
while (interceptorElements != null && interceptorElements.hasNext())
{
Element ielement = (Element) interceptorElements.next();
- /* Check that the interceptor is configured for the transaction mode of the bean
- by comparing its 'transaction' attribute to the string representation
- of transType
- */
+ /*
+ * Check that the interceptor is configured for the transaction mode of the bean by comparing its 'transaction'
+ * attribute to the string representation of transType
+ */
String transAttr = ielement.getAttribute("transaction");
if (transAttr == null || transAttr.length() == 0)
transAttr = ANY_VALUE;
@@ -1047,9 +1052,10 @@
container.addInterceptor(interceptor);
}
- /* If there is a security proxy associated with the container add its
- interceptor just before the container interceptor
- */
+ /*
+ * If there is a security proxy associated with the container add its interceptor just before the container
+ * interceptor
+ */
if (container.getSecurityProxy() != null)
container.addInterceptor(new SecurityProxyInterceptor());
@@ -1057,9 +1063,11 @@
container.addInterceptor(container.createContainerInterceptor());
}
- /** Create any JACC permissions for the ejb methods that were not explicitly
- * assigned method-permission or exclude-list mappings.
- * @param con - the ejb container
+ /**
+ * Create any JACC permissions for the ejb methods that were not explicitly assigned method-permission or
+ * exclude-list mappings.
+ *
+ * @param con - the ejb container
* @param bean - the bean metadata
* @throws ClassNotFoundException
* @throws PolicyContextException
@@ -1284,5 +1292,5 @@
}
}
/*
-vim:ts=3:sw=3:et
-*/
+ * vim:ts=3:sw=3:et
+ */
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/DeployerConfig.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/DeployerConfig.java 2008-10-28 21:45:40 UTC (rev 80166)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/DeployerConfig.java 2008-10-28 21:50:24 UTC (rev 80167)
@@ -19,7 +19,7 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
-package org.jboss.web.tomcat.service.deployers;
+package org.jboss.web.tomcat.service.deployers;
import java.net.URL;
@@ -30,7 +30,7 @@
/**
* The tomcat war deployer configuration passed in from the web container.
- *
+ *
* @author Scott.Stark at jboss.org
* @author Anil.Saldhana at redhat.com
* @version $Revision: 56125 $
@@ -41,14 +41,15 @@
* The tomcat sar class loader
*/
private ClassLoader serviceClassLoader;
+
/**
* The domain used for the tomcat mbeans
*/
private String catalinaDomain = "Catalina";
/**
- * The fully qualified name of the class that will be used for session
- * management if <tt>distributable</tt> is set to true.
+ * The fully qualified name of the class that will be used for session management if <tt>distributable</tt> is set
+ * to true.
*/
private String managerClass = "org.jboss.web.tomcat.service.session.JBossManager";
@@ -56,34 +57,39 @@
* The web context class to create
*/
private String contextClassName;
+
/**
* The parent class loader first model flag
*/
private boolean java2ClassLoadingCompliance = false;
+
/**
* A flag indicating if war archives should be unpacked
*/
private boolean unpackWars = true;
+
/**
- * If true, ejb-links that don't resolve don't cause an error
- * (fallback to jndi-name)
+ * If true, ejb-links that don't resolve don't cause an error (fallback to jndi-name)
*/
private boolean lenientEjbLink = false;
+
/**
* The tomcat service JMX object name
*/
private ObjectName serviceName;
+
/**
* The catalina debug level
*/
private int debugLevel;
+
/**
* A flag indicating if the JBoss UCL should be used
*/
private boolean useJBossWebLoader = true;
+
/**
- * A flag indicating if the working dir for a war deployment should be
- * delete when the war is undeployed.
+ * A flag indicating if the working dir for a war deployment should be delete when the war is undeployed.
*/
private boolean deleteWorkDirs = true;
@@ -91,10 +97,12 @@
* Get the request attribute name under which the JAAS Subject is store
*/
private String subjectAttributeName = null;
+
/**
* The default security-domain name to use
*/
private String defaultSecurityDomain;
+
/** Package names that should be ignored for class loading */
private String[] filteredPackages;
@@ -102,19 +110,23 @@
* Shared WebMetaData.
*/
private JBossWebMetaData sharedMetaData = null;
-
+
/**
* Flag indicating whether web-app specific context xmls may set the privileged flag.
*/
private boolean allowSelfPrivilegedWebApps = false;
+
/** The service used to flush authentication cache on session invalidation. */
- private JaasSecurityManagerServiceMBean secMgrService;
-
+ private JaasSecurityManagerServiceMBean secMgrService;
+
/** FQN of the SecurityContext Class */
- private String securityContextClassName;
-
+ private String securityContextClassName;
+
private URL xacmlPolicyURL = null;
-
+
+ /** URL of the ACL configuration file that might have been specified for the web-app. */
+ private URL aclPolicyURL = null;
+
public ClassLoader getServiceClassLoader()
{
return serviceClassLoader;
@@ -236,9 +248,8 @@
}
/**
- * Get the default security domain implementation to use if a war
- * does not declare a security-domain.
- *
+ * Get the default security domain implementation to use if a war does not declare a security-domain.
+ *
* @return jndi name of the security domain binding to use.
* @jmx:managed-attribute
*/
@@ -248,11 +259,9 @@
}
/**
- * Set the default security domain implementation to use if a war
- * does not declare a security-domain.
- *
- * @param defaultSecurityDomain - jndi name of the security domain binding
- * to use.
+ * Set the default security domain implementation to use if a war does not declare a security-domain.
+ *
+ * @param defaultSecurityDomain - jndi name of the security domain binding to use.
* @jmx:managed-attribute
*/
public void setDefaultSecurityDomain(String defaultSecurityDomain)
@@ -268,16 +277,17 @@
public void setAllowSelfPrivilegedWebApps(boolean allowSelfPrivilegedWebApps)
{
this.allowSelfPrivilegedWebApps = allowSelfPrivilegedWebApps;
- }
-
+ }
+
public JaasSecurityManagerServiceMBean getSecurityManagerService()
{
return secMgrService;
}
+
public void setSecurityManagerService(JaasSecurityManagerServiceMBean mgr)
{
this.secMgrService = mgr;
- }
+ }
public String getSecurityContextClassName()
{
@@ -293,21 +303,46 @@
{
return filteredPackages;
}
+
public void setFilteredPackages(String[] filteredPackages)
{
this.filteredPackages = filteredPackages;
}
- public URL getXacmlPolicyURL()
+ public URL getXacmlPolicyURL()
{
- return xacmlPolicyURL;
+ return xacmlPolicyURL;
}
- public void setXacmlPolicyURL(URL xacmlPolicyURL)
+ public void setXacmlPolicyURL(URL xacmlPolicyURL)
{
- this.xacmlPolicyURL = xacmlPolicyURL;
+ this.xacmlPolicyURL = xacmlPolicyURL;
}
+ /**
+ * <p>
+ * Retrieves the {@code URL} of the ACL policy configuration file, if present.
+ * </p>
+ *
+ * @return the {@code URL} of the policy file, or {@code null} if no ACL policy file has been defined.
+ */
+ public URL getACLPolicyURL()
+ {
+ return this.aclPolicyURL;
+ }
+
+ /**
+ * <p>
+ * Sets the {@code URL} of the ACL policy configuration file.
+ * </p>
+ *
+ * @param aclPolicyURL the {@code URL} of the ACL policy file.
+ */
+ public void setACLPolicyURL(URL aclPolicyURL)
+ {
+ this.aclPolicyURL = aclPolicyURL;
+ }
+
public JBossWebMetaData getSharedMetaData()
{
return sharedMetaData;
@@ -316,5 +351,5 @@
public void setSharedMetaData(JBossWebMetaData sharedMetaData)
{
this.sharedMetaData = sharedMetaData;
- }
+ }
}
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployer.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployer.java 2008-10-28 21:45:40 UTC (rev 80166)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployer.java 2008-10-28 21:50:24 UTC (rev 80167)
@@ -33,7 +33,7 @@
import org.jboss.metadata.web.jboss.JBossWebMetaData;
import org.jboss.metadata.web.spec.Web25MetaData;
import org.jboss.metadata.web.spec.WebMetaData;
-import org.jboss.mx.util.ObjectNameFactory;
+import org.jboss.mx.util.ObjectNameFactory;
import org.jboss.security.plugins.JaasSecurityManagerServiceMBean;
import org.jboss.virtual.VirtualFile;
import org.jboss.web.deployers.AbstractWarDeployer;
@@ -44,11 +44,9 @@
import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
import org.jboss.xb.builder.JBossXBBuilder;
-
/**
- * A concrete implementation of the AbstractWarDeployer that creates
- * {@link #TomcatDeployment} instances as the web application bean
- * representation.
+ * A concrete implementation of the AbstractWarDeployer that creates {@link #TomcatDeployment} instances as the web
+ * application bean representation.
*
* @see #getDeployment(VFSDeploymentUnit, WebMetaData)
*
@@ -60,28 +58,25 @@
* @version $Revision: 56809 $
* @see org.jboss.web.deployers.AbstractWarDeployer
*/
-public class TomcatDeployer extends AbstractWarDeployer
- implements TomcatDeployerMBean
+public class TomcatDeployer extends AbstractWarDeployer implements TomcatDeployerMBean
{
// default object name
public static final ObjectName TOMCAT_SERVICE_NAME = ObjectNameFactory.create("jboss.web:service=WebServer");
-
+
// Constants -----------------------------------------------------
public static final String NAME = "TomcatDeployer";
/** The web app context implementation class */
- private String contextClassName =
- "org.apache.catalina.core.StandardContext";
+ private String contextClassName = "org.apache.catalina.core.StandardContext";
/**
* Unmarshall factory used for parsing shared web.xml.
*/
private static final UnmarshallerFactory factory = UnmarshallerFactory.newInstance();
-
+
/**
- * Configurable map of tomcat authenticators
- * Keyed in by the http auth method that gets
- * plugged into the Context Config and then into the StandardContext
+ * Configurable map of tomcat authenticators Keyed in by the http auth method that gets plugged into the Context
+ * Config and then into the StandardContext
*/
private Properties authenticators = null;
@@ -91,8 +86,8 @@
private String catalinaDomain = "Catalina";
/**
- * The fully qualified name of the class that will be used for session
- * management if <tt>distributable</tt> is set to true.
+ * The fully qualified name of the class that will be used for session management if <tt>distributable</tt> is set
+ * to true.
*/
protected String managerClass = "org.jboss.web.tomcat.service.session.JBossCacheManager";
@@ -100,18 +95,19 @@
* A flag indicating if the JBoss Loader should be used
*/
private boolean useJBossWebLoader = true;
-
+
/**
* JBAS-3358: Work directory shouldn't be deleted on Context Destroy
*/
private boolean deleteWorkDirOnContextDestroy = false;
-
+
/**
* JBAS-2283: Provide custom header based auth support
*/
private String httpHeaderForSSOAuth = null;
+
private String sessionCookieForSSOAuth = null;
-
+
/**
* Shared metaData.
*/
@@ -134,15 +130,18 @@
/** The service used to flush authentication cache on session invalidation. */
private JaasSecurityManagerServiceMBean secMgrService;
+
/** The AbstractWarDeployment implementation class */
- private String deploymentClass = null;
+ private String deploymentClass = null;
+
/** The classloader for the Tomcat SAR */
- private ClassLoader serviceClassLoader = null;
-
+ private ClassLoader serviceClassLoader = null;
+
/** The JBoss Security Manager Wrapper */
private String securityManagement;
+
/** FQN of the SecurityContext Class */
- private String securityContextClassName;
+ private String securityContextClassName;
/** */
private String[] filteredPackages;
@@ -150,7 +149,7 @@
private boolean runtimeLifecycleCoupled = false;
private String policyRegistrationName;
-
+
public TomcatDeployer()
{
}
@@ -160,7 +159,6 @@
return NAME;
}
-
public String getManagerClass()
{
return managerClass;
@@ -198,10 +196,9 @@
}
/**
- * The most important atteribute - defines the managed domain.
- * A catalina instance (engine) corresponds to a JMX domain, that's
- * how we know where to deploy webapps.
- *
+ * The most important atteribute - defines the managed domain. A catalina instance (engine) corresponds to a JMX
+ * domain, that's how we know where to deploy webapps.
+ *
* @param catalinaDomain the domain portion of the JMX ObjectNames
*/
public void setDomain(String catalinaDomain)
@@ -227,34 +224,34 @@
public void setDeleteWorkDirOnContextDestroy(boolean deleteFlag)
{
this.deleteWorkDirOnContextDestroy = deleteFlag;
- }
-
+ }
+
public String getHttpHeaderForSSOAuth()
{
return httpHeaderForSSOAuth;
}
-
+
public void setHttpHeaderForSSOAuth(String httpHeader)
{
- this.httpHeaderForSSOAuth = httpHeader;
+ this.httpHeaderForSSOAuth = httpHeader;
}
-
+
public String getSessionCookieForSSOAuth()
{
- return sessionCookieForSSOAuth;
+ return sessionCookieForSSOAuth;
}
-
+
public void setSessionCookieForSSOAuth(String sessionC)
{
this.sessionCookieForSSOAuth = sessionC;
}
-
+
/**
* The SessionIdAlphabet is the set of characters used to create a session Id
*/
public void setSessionIdAlphabet(String sessionIdAlphabet)
{
- SessionIDGenerator.getInstance().setSessionIdAlphabet(sessionIdAlphabet);
+ SessionIDGenerator.getInstance().setSessionIdAlphabet(sessionIdAlphabet);
}
/**
@@ -262,7 +259,7 @@
*/
public String getSessionIdAlphabet()
{
- return SessionIDGenerator.getInstance().getSessionIdAlphabet();
+ return SessionIDGenerator.getInstance().getSessionIdAlphabet();
}
public boolean getUseJBossWebLoader()
@@ -285,11 +282,13 @@
this.serverConfigFile = configFile;
}
+ @Override
public String getSubjectAttributeName()
{
return this.subjectAttributeName;
}
+ @Override
public void setSubjectAttributeName(String name)
{
this.subjectAttributeName = name;
@@ -303,22 +302,22 @@
public void setAllowSelfPrivilegedWebApps(boolean allowSelfPrivilegedWebApps)
{
this.allowSelfPrivilegedWebApps = allowSelfPrivilegedWebApps;
- }
+ }
public void setSecurityManagerService(JaasSecurityManagerServiceMBean mgr)
{
this.secMgrService = mgr;
- }
-
+ }
+
public void setPolicyRegistrationName(String policyRegistration)
{
this.policyRegistrationName = policyRegistration;
}
-
+
public void setSecurityManagementName(String securityManagement)
{
this.securityManagement = securityManagement;
- }
+ }
public void setSecurityContextClassName(String securityContextClassName)
{
@@ -329,6 +328,7 @@
{
return filteredPackages;
}
+
public void setFilteredPackages(String[] pkgs)
{
this.filteredPackages = pkgs;
@@ -338,20 +338,19 @@
{
return deploymentClass;
}
+
public void setDeploymentClass(String deploymentClass)
{
this.deploymentClass = deploymentClass;
- }
-
+ }
+
/**
- * Gets whether this object should start/stop the JBoss Web runtime
- * during execution of its own start/stop lifecycle callbacks.
+ * Gets whether this object should start/stop the JBoss Web runtime during execution of its own start/stop lifecycle
+ * callbacks.
*
- * @return <code>true</code> if a call to {@link #start()} should
- * trigger a call to {@link #startWebServer()} and a call to
- * {@link #stop()} should trigger a call to {@link #stopWebServer()};
- * <code>false</code> if the webserver runtime lifecycle will
- * be separately managed. Default is <code>false</code>.
+ * @return <code>true</code> if a call to {@link #start()} should trigger a call to {@link #startWebServer()} and a
+ * call to {@link #stop()} should trigger a call to {@link #stopWebServer()}; <code>false</code> if the
+ * webserver runtime lifecycle will be separately managed. Default is <code>false</code>.
*/
public boolean isRuntimeLifecycleCoupled()
{
@@ -359,14 +358,13 @@
}
/**
- * Sets whether this object should start/stop the JBoss Web runtime
- * during execution of its own start/stop lifecycle callbacks.
+ * Sets whether this object should start/stop the JBoss Web runtime during execution of its own start/stop lifecycle
+ * callbacks.
*
- * @param coupled <code>true</code> if a call to {@link #start()} should
- * trigger a call to {@link #startWebServer()} and a call to
- * {@link #stop()} should trigger a call to {@link #stopWebServer()};
- * <code>false</code> if the webserver runtime lifecycle will
- * be separately managed. Default is <code>false</code>.
+ * @param coupled <code>true</code> if a call to {@link #start()} should trigger a call to
+ * {@link #startWebServer()} and a call to {@link #stop()} should trigger a call to
+ * {@link #stopWebServer()}; <code>false</code> if the webserver runtime lifecycle will be separately
+ * managed. Default is <code>false</code>.
*/
public void setRuntimeLifecycleCoupled(boolean coupled)
{
@@ -376,11 +374,11 @@
/**
* Start the deployer. This sets up the tomcat core.
*/
- public void start()
- throws Exception
+ @Override
+ public void start() throws Exception
{
super.start();
-
+
// Parse shared web.xml
Unmarshaller unmarshaller = factory.newUnmarshaller();
URL webXml = this.getClass().getClassLoader().getResource("web.xml");
@@ -394,95 +392,61 @@
Web25MetaData confWebMD = (Web25MetaData) unmarshaller.unmarshal(webXml.toString(), schema);
sharedMetaData = new JBoss50WebMetaData();
sharedMetaData.merge(null, confWebMD);
-
+
}
- public void stop()
- throws Exception
+ @Override
+ public void stop() throws Exception
{
super.stop();
}
/**
- * A trival extension of URLClassLoader that uses an empty URL[] as its
- * classpath so that all work is delegated to its parent.
+ * A trival extension of URLClassLoader that uses an empty URL[] as its classpath so that all work is delegated to
+ * its parent.
*/
/*
- static class ENCLoader extends URLClassLoader
- {
- private boolean parentFirst;
+ * static class ENCLoader extends URLClassLoader { private boolean parentFirst;
+ *
+ * ENCLoader(URL[] urls, ClassLoader parent, boolean parentFirst) { super(urls, parent); this.parentFirst =
+ * parentFirst; }
+ *
+ * protected synchronized Class<?> loadClass(String name, boolean resolve) throws ClassNotFoundException { if
+ * (parentFirst) return super.loadClass(name, resolve); try { Class clazz = findClass(name); if (resolve) {
+ * resolveClass(clazz); } return clazz; } catch (ClassNotFoundException e) { return getParent().loadClass(name); } } }
+ *
+ * public static ClassLoader getTmpLoader(URL warURL, ClassLoader parent, boolean parentFirst) throws Exception {
+ *
+ * String path = warURL.getFile(); ArrayList<URL> list = new ArrayList<URL>(); File classesDir = new File(path,
+ * "WEB-INF/classes"); if (classesDir.exists()) { list.add(classesDir.toURL()); } File libDir = new File(path,
+ * "WEB-INF/lib"); if (libDir.exists()) { File[] jars = libDir.listFiles(); int length = jars != null ? jars.length :
+ * 0; for (int j = 0; j < length; j++) { File jar = jars[j]; if(jar.getAbsolutePath().endsWith(".jar")) {
+ * list.add(jar.toURL()); } } } ENCLoader loader = new ENCLoader(list.toArray(new URL[list.size()]), parent,
+ * parentFirst); return loader; }
+ */
- ENCLoader(URL[] urls, ClassLoader parent, boolean parentFirst)
- {
- super(urls, parent);
- this.parentFirst = parentFirst;
- }
-
- protected synchronized Class<?> loadClass(String name, boolean resolve) throws ClassNotFoundException
- {
- if (parentFirst) return super.loadClass(name, resolve);
- try
- {
- Class clazz = findClass(name);
- if (resolve) {
- resolveClass(clazz);
- }
- return clazz;
- }
- catch (ClassNotFoundException e)
- {
- return getParent().loadClass(name);
- }
- }
-
- }
-
- public static ClassLoader getTmpLoader(URL warURL, ClassLoader parent, boolean parentFirst) throws Exception
- {
-
- String path = warURL.getFile();
- ArrayList<URL> list = new ArrayList<URL>();
- File classesDir = new File(path, "WEB-INF/classes");
- if (classesDir.exists())
- {
- list.add(classesDir.toURL());
- }
- File libDir = new File(path, "WEB-INF/lib");
- if (libDir.exists())
- {
- File[] jars = libDir.listFiles();
- int length = jars != null ? jars.length : 0;
- for (int j = 0; j < length; j++)
- {
- File jar = jars[j];
- if(jar.getAbsolutePath().endsWith(".jar"))
- {
- list.add(jar.toURL());
- }
- }
- }
- ENCLoader loader = new ENCLoader(list.toArray(new URL[list.size()]), parent, parentFirst);
- return loader;
-
- }*/
-
/**
* Create a tomcat war deployment bean for the deployment unit/metaData.
+ *
* @param unit - the current web app deployment unit
* @param metaData - the parsed metdata for the web app deployment
* @return TomcatDeployment instnace
*/
@Override
- public AbstractWarDeployment getDeployment(VFSDeploymentUnit unit, JBossWebMetaData metaData)
- throws Exception
+ public AbstractWarDeployment getDeployment(VFSDeploymentUnit unit, JBossWebMetaData metaData) throws Exception
{
- String className = (deploymentClass == null) ? "org.jboss.web.tomcat.service.deployers.TomcatDeployment" : deploymentClass;
- AbstractWarDeployment deployment = (AbstractWarDeployment) (getClass().getClassLoader().loadClass(className)).newInstance();
-
+ String className = (deploymentClass == null)
+ ? "org.jboss.web.tomcat.service.deployers.TomcatDeployment"
+ : deploymentClass;
+ AbstractWarDeployment deployment = (AbstractWarDeployment) (getClass().getClassLoader().loadClass(className))
+ .newInstance();
+
DeployerConfig config = new DeployerConfig();
config.setDefaultSecurityDomain(this.defaultSecurityDomain);
config.setSubjectAttributeName(this.subjectAttributeName);
- config.setServiceClassLoader((getServiceClassLoader() == null) ? getClass().getClassLoader() : getServiceClassLoader());
+ config.setServiceClassLoader((getServiceClassLoader() == null)
+ ? getClass().getClassLoader()
+ : getServiceClassLoader());
config.setManagerClass(this.managerClass);
config.setJava2ClassLoadingCompliance(this.java2ClassLoadingCompliance);
config.setUnpackWars(this.unpackWars);
@@ -492,45 +456,50 @@
config.setServiceName(null);
config.setSubjectAttributeName(this.subjectAttributeName);
config.setUseJBossWebLoader(this.useJBossWebLoader);
- config.setAllowSelfPrivilegedWebApps(this.allowSelfPrivilegedWebApps);
+ config.setAllowSelfPrivilegedWebApps(this.allowSelfPrivilegedWebApps);
config.setSecurityManagerService(this.secMgrService);
config.setFilteredPackages(filteredPackages);
config.setSharedMetaData(sharedMetaData);
config.setDeleteWorkDirs(deleteWorkDirOnContextDestroy);
-
+
config.setSecurityContextClassName(securityContextClassName);
deployment.setSecurityManagementName(securityManagement);
deployment.setPolicyRegistrationName(policyRegistrationName);
- //Check if there are any xacml policy files
+ // Check if there are any xacml policy files
VirtualFile vf = unit.getMetaDataFile("jboss-xacml-policy.xml");
- if(vf != null)
- config.setXacmlPolicyURL(vf.toURL());
-
+ if (vf != null)
+ config.setXacmlPolicyURL(vf.toURL());
+
+ // check if there is an acl configuration file.
+ vf = unit.getMetaDataFile("jboss-acl-policy.xml");
+ if (vf != null)
+ config.setACLPolicyURL(vf.toURL());
+
// Add a dependency on the webserver itself
List<String> depends = metaData.getDepends();
if (depends == null)
depends = new ArrayList<String>();
depends.add(TOMCAT_SERVICE_NAME.getCanonicalName());
- metaData.setDepends(depends);
-
+ metaData.setDepends(depends);
+
deployment.setServer(super.getServer());
deployment.init(config);
return deployment;
}
-
+
public void create() throws Exception
{
-// MBeanServer server = MBeanServerLocator.locateJBoss();
-// if (server != null)
-// server.registerMBean(this, OBJECT_NAME);
+ // MBeanServer server = MBeanServerLocator.locateJBoss();
+ // if (server != null)
+ // server.registerMBean(this, OBJECT_NAME);
}
public void destroy() throws Exception
{
-// MBeanServer server = MBeanServerLocator.locateJBoss();
-// if (server != null)
-// server.unregisterMBean(OBJECT_NAME);
- }
+ // MBeanServer server = MBeanServerLocator.locateJBoss();
+ // if (server != null)
+ // server.unregisterMBean(OBJECT_NAME);
+ }
}
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java 2008-10-28 21:45:40 UTC (rev 80166)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java 2008-10-28 21:50:24 UTC (rev 80167)
@@ -89,10 +89,15 @@
private static final String CONTEXT_CONFIG_FILE = "WEB-INF/context.xml";
private DeployerConfig config;
- private String[] javaVMs = { " jboss.management.local:J2EEServer=Local,j2eeType=JVM,name=localhost" };
- private String serverName = "jboss";
- private HashMap vhostToHostNames = new HashMap();
+
+ private final String[] javaVMs = {" jboss.management.local:J2EEServer=Local,j2eeType=JVM,name=localhost"};
+
+ private final String serverName = "jboss";
+
+ private final HashMap vhostToHostNames = new HashMap();
+
private ORB orb = null;
+
private TomcatInjectionContainer injectionContainer;
public ORB getORB()
@@ -108,7 +113,7 @@
@Override
public void init(Object containerConfig) throws Exception
{
- this.config = (DeployerConfig)containerConfig;
+ this.config = (DeployerConfig) containerConfig;
super.setJava2ClassLoadingCompliance(config.isJava2ClassLoadingCompliance());
super.setUnpackWars(config.isUnpackWars());
super.setLenientEjbLink(config.isLenientEjbLink());
@@ -130,9 +135,11 @@
if (hostNames.hasNext())
{
hostName = hostNames.next().toString();
- } else {
- hostNames = getDefaultHosts();
- if (hostNames.hasNext())
+ }
+ else
+ {
+ hostNames = getDefaultHosts();
+ if (hostNames.hasNext())
{
hostName = hostNames.next().toString();
}
@@ -164,10 +171,11 @@
ClassLoader loader = Thread.currentThread().getContextClassLoader();
metaData.setContextLoader(loader);
- StandardContext context = (StandardContext)Class.forName(config.getContextClassName()).newInstance();
-
- injectionContainer = new TomcatInjectionContainer(webApp, webApp.getDeploymentUnit(), context, getPersistenceUnitDependencyResolver());
+ StandardContext context = (StandardContext) Class.forName(config.getContextClassName()).newInstance();
+ injectionContainer = new TomcatInjectionContainer(webApp, webApp.getDeploymentUnit(), context,
+ getPersistenceUnitDependencyResolver());
+
Loader webLoader = webApp.getDeploymentUnit().getAttachment(Loader.class);
if (webLoader == null)
webLoader = getWebLoader(webApp.getDeploymentUnit(), metaData, loader, url);
@@ -176,17 +184,18 @@
webApp.setClassLoader(loader);
webApp.setURL(url);
- String objectNameS = config.getCatalinaDomain() + ":j2eeType=WebModule,name=//" + ((hostName == null) ? "localhost" : hostName) + ctxPath
- + ",J2EEApplication=none,J2EEServer=none";
+ String objectNameS = config.getCatalinaDomain() + ":j2eeType=WebModule,name=//"
+ + ((hostName == null) ? "localhost" : hostName) + ctxPath + ",J2EEApplication=none,J2EEServer=none";
ObjectName objectName = new ObjectName(objectNameS);
if (Registry.getRegistry(null, null).getMBeanServer().isRegistered(objectName))
throw new DeploymentException("Web mapping already exists for deployment URL " + warUrl);
-
+
Registry.getRegistry(null, null).registerComponent(context, objectName, config.getContextClassName());
- if (TomcatService.OLD_CODE) {
+ if (TomcatService.OLD_CODE)
+ {
String ctxConfig = null;
File warFile = new File(url.getFile());
if (warFile.isDirectory() == false)
@@ -201,7 +210,7 @@
{
// Copy the META-INF/context.xml from the VFS to the temp folder
InputStream is = file.openStream();
- FileOutputStream fos = null;
+ FileOutputStream fos = null;
try
{
byte[] buffer = new byte[512];
@@ -236,9 +245,11 @@
ctxConfig = webDD.getAbsolutePath();
}
}
-
+
context.setConfigFile(ctxConfig);
- } else {
+ }
+ else
+ {
context.setConfigFile(CONTEXT_CONFIG_FILE);
}
context.setInstanceManager(injectionContainer);
@@ -278,7 +289,8 @@
repository = repository.substring(7);
else if (repository.startsWith("file:"))
repository = repository.substring(5);
- else continue;
+ else
+ continue;
if (repository == null)
continue;
// ok it is a file. Make sure that is is a directory or jar file
@@ -310,26 +322,26 @@
// Set the session cookies flag according to metadata
switch (metaData.getSessionCookies())
{
- case JBossWebMetaData.SESSION_COOKIES_ENABLED:
+ case JBossWebMetaData.SESSION_COOKIES_ENABLED :
context.setCookies(true);
log.debug("Enabling session cookies");
break;
- case JBossWebMetaData.SESSION_COOKIES_DISABLED:
+ case JBossWebMetaData.SESSION_COOKIES_DISABLED :
context.setCookies(false);
log.debug("Disabling session cookies");
break;
- default:
+ default :
log.debug("Using session cookies default setting");
}
-
+
String metaDataSecurityDomain = metaData.getSecurityDomain();
- if(metaDataSecurityDomain != null)
+ if (metaDataSecurityDomain != null)
metaDataSecurityDomain = metaDataSecurityDomain.trim();
- //Add a valve to establish security context
- SecurityContextEstablishmentValve scevalve = new SecurityContextEstablishmentValve(metaDataSecurityDomain,
- SecurityUtil.unprefixSecurityDomain(config.getDefaultSecurityDomain()),
- config.getSecurityContextClassName(), getSecurityManagement());
+ // Add a valve to establish security context
+ SecurityContextEstablishmentValve scevalve = new SecurityContextEstablishmentValve(metaDataSecurityDomain,
+ SecurityUtil.unprefixSecurityDomain(config.getDefaultSecurityDomain()), config
+ .getSecurityContextClassName(), getSecurityManagement());
context.addValve(scevalve);
// Add a valve to estalish the JACC context before authorization valves
@@ -356,9 +368,9 @@
context.start();
// Build the ENC
}
- catch(Exception e)
+ catch (Exception e)
{
- context.destroy();
+ context.destroy();
DeploymentException.rethrowAsDeploymentException("URL " + warUrl + " deployment failed", e);
}
finally
@@ -373,7 +385,7 @@
}
if (context.getState() != 1)
{
- context.destroy();
+ context.destroy();
throw new DeploymentException("URL " + warUrl + " deployment failed");
}
@@ -387,7 +399,7 @@
AbstractJBossManager manager = null;
String managerClassName = config.getManagerClass();
Class managerClass = Thread.currentThread().getContextClassLoader().loadClass(managerClassName);
- manager = (AbstractJBossManager)managerClass.newInstance();
+ manager = (AbstractJBossManager) managerClass.newInstance();
String name = "//" + ((hostName == null) ? "localhost" : hostName) + ctxPath;
manager.init(name, metaData);
@@ -398,7 +410,8 @@
catch (ClusteringNotSupportedException e)
{
// JBAS-3513 Just log a WARN, not an ERROR
- log.warn("Failed to setup clustering, clustering disabled. ClusteringNotSupportedException: " + e.getMessage());
+ log.warn("Failed to setup clustering, clustering disabled. ClusteringNotSupportedException: "
+ + e.getMessage());
}
catch (NoClassDefFoundError ncdf)
{
@@ -414,30 +427,25 @@
}
/*
- * Add security association valve after the authorization valves so that
- * the authenticated user may be associated with the request
- * thread/session.
+ * Add security association valve after the authorization valves so that the authenticated user may be associated
+ * with the request thread/session.
*/
SecurityAssociationValve valve = new SecurityAssociationValve(metaData, config.getSecurityManagerService());
valve.setSubjectAttributeName(config.getSubjectAttributeName());
- server.invoke(objectName, "addValve", new Object[] { valve }, new String[] { "org.apache.catalina.Valve" });
+ server.invoke(objectName, "addValve", new Object[]{valve}, new String[]{"org.apache.catalina.Valve"});
- /* TODO: Retrieve the state, and throw an exception in case of a failure
- Integer state = (Integer) server.getAttribute(objectName, "state");
- if (state.intValue() != 1)
- {
- throw new DeploymentException("URL " + warUrl + " deployment failed");
- }
+ /*
+ * TODO: Retrieve the state, and throw an exception in case of a failure Integer state = (Integer)
+ * server.getAttribute(objectName, "state"); if (state.intValue() != 1) { throw new DeploymentException("URL " +
+ * warUrl + " deployment failed"); }
*/
webApp.setAppData(objectName);
/*
- * TODO: Create mbeans for the servlets ObjectName servletQuery = new
- * ObjectName (config.getCatalinaDomain() + ":j2eeType=Servlet,WebModule=" +
- * objectName.getKeyProperty("name") + ",*"); Iterator iterator =
- * server.queryMBeans(servletQuery, null).iterator(); while
- * (iterator.hasNext()) {
+ * TODO: Create mbeans for the servlets ObjectName servletQuery = new ObjectName (config.getCatalinaDomain() +
+ * ":j2eeType=Servlet,WebModule=" + objectName.getKeyProperty("name") + ",*"); Iterator iterator =
+ * server.queryMBeans(servletQuery, null).iterator(); while (iterator.hasNext()) {
* di.mbeans.add(((ObjectInstance)iterator.next()).getObjectName()); }
*/
@@ -446,15 +454,22 @@
// Associate the Context Id with the Security Domain
String contextID = metaData.getJaccContextID();
- //Check if an xacml policy file is present
+ // Check if an xacml policy file is present
URL xacmlPolicyFile = this.config.getXacmlPolicyURL();
if (xacmlPolicyFile != null)
{
- if(this.policyRegistration != null)
+ if (this.policyRegistration != null)
{
- policyRegistration.registerPolicy(contextID, PolicyRegistration.XACML, xacmlPolicyFile);
- }
+ policyRegistration.registerPolicy(contextID, PolicyRegistration.XACML, xacmlPolicyFile);
+ }
}
+
+ // check if an acl policy file is present.
+ URL aclPolicyFileURL = this.config.getACLPolicyURL();
+ if (aclPolicyFileURL != null && this.policyRegistration != null)
+ {
+ this.policyRegistration.registerPolicy(contextID, PolicyRegistration.ACL, aclPolicyFileURL);
+ }
}
log.debug("Initialized: " + webApp + " " + objectName);
@@ -463,9 +478,13 @@
public class EncListener implements LifecycleListener
{
protected ClassLoader loader;
+
protected Loader webLoader;
+
protected WebApplication webApp;
+
protected JBossWebMetaData metaData;
+
protected VFSDeploymentUnit unit;
public EncListener(ClassLoader loader, Loader webLoader, WebApplication webApp)
@@ -503,13 +522,13 @@
currentThread.setContextClassLoader(webLoader.getClassLoader());
metaData.setENCLoader(webLoader.getClassLoader());
InitialContext iniCtx = new InitialContext();
- Context envCtx = (Context)iniCtx.lookup("java:comp");
+ Context envCtx = (Context) iniCtx.lookup("java:comp");
// Add ORB/UserTransaction
ORB orb = null;
try
{
ObjectName ORB_NAME = new ObjectName("jboss:service=CorbaORB");
- orb = (ORB)server.getAttribute(ORB_NAME, "ORB");
+ orb = (ORB) server.getAttribute(ORB_NAME, "ORB");
// Bind the orb
if (orb != null)
{
@@ -523,8 +542,10 @@
}
// JTA links
- envCtx.bind("TransactionSynchronizationRegistry", new LinkRef("java:TransactionSynchronizationRegistry"));
- log.debug("Linked java:comp/TransactionSynchronizationRegistry to JNDI name: java:TransactionSynchronizationRegistry");
+ envCtx
+ .bind("TransactionSynchronizationRegistry", new LinkRef("java:TransactionSynchronizationRegistry"));
+ log
+ .debug("Linked java:comp/TransactionSynchronizationRegistry to JNDI name: java:TransactionSynchronizationRegistry");
envCtx.bind("UserTransaction", new LinkRef("UserTransaction"));
log.debug("Linked java:comp/UserTransaction to JNDI name: UserTransaction");
envCtx = envCtx.createSubcontext("env");
@@ -545,7 +566,7 @@
finally
{
currentThread.setContextClassLoader(currentLoader);
-
+
log.debug("injectionContainer enabled and processing beginning");
// we need to do this because the classloader is initialize by the web container and
// the injection container needs the classloader so that it can build up Injectors and ENC populators
@@ -557,17 +578,17 @@
}
- public Loader getWebLoader(VFSDeploymentUnit unit, JBossWebMetaData metaData, ClassLoader loader, URL url) throws MalformedURLException
+ public Loader getWebLoader(VFSDeploymentUnit unit, JBossWebMetaData metaData, ClassLoader loader, URL url)
+ throws MalformedURLException
{
Loader webLoader = null;
/*
- * If we are using the jboss class loader we need to augment its path to
- * include the WEB-INF/{lib,classes} dirs or else scoped class loading
- * does not see the war level overrides. The call to setWarURL adds these
- * paths to the deployment UCL.
+ * If we are using the jboss class loader we need to augment its path to include the WEB-INF/{lib,classes} dirs or
+ * else scoped class loading does not see the war level overrides. The call to setWarURL adds these paths to the
+ * deployment UCL.
*/
- ArrayList<URL> classpath = (ArrayList<URL>)unit.getAttachment("org.jboss.web.expandedWarClasspath");
+ ArrayList<URL> classpath = (ArrayList<URL>) unit.getAttachment("org.jboss.web.expandedWarClasspath");
if (classpath == null)
{
try
@@ -592,23 +613,12 @@
jbossLoader.setClasspath(classpath);
webLoader = jbossLoader;
/*
- if (classLoading != null && classLoading.isJava2ClassLoadingCompliance())
- {
- WebCtxLoader jbossLoader = new WebCtxLoader(loader, injectionContainer);
- if (classpath != null)
- jbossLoader.setClasspath(classpath);
- webLoader = jbossLoader;
- }
- else
- {
- String[] pkgs = config.getFilteredPackages();
- WebAppLoader jbossLoader = new WebAppLoader(loader, pkgs, injectionContainer);
- jbossLoader.setDelegate(getJava2ClassLoadingCompliance());
- if (classpath != null)
- jbossLoader.setClasspath(classpath);
- webLoader = jbossLoader;
- }
- */
+ * if (classLoading != null && classLoading.isJava2ClassLoadingCompliance()) { WebCtxLoader jbossLoader = new
+ * WebCtxLoader(loader, injectionContainer); if (classpath != null) jbossLoader.setClasspath(classpath); webLoader =
+ * jbossLoader; } else { String[] pkgs = config.getFilteredPackages(); WebAppLoader jbossLoader = new
+ * WebAppLoader(loader, pkgs, injectionContainer); jbossLoader.setDelegate(getJava2ClassLoadingCompliance()); if
+ * (classpath != null) jbossLoader.setClasspath(classpath); webLoader = jbossLoader; }
+ */
return webLoader;
}
@@ -618,9 +628,10 @@
}
/**
- * Called as part of the undeploy() method template to ask the subclass for
- * perform the web container specific undeployment steps.
+ * Called as part of the undeploy() method template to ask the subclass for perform the web container specific
+ * undeployment steps.
*/
+ @Override
protected void performUndeploy(WebApplication warInfo, String warUrl) throws Exception
{
if (warInfo == null)
@@ -629,7 +640,8 @@
return;
}
- log.info("undeploy, ctxPath=" + warInfo.getMetaData().getContextRoot() + ", vfsUrl=" + warInfo.getDeploymentUnit().getFile("").getPathName());
+ log.info("undeploy, ctxPath=" + warInfo.getMetaData().getContextRoot() + ", vfsUrl="
+ + warInfo.getDeploymentUnit().getFile("").getPathName());
JBossWebMetaData metaData = warInfo.getMetaData();
String hostName = null;
@@ -640,9 +652,11 @@
if (hostNames.hasNext())
{
hostName = hostNames.next().toString();
- } else {
- hostNames = getDefaultHosts();
- if (hostNames.hasNext())
+ }
+ else
+ {
+ hostNames = getDefaultHosts();
+ if (hostNames.hasNext())
{
hostName = hostNames.next().toString();
}
@@ -668,29 +682,37 @@
if (server == null)
return;
- ObjectName objectName = new ObjectName(config.getCatalinaDomain() + ":j2eeType=WebModule,name=//" + ((hostName == null) ? "localhost" : hostName) + ctxPath
- + ",J2EEApplication=none,J2EEServer=none");
+ ObjectName objectName = new ObjectName(config.getCatalinaDomain() + ":j2eeType=WebModule,name=//"
+ + ((hostName == null) ? "localhost" : hostName) + ctxPath + ",J2EEApplication=none,J2EEServer=none");
if (server.isRegistered(objectName))
{
// Contexts should be stopped by the host already
- server.invoke(objectName, "destroy", new Object[] {}, new String[] {});
+ server.invoke(objectName, "destroy", new Object[]{}, new String[]{});
}
-
- //Deregister xacml policies
+
+ // Deregister xacml policies
URL xacmlPolicyFile = this.config.getXacmlPolicyURL();
if (xacmlPolicyFile != null)
{
- if(this.policyRegistration != null)
+ if (this.policyRegistration != null)
{
policyRegistration.deRegisterPolicy(metaData.getJaccContextID(), PolicyRegistration.XACML);
}
- }
+ }
+
+ // deregister the acl policies.
+ URL aclPolicyFileURL = this.config.getACLPolicyURL();
+ if (aclPolicyFileURL != null && this.policyRegistration != null)
+ {
+ this.policyRegistration.deRegisterPolicy(metaData.getJaccContextID(), PolicyRegistration.ACL);
+ }
}
/**
* Resolve the input virtual host names to the names of the configured Hosts
- * @param vhostNames Iterator<String> for the jboss-web/virtual-host elements
+ *
+ * @param vhostNames Iterator<String> for the jboss-web/virtual-host elements
* @return Iterator<String> of the unique Host names
* @throws Exception
*/
@@ -705,12 +727,12 @@
Iterator iter = hosts.iterator();
while (iter.hasNext())
{
- ObjectName host = (ObjectName)iter.next();
+ ObjectName host = (ObjectName) iter.next();
String name = host.getKeyProperty("host");
if (name != null)
{
vhostToHostNames.put(name, name);
- String[] aliases = (String[])server.invoke(host, "findAliases", null, null);
+ String[] aliases = (String[]) server.invoke(host, "findAliases", null, null);
int count = aliases != null ? aliases.length : 0;
for (int n = 0; n < count; n++)
{
@@ -726,7 +748,7 @@
{
for (String vhost : vhostNames)
{
- String host = (String)vhostToHostNames.get(vhost);
+ String host = (String) vhostToHostNames.get(vhost);
if (host == null)
{
log.warn("Failed to map vhost: " + vhost);
@@ -744,24 +766,24 @@
*/
protected synchronized Iterator getDefaultHosts() throws Exception
{
- // Map the virtual host names to the hosts
- HashSet defaultHosts = new HashSet();
- // Query the configured Engine mbeans
- String engineQuery = config.getCatalinaDomain() + ":type=Engine,*";
- ObjectName query = new ObjectName(engineQuery);
- Set engines = server.queryNames(query, null);
- Iterator iter = engines.iterator();
- while (iter.hasNext())
- {
- ObjectName engine = (ObjectName)iter.next();
+ // Map the virtual host names to the hosts
+ HashSet defaultHosts = new HashSet();
+ // Query the configured Engine mbeans
+ String engineQuery = config.getCatalinaDomain() + ":type=Engine,*";
+ ObjectName query = new ObjectName(engineQuery);
+ Set engines = server.queryNames(query, null);
+ Iterator iter = engines.iterator();
+ while (iter.hasNext())
+ {
+ ObjectName engine = (ObjectName) iter.next();
- String defaultHost = (String) server.getAttribute(engine, "defaultHost");
- if (defaultHost != null)
- {
- defaultHosts.add(defaultHost);
- }
- }
- return defaultHosts.iterator();
+ String defaultHost = (String) server.getAttribute(engine, "defaultHost");
+ if (defaultHost != null)
+ {
+ defaultHosts.add(defaultHost);
+ }
+ }
+ return defaultHosts.iterator();
}
}
More information about the jboss-cvs-commits
mailing list