[jboss-cvs] Picketbox SVN: r50 - in trunk: picketbox/src/test/java/org/picketbox/test/annotations and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Mar 2 21:37:08 EST 2010
Author: anil.saldhana at jboss.com
Date: 2010-03-02 21:37:07 -0500 (Tue, 02 Mar 2010)
New Revision: 50
Added:
trunk/picketbox/src/test/java/org/picketbox/test/pojos/AuthPlusMappingAnnotatedPOJO.java
trunk/picketbox/src/test/java/org/picketbox/test/pojos/AuthenticationAnnotatedPOJO.java
trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Authentication.java
trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Authorization.java
trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Module.java
trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/ModuleOption.java
trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/SecurityAudit.java
Modified:
trunk/picketbox/src/main/java/org/picketbox/plugins/PicketBoxProcessor.java
trunk/picketbox/src/test/java/org/picketbox/test/annotations/PicketBoxProcessorUnitTestCase.java
trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/SecurityMapping.java
Log:
SECURITY-464: annotations for auth, authz, audit and mapping
Modified: trunk/picketbox/src/main/java/org/picketbox/plugins/PicketBoxProcessor.java
===================================================================
--- trunk/picketbox/src/main/java/org/picketbox/plugins/PicketBoxProcessor.java 2010-03-03 02:32:47 UTC (rev 49)
+++ trunk/picketbox/src/main/java/org/picketbox/plugins/PicketBoxProcessor.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -23,9 +23,17 @@
import java.security.Principal;
import java.security.PrivilegedActionException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.StringTokenizer;
import javax.security.auth.Subject;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginException;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
@@ -33,10 +41,29 @@
import org.jboss.security.SecurityConstants;
import org.jboss.security.SecurityContext;
import org.jboss.security.SimplePrincipal;
+import org.jboss.security.annotation.Authentication;
+import org.jboss.security.annotation.Authorization;
+import org.jboss.security.annotation.Module;
+import org.jboss.security.annotation.ModuleOption;
+import org.jboss.security.annotation.SecurityAudit;
import org.jboss.security.annotation.SecurityConfig;
import org.jboss.security.annotation.SecurityDomain;
+import org.jboss.security.annotation.SecurityMapping;
+import org.jboss.security.annotation.ModuleOption.VALUE_TYPE;
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.audit.config.AuditConfigEntryHolder;
+import org.jboss.security.audit.config.AuditProviderEntry;
+import org.jboss.security.auth.login.AuthenticationInfo;
+import org.jboss.security.authorization.config.AuthorizationModuleEntry;
import org.jboss.security.callbacks.SecurityContextCallbackHandler;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.ApplicationPolicyRegistration;
+import org.jboss.security.config.AuditInfo;
+import org.jboss.security.config.AuthorizationInfo;
+import org.jboss.security.config.ControlFlag;
+import org.jboss.security.config.MappingInfo;
import org.jboss.security.identity.RoleGroup;
+import org.jboss.security.mapping.config.MappingModuleEntry;
import org.picketbox.config.PicketBoxConfiguration;
import org.picketbox.exceptions.PicketBoxProcessingException;
import org.picketbox.factories.SecurityFactory;
@@ -168,11 +195,55 @@
try
{
SecurityConfig securityConfig = objectClass.getAnnotation(SecurityConfig.class);
- if(securityConfig == null)
- throw new RuntimeException("@SecurityConfig is missing");
+ Authentication authenticationAnnotation = objectClass.getAnnotation(Authentication.class);
+
+ if(securityConfig == null && authenticationAnnotation == null)
+ throw new RuntimeException("@SecurityConfig or @Authentication is needed");
+
+ if(securityConfig != null)
+ {
+ PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
+ idtrustConfig.load(securityConfig.fileName());
+ }
+ else
+ {
+ ApplicationPolicyRegistration apr = (ApplicationPolicyRegistration) Configuration.getConfiguration();
+
+ ApplicationPolicy aPolicy = new ApplicationPolicy(securityDomain);
+ AuthenticationInfo authenticationInfo = getAuthenticationInfo(authenticationAnnotation, securityDomain);
+ aPolicy.setAuthenticationInfo(authenticationInfo );
+
+ Authorization authorizationAnnotation = objectClass.getAnnotation(Authorization.class);
+ SecurityAudit auditAnnotation = objectClass.getAnnotation(SecurityAudit.class);
+ SecurityMapping mappingAnnotation = objectClass.getAnnotation(SecurityMapping.class);
+
+ if(authorizationAnnotation != null)
+ {
+ AuthorizationInfo authorizationInfo = getAuthorizationInfo(authorizationAnnotation, securityDomain);
+ aPolicy.setAuthorizationInfo(authorizationInfo);
+ }
+
+ if(auditAnnotation != null)
+ {
+ AuditInfo auditInfo = getAuditInfo(auditAnnotation, securityDomain);
+ aPolicy.setAuditInfo(auditInfo);
+ }
+
+ if(mappingAnnotation != null)
+ {
+ MappingInfo mappingInfo = getMappingInfo(mappingAnnotation, securityDomain);
+
+ List<MappingModuleEntry> entries = mappingInfo.getModuleEntries();
+ for(MappingModuleEntry entry: entries)
+ {
+ aPolicy.setMappingInfo(entry.getMappingModuleType(), mappingInfo);
+ }
+ }
+
+ apr.addApplicationPolicy(securityDomain, aPolicy);
+ }
+
- PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
- idtrustConfig.load(securityConfig.fileName());
SecurityContext securityContext = SecurityActions.createSecurityContext(securityDomain);
SecurityActions.setSecurityContext(securityContext);
@@ -193,7 +264,7 @@
//apply the role mapping logic if it is configured at the security domain level
RoleGroup roles = authzMgr.getSubjectRoles(subject, cbh);
if(roles == null)
- throw new PicketBoxProcessingException("Roles from subject is null");
+ throw new PicketBoxProcessingException("Roles from subject is null");
}
catch(PrivilegedActionException pae)
{
@@ -206,4 +277,168 @@
SecurityFactory.release();
}
}
+
+ private MappingInfo getMappingInfo(SecurityMapping mappingAnnotation, String securityDomain)
+ {
+ MappingInfo mappingInfo = new MappingInfo(securityDomain);
+
+ Module[] modules = mappingAnnotation.modules();
+ if(modules != null)
+ {
+ for(Module module: modules)
+ {
+ String code = module.code();
+ String type = module.type();
+
+ Map<String,Object> map = new HashMap<String,Object>();
+
+ ModuleOption[] options = module.options();
+ if(options != null)
+ {
+ for(ModuleOption option : options)
+ {
+ String key = option.key();
+ String value = option.value();
+ VALUE_TYPE valueType = option.valueType();
+
+ if(key != null && key.length() > 0 && valueType == ModuleOption.VALUE_TYPE.JAVA_PROPERTIES)
+ {
+ StringTokenizer st = new StringTokenizer(value,"=");
+
+ String prop1 = st.nextToken();
+ String prop2 = st.nextToken();
+
+ Properties properties = new Properties();
+ properties.put(prop1, prop2);
+
+ map.put(key, properties);
+ }
+ else
+ if(key != null && key.length() > 0)
+ map.put(key, value);
+ }
+ }
+
+ MappingModuleEntry entry = new MappingModuleEntry(code, map, type);
+ mappingInfo.add(entry);
+ }
+ }
+ return mappingInfo;
+ }
+
+ private AuditInfo getAuditInfo(SecurityAudit auditAnnotation, String securityDomain)
+ {
+ AuditInfo auditInfo = new AuditInfo(securityDomain);
+
+ Module[] modules = auditAnnotation.modules();
+ if(modules != null)
+ {
+ for(Module module: modules)
+ {
+ String code = module.code();
+
+ Map<String,Object> map = new HashMap<String,Object>();
+
+ ModuleOption[] options = module.options();
+ if(options != null)
+ {
+ for(ModuleOption option : options)
+ {
+ String key = option.key();
+ String value = option.value();
+ if(key != null && key.length() > 0)
+ map.put(key, value);
+ }
+ }
+
+ AuditProviderEntry entry = new AuditProviderEntry(code, map);
+
+ auditInfo.add(entry);
+ }
+ }
+
+ return auditInfo;
+ }
+
+ private AuthorizationInfo getAuthorizationInfo(Authorization authorizationAnnotation, String securityDomain)
+ {
+ AuthorizationInfo authorizationInfo = new AuthorizationInfo(securityDomain);
+
+ Module[] modules = authorizationAnnotation.modules();
+ if(modules != null)
+ {
+ for(Module module: modules)
+ {
+ String code = module.code();
+ String flag = module.flag();
+
+ Map<String,Object> map = new HashMap<String,Object>();
+
+ ModuleOption[] options = module.options();
+ if(options != null)
+ {
+ for(ModuleOption option : options)
+ {
+ String key = option.key();
+ String value = option.value();
+ if(key != null && key.length() > 0)
+ map.put(key, value);
+ }
+ }
+
+ AuthorizationModuleEntry entry = new AuthorizationModuleEntry(code, map);
+ entry.setControlFlag(ControlFlag.valueOf(flag));
+
+ authorizationInfo.add(entry);
+ }
+ }
+
+ return authorizationInfo;
+ }
+
+ private AuthenticationInfo getAuthenticationInfo(Authentication auth, String securityDomainName)
+ {
+ AuthenticationInfo authInfo = new AuthenticationInfo(securityDomainName);
+
+ Module[] modules = auth.modules();
+ if(modules != null)
+ {
+ for(Module module: modules)
+ {
+ String code = module.code();
+ String flag = module.flag();
+
+ Map<String,Object> map = new HashMap<String,Object>();
+
+ ModuleOption[] options = module.options();
+ if(options != null)
+ {
+ for(ModuleOption option : options)
+ {
+ String key = option.key();
+ String value = option.value();
+ if(key != null && key.length() > 0)
+ map.put(key, value);
+ }
+ }
+
+ AppConfigurationEntry entry = new AppConfigurationEntry(code, getFlag(flag), map);
+ authInfo.addAppConfigurationEntry(entry);
+ }
+ }
+
+ return authInfo;
+ }
+
+
+ private AppConfigurationEntry.LoginModuleControlFlag getFlag(String flag)
+ {
+ if("REQUIRED".equalsIgnoreCase(flag))
+ return LoginModuleControlFlag.REQUIRED;
+ if("REQUISITE".equalsIgnoreCase(flag))
+ return LoginModuleControlFlag.REQUISITE;
+ if("SUFFICIENT".equalsIgnoreCase(flag))
+ return LoginModuleControlFlag.SUFFICIENT;
+ return LoginModuleControlFlag.OPTIONAL;
+ }
}
\ No newline at end of file
Modified: trunk/picketbox/src/test/java/org/picketbox/test/annotations/PicketBoxProcessorUnitTestCase.java
===================================================================
--- trunk/picketbox/src/test/java/org/picketbox/test/annotations/PicketBoxProcessorUnitTestCase.java 2010-03-03 02:32:47 UTC (rev 49)
+++ trunk/picketbox/src/test/java/org/picketbox/test/annotations/PicketBoxProcessorUnitTestCase.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -34,6 +34,8 @@
import org.jboss.security.identity.plugins.SimpleRole;
import org.junit.Test;
import org.picketbox.plugins.PicketBoxProcessor;
+import org.picketbox.test.pojos.AuthPlusMappingAnnotatedPOJO;
+import org.picketbox.test.pojos.AuthenticationAnnotatedPOJO;
import org.picketbox.test.pojos.SecurityMappingAnnotationRolePOJO;
/**
@@ -61,4 +63,40 @@
assertTrue("InternalUser is a role", callerRoles.containsRole(new SimpleRole("InternalUser")));
assertTrue("AuthorizedUser is a role", callerRoles.containsRole(new SimpleRole("AuthorizedUser")));
}
+
+ @Test
+ public void testAuthenticationAnnotation() throws Exception
+ {
+ AuthenticationAnnotatedPOJO pojo = new AuthenticationAnnotatedPOJO();
+
+ PicketBoxProcessor processor = new PicketBoxProcessor();
+ processor.setSecurityInfo("anil", "pass");
+ processor.process(pojo);
+
+
+ Principal anil = new SimplePrincipal("anil");
+ assertEquals("Principal == anil", anil, processor.getCallerPrincipal());
+ Subject callerSubject = processor.getCallerSubject();
+ assertNotNull("Subject is not null", callerSubject);
+ assertTrue("Subject contains principal anil", callerSubject.getPrincipals().contains(anil));
+ }
+
+ @Test
+ public void testAuthenticationAndMappingAnnotation() throws Exception
+ {
+ AuthPlusMappingAnnotatedPOJO pojo = new AuthPlusMappingAnnotatedPOJO();
+
+ PicketBoxProcessor processor = new PicketBoxProcessor();
+ processor.setSecurityInfo("anil", "pass");
+ processor.process(pojo);
+
+ Principal anil = new SimplePrincipal("anil");
+ assertEquals("Principal == anil", anil, processor.getCallerPrincipal());
+ Subject callerSubject = processor.getCallerSubject();
+ assertNotNull("Subject is not null", callerSubject);
+ assertTrue("Subject contains principal anil", callerSubject.getPrincipals().contains(anil));
+ RoleGroup callerRoles = processor.getCallerRoles();
+ assertTrue("InternalUser is a role", callerRoles.containsRole(new SimpleRole("InternalUser")));
+ assertTrue("AuthorizedUser is a role", callerRoles.containsRole(new SimpleRole("AuthorizedUser")));
+ }
}
\ No newline at end of file
Added: trunk/picketbox/src/test/java/org/picketbox/test/pojos/AuthPlusMappingAnnotatedPOJO.java
===================================================================
--- trunk/picketbox/src/test/java/org/picketbox/test/pojos/AuthPlusMappingAnnotatedPOJO.java (rev 0)
+++ trunk/picketbox/src/test/java/org/picketbox/test/pojos/AuthPlusMappingAnnotatedPOJO.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -0,0 +1,44 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.test.pojos;
+
+import org.jboss.security.annotation.Authentication;
+import org.jboss.security.annotation.Module;
+import org.jboss.security.annotation.ModuleOption;
+import org.jboss.security.annotation.SecurityMapping;
+import org.jboss.security.annotation.ModuleOption.VALUE_TYPE;
+
+/**
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 2, 2010
+ */
+ at Authentication(modules =
+{@Module(code = "org.jboss.security.auth.spi.UsersRolesLoginModule", options =
+{@ModuleOption})})
+
+ at SecurityMapping(modules =
+{@Module(code = "org.jboss.security.mapping.providers.OptionsRoleMappingProvider", type="role", options =
+{@ModuleOption(key="rolesMap",value="validuser=AuthorizedUser,InternalUser", valueType=VALUE_TYPE.JAVA_PROPERTIES),
+ @ModuleOption(key="replaceRoles", value="false")})})
+public class AuthPlusMappingAnnotatedPOJO
+{
+}
Added: trunk/picketbox/src/test/java/org/picketbox/test/pojos/AuthenticationAnnotatedPOJO.java
===================================================================
--- trunk/picketbox/src/test/java/org/picketbox/test/pojos/AuthenticationAnnotatedPOJO.java (rev 0)
+++ trunk/picketbox/src/test/java/org/picketbox/test/pojos/AuthenticationAnnotatedPOJO.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -0,0 +1,37 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketbox.test.pojos;
+
+import org.jboss.security.annotation.Authentication;
+import org.jboss.security.annotation.Module;
+import org.jboss.security.annotation.ModuleOption;
+
+/**
+ * Pojo with the <code>Authentication</code> annotation
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 2, 2010
+ */
+ at Authentication(modules={@Module(code = "org.jboss.security.auth.spi.UsersRolesLoginModule", options =
+{@ModuleOption})})
+public class AuthenticationAnnotatedPOJO
+{
+}
Added: trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Authentication.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Authentication.java (rev 0)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Authentication.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Annotation to provide configuration for authentication
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 2, 2010
+ */
+ at Inherited
+ at Target(ElementType.TYPE)
+ at Retention(RetentionPolicy.RUNTIME)
+ at Documented
+public @interface Authentication
+{
+ /**
+ * Get an array of <code>Module</code>
+ * @return
+ */
+ Module[] modules();
+}
\ No newline at end of file
Added: trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Authorization.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Authorization.java (rev 0)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Authorization.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -0,0 +1,48 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Annotation indicating Authorization is required
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 2, 2010
+ */
+
+ at Inherited
+ at Target(ElementType.TYPE)
+ at Retention(RetentionPolicy.RUNTIME)
+ at Documented
+public @interface Authorization
+{
+ /**
+ * Get an array of <code>Module</code>
+ * @return
+ */
+ Module[] modules();
+}
Added: trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Module.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Module.java (rev 0)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/Module.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -0,0 +1,65 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Represents a Module
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 2, 2010
+ */
+ at Inherited
+ at Target(ElementType.TYPE)
+ at Retention(RetentionPolicy.RUNTIME)
+ at Documented
+public @interface Module
+{
+ /**
+ * The FQN of the module
+ * @return
+ */
+ String code();
+
+ /**
+ * Get the FLAG (REQUIRED, REQUISITE, SUFFICIENT or OPTIONAL)
+ * satisfying the JAAS Configuration semantics
+ * @return
+ */
+ String flag() default "REQUIRED";
+
+ /**
+ * Mainly used by mapping modules
+ * @return
+ */
+ String type() default "";
+ /**
+ * Get an array of <code>ModuleOption</code>
+ * @return
+ */
+ ModuleOption[] options();
+}
\ No newline at end of file
Added: trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/ModuleOption.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/ModuleOption.java (rev 0)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/ModuleOption.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -0,0 +1,51 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Represents a Module Option
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 2, 2010
+ */
+ at Inherited
+ at Target(ElementType.TYPE)
+ at Retention(RetentionPolicy.RUNTIME)
+ at Documented
+public @interface ModuleOption
+{
+ public enum VALUE_TYPE { REGULAR, JAVA_PROPERTIES};
+
+ String key() default "";
+ String value() default "";
+
+ /** Specify the type of the value. If it is regular, then accept it as a String value. If
+ * it is Java Property, then the value represents a Java Property.
+ */
+ VALUE_TYPE valueType() default VALUE_TYPE.REGULAR;
+}
\ No newline at end of file
Added: trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/SecurityAudit.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/SecurityAudit.java (rev 0)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/SecurityAudit.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -0,0 +1,44 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Annotation indicating that all security events
+ * are to be audited
+ * @author Anil.Saldhana at redhat.com
+ * @since Mar 2, 2010
+ */
+ at Inherited
+ at Target(ElementType.TYPE)
+ at Retention(RetentionPolicy.RUNTIME)
+ at Documented
+public @interface SecurityAudit
+{
+ Module[] modules();
+}
Modified: trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/SecurityMapping.java
===================================================================
--- trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/SecurityMapping.java 2010-03-03 02:32:47 UTC (rev 49)
+++ trunk/security-spi/spi/src/main/java/org/jboss/security/annotation/SecurityMapping.java 2010-03-03 02:37:07 UTC (rev 50)
@@ -40,16 +40,5 @@
@Documented
public @interface SecurityMapping
{
- /**
- * ROLE, PRINCIPAL or ATTRIBUTE
- * @return
- */
- String type() default "ROLE";
-
- /**
- * Example, X509 can have SubjectDNMapper
- * @return
- */
- String mappingClassName() default "";
-
+ Module[] modules();
}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list