[jboss-cvs] Picketbox SVN: r42 - in trunk/picketbox/src: main/java/org/picketbox/plugins and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Feb 22 18:02:38 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-02-22 18:02:37 -0500 (Mon, 22 Feb 2010)
New Revision: 42
Modified:
trunk/picketbox/src/main/java/org/picketbox/handlers/HandlerContract.java
trunk/picketbox/src/main/java/org/picketbox/plugins/PicketBoxProcessor.java
trunk/picketbox/src/test/java/org/picketbox/test/annotations/PicketBoxProcessorUnitTestCase.java
Log:
javadoc
Modified: trunk/picketbox/src/main/java/org/picketbox/handlers/HandlerContract.java
===================================================================
--- trunk/picketbox/src/main/java/org/picketbox/handlers/HandlerContract.java 2010-02-22 23:01:41 UTC (rev 41)
+++ trunk/picketbox/src/main/java/org/picketbox/handlers/HandlerContract.java 2010-02-22 23:02:37 UTC (rev 42)
@@ -30,7 +30,14 @@
public interface HandlerContract
{
/**
- * Set the security context
+ * <p>
+ * Set the security context.
+ * </p>
+ *
+ * <p>
+ * For X509 Certificates, they can be passed as the Credential.
+ * </p>
+ *
* @param principal Principal to be used
* @param credential Credential to be used
*/
Modified: trunk/picketbox/src/main/java/org/picketbox/plugins/PicketBoxProcessor.java
===================================================================
--- trunk/picketbox/src/main/java/org/picketbox/plugins/PicketBoxProcessor.java 2010-02-22 23:01:41 UTC (rev 41)
+++ trunk/picketbox/src/main/java/org/picketbox/plugins/PicketBoxProcessor.java 2010-02-22 23:02:37 UTC (rev 42)
@@ -42,28 +42,41 @@
import org.picketbox.factories.SecurityFactory;
/**
- * Process the security annotations on a POJO
+ * <p> Process the security annotations on a POJO.</p>
+ * <p>
+ * Additionally, there are various useful methods such as {@code #getCallerPrincipal()} to
+ * get the authenticated principal, {@code #getCallerSubject()} to get the authenticated
+ * subject and {@code #getCallerRoles()} to get the roles for the authenticated subject.
+ * </p>
* @since Feb 16, 2010
*/
public class PicketBoxProcessor
{
private static Logger log = Logger.getLogger(PicketBoxProcessor.class);
- Principal principal = null;
- Object credential = null;
+ private Principal principal = null;
+ private Object credential = null;
public PicketBoxProcessor()
{
}
/**
- * Set the username/credential
- * @param username
+ * <p>
+ * Set the user name/ Credential
+ * </p>
+ *
+ * <p>
+ * In the case of X509 certificates, they can be passed
+ * as the Credential into this method.
+ * </p>
+ *
+ * @param userName
* @param credential
*/
- public void setSecurityInfo(String username, Object credential)
+ public void setSecurityInfo(String userName, Object credential)
{
- this.principal = new SimplePrincipal(username);
+ this.principal = new SimplePrincipal(userName);
this.credential = credential;
}
@@ -176,9 +189,11 @@
AuthorizationManager authzMgr = SecurityFactory.getAuthorizationManager(securityDomain);
SecurityContextCallbackHandler cbh = new SecurityContextCallbackHandler(securityContext);
+ //We try to get the roles of the current authenticated subject. This internally will also
+ //apply the role mapping logic if it is configured at the security domain level
RoleGroup roles = authzMgr.getSubjectRoles(subject, cbh);
if(roles == null)
- throw new RuntimeException("Roles from subject is null");
+ throw new PicketBoxProcessingException("Roles from subject is null");
}
catch(PrivilegedActionException pae)
{
Modified: trunk/picketbox/src/test/java/org/picketbox/test/annotations/PicketBoxProcessorUnitTestCase.java
===================================================================
--- trunk/picketbox/src/test/java/org/picketbox/test/annotations/PicketBoxProcessorUnitTestCase.java 2010-02-22 23:01:41 UTC (rev 41)
+++ trunk/picketbox/src/test/java/org/picketbox/test/annotations/PicketBoxProcessorUnitTestCase.java 2010-02-22 23:02:37 UTC (rev 42)
@@ -25,6 +25,10 @@
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
import org.jboss.security.SimplePrincipal;
import org.jboss.security.identity.RoleGroup;
import org.jboss.security.identity.plugins.SimpleRole;
@@ -33,13 +37,14 @@
import org.picketbox.test.pojos.SecurityMappingAnnotationRolePOJO;
/**
+ * <p> Unit test the {@code PicketBoxProcessor} </p>
* @author Anil.Saldhana at redhat.com
* @since Feb 16, 2010
*/
public class PicketBoxProcessorUnitTestCase
{
@Test
- public void testSecurityMappingRoleAnnotation() throws Exception
+ public void testAPI() throws Exception
{
SecurityMappingAnnotationRolePOJO pojo = new SecurityMappingAnnotationRolePOJO();
@@ -47,8 +52,11 @@
processor.setSecurityInfo("anil", "pass");
processor.process(pojo);
- assertEquals("Principal == anil", new SimplePrincipal("anil"), processor.getCallerPrincipal());
- assertNotNull("Subject is not null", processor.getCallerSubject());
+ Principal anil = new SimplePrincipal("anil");
+ assertEquals("Principal == anil", anil, processor.getCallerPrincipal());
+ Subject callerSubject = processor.getCallerSubject();
+ assertNotNull("Subject is not null", callerSubject);
+ assertTrue("Subject contains principal anil", callerSubject.getPrincipals().contains(anil));
RoleGroup callerRoles = processor.getCallerRoles();
assertTrue("InternalUser is a role", callerRoles.containsRole(new SimpleRole("InternalUser")));
assertTrue("AuthorizedUser is a role", callerRoles.containsRole(new SimpleRole("AuthorizedUser")));
More information about the jboss-cvs-commits
mailing list