[jboss-cvs] JBossAS SVN: r109515 - in projects/security/security-negotiation/branches/dlofthouse/SECURITY-132: jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common and 6 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Sat Nov 27 13:00:07 EST 2010
Author: darran.lofthouse at jboss.com
Date: 2010-11-27 13:00:06 -0500 (Sat, 27 Nov 2010)
New Revision: 109515
Added:
projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/CommonLoginModule.java
Modified:
projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/pom.xml
projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-extras/pom.xml
projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-extras/src/main/java/org/jboss/security/negotiation/AdvancedLdapLoginModule.java
projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-spnego/pom.xml
projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOLoginModule.java
projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-toolkit/pom.xml
projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/parent/pom.xml
Log:
Initial refactoring to add common base for the login modules.
Modified: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/pom.xml
===================================================================
--- projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/pom.xml 2010-11-27 17:58:49 UTC (rev 109514)
+++ projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/pom.xml 2010-11-27 18:00:06 UTC (rev 109515)
@@ -40,8 +40,12 @@
<dependency>
<groupId>jboss</groupId>
<artifactId>jboss-common</artifactId>
- </dependency>
+ </dependency>
<dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jbosssx-client</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.jboss.spec.javax.servlet</groupId>
<artifactId>jboss-servlet-api_3.0_spec</artifactId>
</dependency>
Added: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/CommonLoginModule.java
===================================================================
--- projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/CommonLoginModule.java (rev 0)
+++ projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/CommonLoginModule.java 2010-11-27 18:00:06 UTC (rev 109515)
@@ -0,0 +1,120 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.negotiation.common;
+
+import java.security.Principal;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+
+import org.jboss.security.auth.spi.AbstractServerLoginModule;
+
+/**
+ * A base login module for the other login modules within
+ * JBoss Negotiation.
+ *
+ * @author darran.lofthouse at jboss.com
+ * @since 27th November 2010
+ */
+public abstract class CommonLoginModule extends AbstractServerLoginModule
+{
+
+ /*
+ * Module State
+ */
+ /** The login identity */
+ private Principal identity;
+
+ /** The proof of login identity */
+ private char[] credential;
+
+ @Override
+ protected Principal getIdentity()
+ {
+ return identity;
+ }
+
+ protected void setIdentity(final Principal identity)
+ {
+ this.identity = identity;
+ }
+
+ protected char[] getCredential()
+ {
+ return credential;
+ }
+
+ /**
+ * Either retrieve existing values based on useFirstPass or use
+ * CallBackHandler to obtain the values.
+ */
+ protected void processIdentityAndCredential() throws LoginException
+ {
+ if (super.login() == true)
+ {
+ Object username = sharedState.get("javax.security.auth.login.name");
+ if (username instanceof Principal)
+ identity = (Principal) username;
+ else
+ {
+ String name = username.toString();
+ try
+ {
+ identity = createIdentity(name);
+ }
+ catch (Exception e)
+ {
+ if (log.isDebugEnabled())
+ log.debug("Failed to create principal", e);
+ throw new LoginException("Failed to create principal: " + e.getMessage());
+ }
+ }
+ // We have no further use for a credential so no need to retrieve it.
+ }
+ else
+ {
+ try
+ {
+ NameCallback nc = new NameCallback("User name: ", "guest");
+ PasswordCallback pc = new PasswordCallback("Password: ", false);
+ Callback[] callbacks =
+ {nc, pc};
+
+ callbackHandler.handle(callbacks);
+ String username = nc.getName();
+ identity = createIdentity(username);
+ credential = pc.getPassword();
+ pc.clearPassword();
+ }
+ catch (Exception e)
+ {
+ LoginException le = new LoginException("Unable to obtain username/credential");
+ le.initCause(e);
+ throw le;
+ }
+
+ }
+ }
+
+}
Property changes on: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/CommonLoginModule.java
___________________________________________________________________
Name: svn:keywords
+ Id Revision
Name: svn:eol-style
+ LF
Modified: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-extras/pom.xml
===================================================================
--- projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-extras/pom.xml 2010-11-27 17:58:49 UTC (rev 109514)
+++ projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-extras/pom.xml 2010-11-27 18:00:06 UTC (rev 109515)
@@ -56,13 +56,9 @@
<dependency>
<groupId>jboss</groupId>
<artifactId>jboss-jmx</artifactId>
- </dependency>
+ </dependency>
<dependency>
<groupId>jboss</groupId>
- <artifactId>jbosssx</artifactId>
- </dependency>
- <dependency>
- <groupId>jboss</groupId>
<artifactId>jboss-system</artifactId>
</dependency>
Modified: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-extras/src/main/java/org/jboss/security/negotiation/AdvancedLdapLoginModule.java
===================================================================
--- projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-extras/src/main/java/org/jboss/security/negotiation/AdvancedLdapLoginModule.java 2010-11-27 17:58:49 UTC (rev 109514)
+++ projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-extras/src/main/java/org/jboss/security/negotiation/AdvancedLdapLoginModule.java 2010-11-27 18:00:06 UTC (rev 109515)
@@ -42,15 +42,12 @@
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.jboss.security.SimpleGroup;
-import org.jboss.security.auth.spi.AbstractServerLoginModule;
+import org.jboss.security.negotiation.common.CommonLoginModule;
import org.jboss.security.negotiation.prototype.DecodeAction;
/**
@@ -71,7 +68,7 @@
* @author darran.lofthouse at jboss.com
* @since 3rd July 2008
*/
-public class AdvancedLdapLoginModule extends AbstractServerLoginModule
+public class AdvancedLdapLoginModule extends CommonLoginModule
{
/*
@@ -176,12 +173,6 @@
/*
* Module State
*/
- /** The login identity */
- private Principal identity;
-
- /** The proof of login identity */
- private char[] credential;
-
private SimpleGroup userRoles = new SimpleGroup("Roles");
private Set<String> processedRoleDNs = new HashSet<String>();
@@ -293,12 +284,6 @@
}
@Override
- protected Principal getIdentity()
- {
- return identity;
- }
-
- @Override
protected Group[] getRoleSets() throws LoginException
{
Group[] roleSets =
@@ -326,7 +311,7 @@
}
catch (Exception e)
{
- LoginException le = new LoginException("Unabe to decode bindCredential");
+ LoginException le = new LoginException("Unable to decode bindCredential");
le.initCause(e);
throw le;
}
@@ -373,58 +358,6 @@
return Boolean.valueOf(super.loginOk);
}
- /**
- * Either retrieve existing values based on useFirstPass or use
- * CallBackHandler to obtain the values.
- */
- protected void processIdentityAndCredential() throws LoginException
- {
- if (super.login() == true)
- {
- Object username = sharedState.get("javax.security.auth.login.name");
- if (username instanceof Principal)
- identity = (Principal) username;
- else
- {
- String name = username.toString();
- try
- {
- identity = createIdentity(name);
- }
- catch (Exception e)
- {
- if (log.isDebugEnabled())
- log.debug("Failed to create principal", e);
- throw new LoginException("Failed to create principal: " + e.getMessage());
- }
- }
- // We have no further use for a credential so no need to retrieve it.
- }
- else
- {
- try
- {
- NameCallback nc = new NameCallback("User name: ", "guest");
- PasswordCallback pc = new PasswordCallback("Password: ", false);
- Callback[] callbacks =
- {nc, pc};
-
- callbackHandler.handle(callbacks);
- String username = nc.getName();
- identity = createIdentity(username);
- credential = pc.getPassword();
- pc.clearPassword();
- }
- catch (Exception e)
- {
- LoginException le = new LoginException("Unable to obtain username/credential");
- le.initCause(e);
- throw le;
- }
-
- }
- }
-
protected LdapContext constructLdapContext(String dn, Object credential, String authentication)
throws LoginException
{
@@ -543,6 +476,7 @@
protected void authenticate(String userDN) throws LoginException
{
+ char[] credential = getCredential();
if (credential.length == 0)
{
if (allowEmptyPassword == false)
Modified: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-spnego/pom.xml
===================================================================
--- projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-spnego/pom.xml 2010-11-27 17:58:49 UTC (rev 109514)
+++ projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-spnego/pom.xml 2010-11-27 18:00:06 UTC (rev 109515)
@@ -43,6 +43,10 @@
<version>5.1.0.GA</version>
</dependency>
<dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-security-spi</artifactId>
+ </dependency>
+ <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
</dependency>
Modified: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOLoginModule.java
===================================================================
--- projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOLoginModule.java 2010-11-27 17:58:49 UTC (rev 109514)
+++ projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOLoginModule.java 2010-11-27 18:00:06 UTC (rev 109515)
@@ -44,6 +44,7 @@
import org.jboss.security.SimpleGroup;
import org.jboss.security.auth.spi.AbstractServerLoginModule;
import org.jboss.security.negotiation.NegotiationMessage;
+import org.jboss.security.negotiation.common.CommonLoginModule;
import org.jboss.security.negotiation.common.NegotiationContext;
import org.jboss.security.negotiation.spnego.encoding.NegTokenInit;
import org.jboss.security.negotiation.spnego.encoding.NegTokenTarg;
@@ -56,7 +57,7 @@
* @author darran.lofthouse at jboss.com
* @version $Revision$
*/
-public class SPNEGOLoginModule extends AbstractServerLoginModule
+public class SPNEGOLoginModule extends CommonLoginModule
{
private static final String SPNEGO = "SPNEGO";
@@ -72,8 +73,6 @@
private LoginContext serverLoginContext = null;
- private Principal identity = null;
-
@Override
public void initialize(final Subject subject, final CallbackHandler callbackHandler, final Map sharedState,
final Map options)
@@ -129,6 +128,7 @@
super.loginOk = true;
if (getUseFirstPass() == true)
{
+ Principal identity = getIdentity();
String userName = identity.getName();
if (log.isDebugEnabled())
log.debug("Storing username '" + userName + "' and empty password");
@@ -169,12 +169,6 @@
}
@Override
- protected Principal getIdentity()
- {
- return identity;
- }
-
- @Override
protected Principal createIdentity(final String username) throws Exception
{
if (removeRealmFromPrincipal)
@@ -302,7 +296,7 @@
log.warn("Authentication was performed despite already being authenticated!");
// TODO - Refactor to only do this once.
- identity = new KerberosPrincipal(gssContext.getSrcName().toString());
+ setIdentity(new KerberosPrincipal(gssContext.getSrcName().toString()));
if (DEBUG)
{
@@ -333,7 +327,7 @@
}
else
{
- identity = createIdentity(gssContext.getSrcName().toString());
+ setIdentity(createIdentity(gssContext.getSrcName().toString()));
if (DEBUG)
{
Modified: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-toolkit/pom.xml
===================================================================
--- projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-toolkit/pom.xml 2010-11-27 17:58:49 UTC (rev 109514)
+++ projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/jboss-negotiation-toolkit/pom.xml 2010-11-27 18:00:06 UTC (rev 109515)
@@ -62,13 +62,8 @@
<groupId>jboss</groupId>
<artifactId>jboss-common</artifactId>
<scope>provided</scope>
- </dependency>
+ </dependency>
<dependency>
- <groupId>jboss</groupId>
- <artifactId>jbosssx</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
<groupId>org.jboss.spec.javax.servlet</groupId>
<artifactId>jboss-servlet-api_3.0_spec</artifactId>
<scope>provided</scope>
Modified: projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/parent/pom.xml
===================================================================
--- projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/parent/pom.xml 2010-11-27 17:58:49 UTC (rev 109514)
+++ projects/security/security-negotiation/branches/dlofthouse/SECURITY-132/parent/pom.xml 2010-11-27 18:00:06 UTC (rev 109515)
@@ -21,11 +21,12 @@
<properties>
<version.apache-log4j.log4j>1.2.14</version.apache-log4j.log4j>
<version.jboss.jboss-common>4.2.3.GA</version.jboss.jboss-common>
- <version.jboss.jbosssx>4.2.3.GA</version.jboss.jbosssx>
<version.jboss.jmx>4.2.3.GA</version.jboss.jmx>
<version.jboss.system>4.2.3.GA</version.jboss.system>
<version.jboss-web>3.0.0-beta-7</version.jboss-web>
<version.junit>3.8.1</version.junit>
+ <version.org.jboss.security.jbosssx-client>2.0.4.SP2</version.org.jboss.security.jbosssx-client>
+ <version.org.jboss.security.spi>2.0.2.SP1</version.org.jboss.security.spi>
<version.servlet.api>1.0.0.Final</version.servlet.api>
</properties>
<build>
@@ -136,15 +137,20 @@
</dependency>
<dependency>
<groupId>jboss</groupId>
- <artifactId>jbosssx</artifactId>
- <version>${version.jboss.jbosssx}</version>
- </dependency>
- <dependency>
- <groupId>jboss</groupId>
<artifactId>jboss-system</artifactId>
<version>${version.jboss.system}</version>
</dependency>
<dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jbosssx-client</artifactId>
+ <version>${version.org.jboss.security.jbosssx-client}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security</groupId>
+ <artifactId>jboss-security-spi</artifactId>
+ <version>${version.org.jboss.security.spi}</version>
+ </dependency>
+ <dependency>
<groupId>org.jboss.spec.javax.servlet</groupId>
<artifactId>jboss-servlet-api_3.0_spec</artifactId>
<version>${version.servlet.api}</version>
More information about the jboss-cvs-commits
mailing list