[jboss-cvs] JBossAS SVN: r111538 - in projects/security/security-negotiation/trunk: assembly and 16 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Jun 7 12:50:20 EDT 2011


Author: darran.lofthouse at jboss.com
Date: 2011-06-07 12:50:19 -0400 (Tue, 07 Jun 2011)
New Revision: 111538

Modified:
   projects/security/security-negotiation/trunk/.gitignore
   projects/security/security-negotiation/trunk/assembly/pom.xml
   projects/security/security-negotiation/trunk/docs/userguide/pom.xml
   projects/security/security-negotiation/trunk/jboss-negotiation-common/pom.xml
   projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/MessageFactory.java
   projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationAuthenticator.java
   projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/cipher/AesCtsHmacSha1Decoder.java
   projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/MessageTrace.java
   projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/NegotiationContext.java
   projects/security/security-negotiation/trunk/jboss-negotiation-extras/pom.xml
   projects/security/security-negotiation/trunk/jboss-negotiation-extras/src/main/java/org/jboss/security/negotiation/prototype/DecodeAction.java
   projects/security/security-negotiation/trunk/jboss-negotiation-net/pom.xml
   projects/security/security-negotiation/trunk/jboss-negotiation-net/src/main/java/org/jboss/security/negotiation/net/SPNEGOServerSocket.java
   projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/pom.xml
   projects/security/security-negotiation/trunk/jboss-negotiation-spnego/pom.xml
   projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOAuthenticator.java
   projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java
   projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/pom.xml
   projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/BasicNegotiationServlet.java
   projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/NTLMNegotiationServlet.java
   projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/SecuredServlet.java
   projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java
   projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/webapp/WEB-INF/jboss-web.xml
   projects/security/security-negotiation/trunk/parent/pom.xml
   projects/security/security-negotiation/trunk/pom.xml
Log:
[SECURITY-598] Make JBoss Negotiation Compatible with JBoss AS7.
  - Bring Maven dependencies in-line with the AS7 dependencies.
  - Adjust configuration of the Negotiation Toolkit to: -
    a) Define the valve in an AS7 compatible way.
    b) Declare the required AS7 module dependencies.

Modified: projects/security/security-negotiation/trunk/.gitignore
===================================================================
--- projects/security/security-negotiation/trunk/.gitignore	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/.gitignore	2011-06-07 16:50:19 UTC (rev 111538)
@@ -5,4 +5,5 @@
 jboss-negotiation-net/target
 jboss-negotiation-ntlm/target
 jboss-negotiation-spnego/target
-jboss-negotiation-toolkit/target
\ No newline at end of file
+jboss-negotiation-toolkit/target
+*.iml
\ No newline at end of file

Modified: projects/security/security-negotiation/trunk/assembly/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/assembly/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/assembly/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -2,7 +2,7 @@
   <parent>
     <groupId>org.jboss.security</groupId>
     <artifactId>jboss-negotiation-project</artifactId>
-    <version>2.1.1.SNAPSHOT</version>
+    <version>2.2.0.SNAPSHOT</version>
     <relativePath>../parent/pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>

Modified: projects/security/security-negotiation/trunk/docs/userguide/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/docs/userguide/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/docs/userguide/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -42,7 +42,7 @@
 
   <groupId>org.jboss.documentation</groupId>
   <artifactId>negotiation-user-guide-${translation}</artifactId>
-  <version>2.1.1.SNAPSHOT</version>
+  <version>2.2.0.SNAPSHOT</version>
   <packaging>jdocbook</packaging>
   <name>Negotiation_User_Guide_(${translation})</name>
 

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.jboss.security</groupId>
     <artifactId>jboss-negotiation-project</artifactId>
-    <version>2.1.1.SNAPSHOT</version>
+    <version>2.2.0.SNAPSHOT</version>
     <relativePath>../parent/pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
@@ -35,29 +35,25 @@
 
     <!-- Global dependencies -->
     <dependency>
-      <groupId>log4j</groupId>
-      <artifactId>log4j</artifactId>
+        <groupId>org.jboss</groupId>
+        <artifactId>jboss-common-core</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.jboss</groupId>
-      <artifactId>jboss-common-core</artifactId>
+        <groupId>org.jboss.logging</groupId>
+        <artifactId>jboss-logging</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.jboss.logging</groupId>
-      <artifactId>jboss-logging</artifactId>
+        <groupId>org.jboss.spec.javax.servlet</groupId>
+        <artifactId>jboss-servlet-api_3.0_spec</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.jboss.security</groupId>
-      <artifactId>jbosssx</artifactId>
+        <groupId>org.jboss.web</groupId>
+        <artifactId>jbossweb</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.jboss.spec.javax.servlet</groupId>
-      <artifactId>jboss-servlet-api_3.0_spec</artifactId>
+       <groupId>org.picketbox</groupId>
+       <artifactId>picketbox</artifactId>
     </dependency>
-    <dependency>
-      <groupId>org.jboss.web</groupId>
-      <artifactId>jbossweb</artifactId>
-    </dependency>
 
   </dependencies>
 

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/MessageFactory.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/MessageFactory.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/MessageFactory.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -21,7 +21,7 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 
 /**
  * The base message factory for reading messages from InputStreams and

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationAuthenticator.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationAuthenticator.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationAuthenticator.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -45,7 +45,7 @@
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.catalina.deploy.LoginConfig;
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 import org.jboss.security.negotiation.common.MessageTrace;
 import org.jboss.security.negotiation.common.NegotiationContext;
 import org.jboss.util.Base64;

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/cipher/AesCtsHmacSha1Decoder.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/cipher/AesCtsHmacSha1Decoder.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/cipher/AesCtsHmacSha1Decoder.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -21,16 +21,15 @@
  */
 package org.jboss.security.negotiation.cipher;
 
-import java.security.GeneralSecurityException;
-import java.util.Arrays;
-
 import javax.crypto.Cipher;
 import javax.crypto.Mac;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
+import java.security.GeneralSecurityException;
+import java.util.Arrays;
 
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 import org.jboss.security.negotiation.NegotiationException;
 
 /**

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/MessageTrace.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/MessageTrace.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/MessageTrace.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -22,7 +22,7 @@
  */
 package org.jboss.security.negotiation.common;
 
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 
 /**
  * Handle message tracing hierarchy.

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/NegotiationContext.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/NegotiationContext.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/common/NegotiationContext.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -22,7 +22,7 @@
  */
 package org.jboss.security.negotiation.common;
 
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 import org.jboss.security.negotiation.NegotiationMessage;
 
 /**

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-extras/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-extras/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-extras/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.jboss.security</groupId>
     <artifactId>jboss-negotiation-project</artifactId>
-    <version>2.1.1.SNAPSHOT</version>
+    <version>2.2.0.SNAPSHOT</version>
     <relativePath>../parent/pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
@@ -43,21 +43,13 @@
       <artifactId>jboss-common-core</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.jboss.jbossas</groupId>
-      <artifactId>jboss-as-security</artifactId>
-    </dependency>
-    <dependency>
       <groupId>org.jboss.logging</groupId>
       <artifactId>jboss-logging</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.jboss.mx</groupId>
-      <artifactId>jboss-j2se</artifactId>
+       <groupId>org.picketbox</groupId>
+       <artifactId>picketbox</artifactId>
     </dependency>
-    <dependency>
-      <groupId>org.jboss.security</groupId>
-      <artifactId>jbosssx</artifactId>
-    </dependency>
   </dependencies>
 
 </project>

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-extras/src/main/java/org/jboss/security/negotiation/prototype/DecodeAction.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-extras/src/main/java/org/jboss/security/negotiation/prototype/DecodeAction.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-extras/src/main/java/org/jboss/security/negotiation/prototype/DecodeAction.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -1,44 +1,47 @@
 /*
- * JBoss, Home of Professional Open Source.
- * Copyright 2006, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
 package org.jboss.security.negotiation.prototype;
 
-import java.security.PrivilegedExceptionAction;
 import java.security.AccessController;
 import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+
+import javax.management.MBeanServer;
 import javax.management.ObjectName;
-import javax.management.MBeanServer;
-import javax.management.MBeanServerInvocationHandler;
 
-import org.jboss.security.plugins.JaasSecurityDomainMBean;
-import org.jboss.mx.util.MBeanServerLocator;
+import org.jboss.security.util.MBeanServerLocator;
 
 /**
  * PriviledgedActions used by login modules for decoding passwords
  * 
  * @author Scott.Stark at jboss.org
- * @version $Revision$
+ * @version $Revision: 2 $
  */
-public class DecodeAction implements PrivilegedExceptionAction
+public class DecodeAction implements PrivilegedExceptionAction<Object>
 {
+   /** The permission required to access decode, decode64 */
+   private static final RuntimePermission decodePermission =
+      new RuntimePermission("org.jboss.security.auth.spi.DecodeAction.decode"); 
+   
    String password;
    ObjectName serviceName;
 
@@ -54,18 +57,32 @@
     * @throws Exception
     */
    public Object run() throws Exception
-   {   
-       MBeanServer server = MBeanServerLocator.locateJBoss();
-       JaasSecurityDomainMBean securityDomain = (JaasSecurityDomainMBean)
-          MBeanServerInvocationHandler.newProxyInstance(server, serviceName,
-             JaasSecurityDomainMBean.class, false);
-
-      // Invoke the jaasSecurityDomain.decodeb64 op
-      byte[] secret = securityDomain.decode64(password);
+   {  
+      // Invoke the decodeb64 op
+      byte[] secret = decode64(password);
       // Convert to UTF-8 base char array
       String secretPassword = new String(secret, "UTF-8");
       return secretPassword.toCharArray();
    }
+   
+   /** Decrypt the secret using the cipherKey.
+   *
+   * @param secret - the encrypted secret to decrypt.
+   * @return the decrypted secret
+   * @throws Exception
+   */
+  private byte[] decode64(String secret)
+     throws Exception
+  {
+     SecurityManager sm = System.getSecurityManager();
+     if( sm != null )
+        sm.checkPermission(decodePermission);
+
+     MBeanServer server = MBeanServerLocator.locateJBoss();
+     return (byte[]) server.invoke(serviceName, "decode64", new Object[] {secret}, 
+           new String[] {String.class.getName()});
+  }
+  
    public static char[] decode(String password, ObjectName serviceName)
       throws Exception
    {

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-net/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-net/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-net/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.jboss.security</groupId>
     <artifactId>jboss-negotiation-project</artifactId>
-    <version>2.1.1.SNAPSHOT</version>
+    <version>2.2.0.SNAPSHOT</version>
     <relativePath>../parent/pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
@@ -43,27 +43,14 @@
 
     <!-- Global dependencies -->
     <dependency>
-      <groupId>org.jboss.jbossas</groupId>
-      <artifactId>jboss-as-security</artifactId>
-    </dependency>
-    <dependency>
       <groupId>org.jboss.logging</groupId>
-      <artifactId>jboss-logging</artifactId>
+        <artifactId>jboss-logging</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.jboss.mx</groupId>
-      <artifactId>jboss-j2se</artifactId>
+       <groupId>org.picketbox</groupId>
+       <artifactId>picketbox</artifactId>
     </dependency>
-    <dependency>
-      <groupId>org.jboss.security</groupId>
-      <artifactId>jbosssx</artifactId>
-    </dependency>
-    <dependency>
-      <groupId>org.jboss.security</groupId>
-      <artifactId>jboss-security-spi</artifactId>
-    </dependency>
 
-
   </dependencies>
 
 </project>

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-net/src/main/java/org/jboss/security/negotiation/net/SPNEGOServerSocket.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-net/src/main/java/org/jboss/security/negotiation/net/SPNEGOServerSocket.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-net/src/main/java/org/jboss/security/negotiation/net/SPNEGOServerSocket.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -41,7 +41,7 @@
 
 import org.ietf.jgss.GSSContext;
 import org.jboss.logging.Logger;
-import org.jboss.mx.util.MBeanServerLocator;
+//import org.jboss.mx.util.MBeanServerLocator;
 import org.jboss.security.SecurityConstants;
 import org.jboss.security.auth.callback.SecurityAssociationHandler;
 import org.jboss.security.negotiation.MessageFactory;
@@ -52,7 +52,7 @@
 import org.jboss.security.negotiation.spnego.encoding.NegTokenInit;
 import org.jboss.security.negotiation.spnego.encoding.NegTokenTarg;
 import org.jboss.security.negotiation.spnego.encoding.TokenParser;
-import org.jboss.security.plugins.JaasSecurityManager;
+//import org.jboss.security.plugins.JaasSecurityManager;
 
 /**
  *  An implementation of {@link ServerSocket} that tries to establish a {@link GSSContext}
@@ -242,9 +242,12 @@
     */
    protected boolean isValid(Principal principal, Object credential, String securityDomain) throws Exception
    {
+      // TODO - Maybe re-implement for AS7 - however Remoting support SASL already.
+      throw new UnsupportedOperationException("Needs Re-Implementing");
+      /*
       InitialContext ctx = new InitialContext();
       JaasSecurityManager jsm = (JaasSecurityManager) ctx.lookup(SecurityConstants.JAAS_CONTEXT_ROOT + "/" + securityDomain);
-      return jsm.isValid(principal, credential);
+      return jsm.isValid(principal, credential);*/
    }
    
    /**
@@ -256,11 +259,13 @@
     */
    protected void flushPrincipalFromCache(Principal principal, String securityDomain) throws Exception
    {
-      MBeanServer server = MBeanServerLocator.locateJBoss();
+      // TODO - Maybe re-implement for AS7 - however Remoting support SASL already.
+      throw new UnsupportedOperationException("Needs Re-Implementing");
+      /*MBeanServer server = MBeanServerLocator.locateJBoss();
       ObjectName jaasMgr = new ObjectName("jboss.security:service=JaasSecurityManager");
       Object[] params = {securityDomain, principal};
       String[] signature = {String.class.getName(), Principal.class.getName()};
-      server.invoke(jaasMgr, "flushAuthenticationCache", params, signature);
+      server.invoke(jaasMgr, "flushAuthenticationCache", params, signature);*/
    }
    
    /**

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-ntlm/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.jboss.security</groupId>
     <artifactId>jboss-negotiation-project</artifactId>
-    <version>2.1.1.SNAPSHOT</version>
+    <version>2.2.0.SNAPSHOT</version>
     <relativePath>../parent/pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
@@ -39,8 +39,9 @@
 
     <!-- Global dependencies -->
     <dependency>
-      <groupId>junit</groupId>
-      <artifactId>junit</artifactId>
+        <groupId>junit</groupId>
+        <artifactId>junit</artifactId>
+        <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.jboss</groupId>

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-spnego/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-spnego/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-spnego/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.jboss.security</groupId>
     <artifactId>jboss-negotiation-project</artifactId>
-    <version>2.1.1.SNAPSHOT</version>
+    <version>2.2.0.SNAPSHOT</version>
     <relativePath>../parent/pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
@@ -39,14 +39,11 @@
 
     <!-- Global dependencies -->
     <dependency>
-      <groupId>junit</groupId>
-      <artifactId>junit</artifactId>
+        <groupId>junit</groupId>
+        <artifactId>junit</artifactId>
+        <scope>test</scope>
     </dependency>
     <dependency>
-      <groupId>log4j</groupId>
-      <artifactId>log4j</artifactId>
-    </dependency>
-    <dependency>
       <groupId>org.jboss</groupId>
       <artifactId>jboss-common-core</artifactId>
     </dependency>
@@ -55,13 +52,13 @@
       <artifactId>jboss-logging</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.jboss.security</groupId>
-      <artifactId>jbosssx</artifactId>
-    </dependency>
-    <dependency>
       <groupId>org.jboss.web</groupId>
       <artifactId>jbossweb</artifactId>
     </dependency>
+    <dependency>
+       <groupId>org.picketbox</groupId>
+       <artifactId>picketbox</artifactId>
+    </dependency>
   </dependencies>
 
 </project>

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOAuthenticator.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOAuthenticator.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOAuthenticator.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -23,7 +23,7 @@
 package org.jboss.security.negotiation.spnego;
 
 import org.apache.catalina.Valve;
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 import org.jboss.security.negotiation.NegotiationAuthenticator;
 
 /**

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOMessageFactory.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -19,7 +19,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 import org.ietf.jgss.GSSException;
 import org.jboss.security.negotiation.MessageFactory;
 import org.jboss.security.negotiation.NegotiationMessage;

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.jboss.security</groupId>
     <artifactId>jboss-negotiation-project</artifactId>
-    <version>2.1.1.SNAPSHOT</version>
+    <version>2.2.0.SNAPSHOT</version>
     <relativePath>../parent/pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
@@ -15,6 +15,22 @@
   <build>
     <plugins>
       <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-war-plugin</artifactId>
+        <version>2.0.2</version>
+        <configuration>
+          <archive>
+            <manifest>
+              <addDefaultImplementationEntries>true</addDefaultImplementationEntries>
+            </manifest>
+            <manifestEntries>
+              <Dependencies>org.jboss.security.negotiation,org.jboss.common-core,org.jboss.logmanager</Dependencies>
+            </manifestEntries>
+          </archive>
+        </configuration>
+      </plugin>
+
+      <plugin>
         <artifactId>maven-surefire-plugin</artifactId>
         <configuration>
           <printSummary>true</printSummary>
@@ -55,25 +71,21 @@
 
     <!-- Global dependencies -->
     <dependency>
-      <groupId>log4j</groupId>
-      <artifactId>log4j</artifactId>
-      <scope>provided</scope>
-    </dependency>
-    <dependency>
       <groupId>org.jboss</groupId>
       <artifactId>jboss-common-core</artifactId>
-      <scope>provided</scope>
     </dependency>
     <dependency>
-      <groupId>org.jboss.security</groupId>
-      <artifactId>jbosssx</artifactId>
-      <scope>provided</scope>
-    </dependency>
-    <dependency>
       <groupId>org.jboss.spec.javax.servlet</groupId>
       <artifactId>jboss-servlet-api_3.0_spec</artifactId>
-      <scope>provided</scope>
     </dependency>
+    <dependency>
+      <groupId>org.jboss.logging</groupId>
+        <artifactId>jboss-logging</artifactId>
+    </dependency>
+    <dependency>
+       <groupId>org.picketbox</groupId>
+       <artifactId>picketbox</artifactId>
+    </dependency>
 
   </dependencies>
 </project>

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/BasicNegotiationServlet.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/BasicNegotiationServlet.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/BasicNegotiationServlet.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -33,7 +33,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 import org.ietf.jgss.Oid;
 import org.jboss.security.negotiation.MessageFactory;
 import org.jboss.security.negotiation.NegotiationException;

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/NTLMNegotiationServlet.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/NTLMNegotiationServlet.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/NTLMNegotiationServlet.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -31,7 +31,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 import org.jboss.security.negotiation.MessageFactory;
 import org.jboss.security.negotiation.NegotiationException;
 import org.jboss.security.negotiation.NegotiationMessage;

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/SecuredServlet.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/SecuredServlet.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/SecuredServlet.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -28,14 +28,22 @@
 import java.io.IOException;
 import java.io.InputStreamReader;
 import java.io.PrintWriter;
+import java.util.List;
+import java.util.Set;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SecurityContextAssociation;
+import org.jboss.security.SubjectInfo;
+import org.jboss.security.identity.Identity;
+import org.jboss.security.identity.Role;
+import org.jboss.security.identity.RoleGroup;
 
+//import org.jboss.security.SecurityAssociation;
+
 /**
  * A simple servlet to be secured and output information on the
  * authenticated user. 
@@ -50,33 +58,42 @@
 
    @Override
    protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException,
-         IOException
-   {
-      PrintWriter writer = resp.getWriter();
+           IOException {
+       PrintWriter writer = resp.getWriter();
 
-      writer.println("<html>");
-      writer.println("  <head>");
-      writer.println("    <title>Negotiation Toolkit</title>");
-      writer.println("  </head>");
-      writer.println("  <body>");
-      writer.println("    <h1>Negotiation Toolkit</h1>");
-      writer.println("    <h2>Secured</h2>");
+       writer.println("<html>");
+       writer.println("  <head>");
+       writer.println("    <title>Negotiation Toolkit</title>");
+       writer.println("  </head>");
+       writer.println("  <body>");
+       writer.println("    <h1>Negotiation Toolkit</h1>");
+       writer.println("    <h2>Secured</h2>");
 
-      writer.println("    <h5>Auth Type</h5>");
-      writeObject(req.getAuthType(), writer);
-      
-      writer.println("    <h5>User Principal</h5>");
-      writeObject(req.getUserPrincipal(), writer);
+       writer.println("    <h5>Auth Type</h5>");
+       writeObject(req.getAuthType(), writer);
 
-      writer.println("    <h5>Caller Principal</h5>");
-      writeObject(SecurityAssociation.getCallerPrincipal(), writer);
+       writer.println("    <h5>User Principal</h5>");
+       writeObject(req.getUserPrincipal(), writer);
 
-      writer.println("    <h5>Subject</h5>");
-      writeObject(SecurityAssociation.getSubject(), writer);
+       SubjectInfo info = SecurityContextAssociation.getSecurityContext().getSubjectInfo();
+       Set<Identity> identities = info.getIdentities();
+       writer.println("    <h5>Identities</h5>");
+       for (Identity current : identities) {
+           writer.println(" " + current.getName() + "<br>");
+       }
 
-      writer.println("  </body>");
-      writer.println("</html>");
-      writer.flush();
+       writer.println("    <h5>Subject</h5>");
+       writeObject(info.getAuthenticatedSubject(), writer);
+
+       List<Role> roles = info.getRoles().getRoles();
+       writer.println("    <h5>Roles</h5>");
+       for (Role current : roles) {
+           writer.println(" " + current.getRoleName() + "<br>");
+       }
+
+       writer.println("  </body>");
+       writer.println("</html>");
+       writer.flush();
    }
 
    private void writeObject(final Object obj, final PrintWriter writer) throws IOException

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/java/org/jboss/security/negotiation/toolkit/SecurityDomainTestServlet.java	2011-06-07 16:50:19 UTC (rev 111538)
@@ -36,7 +36,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.log4j.Logger;
+import org.jboss.logging.Logger;
 
 /**
  * A servlet to test that the security domain required by the authenticator

Modified: projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/webapp/WEB-INF/jboss-web.xml
===================================================================
--- projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/webapp/WEB-INF/jboss-web.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/jboss-negotiation-toolkit/src/main/webapp/WEB-INF/jboss-web.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -4,4 +4,7 @@
 
 <jboss-web>
   <security-domain>java:/jaas/SPNEGO</security-domain>
+    <valve>
+        <class-name>org.jboss.security.negotiation.NegotiationAuthenticator</class-name>
+    </valve>
 </jboss-web>

Modified: projects/security/security-negotiation/trunk/parent/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/parent/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/parent/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -8,7 +8,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.jboss.security</groupId>
   <artifactId>jboss-negotiation-project</artifactId>
-  <version>2.1.1.SNAPSHOT</version>
+  <version>2.2.0.SNAPSHOT</version>
   <packaging>pom</packaging>
   <name>JBoss Negotiation Parent</name>
   <url>http://www.jboss.com</url>
@@ -20,17 +20,12 @@
     <developerConnection>scm:svn:https://svn.jboss.org/repos/jbossas/projects/security/security-negotiation/trunk</developerConnection>
   </scm>
   <properties>
-    <version.commoncore>2.2.17.GA</version.commoncore>
-    <version.jbossas>6.0.0.Final</version.jbossas>
-    <version.jbosslogging>3.0.0.Beta4</version.jbosslogging>
-    <version.jbosssx>2.0.3.SP1</version.jbosssx>
-    <version.jbossweb>3.0.0-CR1</version.jbossweb>
-    <version.junit>4.5</version.junit>
-    <version.log4j>1.2.14</version.log4j>
-    <version.mxj2se>6.0.0.GA</version.mxj2se>
-    <version.securityspi>2.0.2.SP1</version.securityspi>
-    <version.servletapi>1.0.0.Final</version.servletapi>
-
+    <version.junit>4.8.2</version.junit>
+    <version.org.jboss.jboss-common-core>2.2.17.GA</version.org.jboss.jboss-common-core>
+    <version.org.jboss.logging.jboss-logging>3.0.0.Beta5</version.org.jboss.logging.jboss-logging>
+    <version.org.jboss.spec.javax.servlet.jboss-servlet-api_3.0_spec>1.0.0.Final</version.org.jboss.spec.javax.servlet.jboss-servlet-api_3.0_spec>
+    <version.org.jboss.web>7.0.0.CR2</version.org.jboss.web>
+    <version.org.picketbox>4.0.0.Beta4</version.org.picketbox>
   </properties>
   <build>
     <sourceDirectory>src/main/java</sourceDirectory>
@@ -105,16 +100,12 @@
         <groupId>junit</groupId>
         <artifactId>junit</artifactId>
         <version>${version.junit}</version>
+        <scope>test</scope>
       </dependency>
       <dependency>
-        <groupId>log4j</groupId>
-        <artifactId>log4j</artifactId>
-        <version>${version.log4j}</version>
-      </dependency>
-      <dependency>
         <groupId>org.jboss</groupId>
         <artifactId>jboss-common-core</artifactId>
-        <version>${version.commoncore}</version>
+        <version>${version.org.jboss.jboss-common-core}</version>
         <exclusions>
           <exclusion>
             <groupId>org.jboss.logging</groupId>
@@ -123,60 +114,26 @@
         </exclusions>
       </dependency>
       <dependency>
-        <groupId>org.jboss.jbossas</groupId>
-        <artifactId>jboss-as-security</artifactId>
-        <version>${version.jbossas}</version>
-        <exclusions>
-          <exclusion>
-            <groupId>org.jboss.logging</groupId>
-            <artifactId>jboss-logging</artifactId>
-          </exclusion>
-          <exclusion>
-            <groupId>org.jboss.logging</groupId>
-            <artifactId>jboss-logging-spi</artifactId>
-          </exclusion>
-          <exclusion>
-            <groupId>org.jboss.security</groupId>
-            <artifactId>jbosssx-client</artifactId>
-          </exclusion>
-        </exclusions>
-      </dependency>
-      <dependency>
         <groupId>org.jboss.logging</groupId>
         <artifactId>jboss-logging</artifactId>
-        <version>${version.jbosslogging}</version>
+        <version>${version.org.jboss.logging.jboss-logging}</version>
       </dependency>
       <dependency>
-        <groupId>org.jboss.mx</groupId>
-        <artifactId>jboss-j2se</artifactId>
-        <version>${version.mxj2se}</version>
-        <exclusions>
-          <exclusion>
-            <groupId>org.jboss.logging</groupId>
-            <artifactId>jboss-logging-spi</artifactId>
-          </exclusion>
-        </exclusions>
-      </dependency>
-      <dependency>
-        <groupId>org.jboss.security</groupId>
-        <artifactId>jbosssx</artifactId>
-        <version>${version.jbosssx}</version>
-      </dependency>
-      <dependency>
-        <groupId>org.jboss.security</groupId>
-        <artifactId>jboss-security-spi</artifactId>
-        <version>${version.securityspi}</version>
-      </dependency>
-      <dependency>
         <groupId>org.jboss.spec.javax.servlet</groupId>
         <artifactId>jboss-servlet-api_3.0_spec</artifactId>
-        <version>${version.servletapi}</version>
+        <version>${version.org.jboss.spec.javax.servlet.jboss-servlet-api_3.0_spec}</version>
       </dependency>
       <dependency>
         <groupId>org.jboss.web</groupId>
         <artifactId>jbossweb</artifactId>
-        <version>${version.jbossweb}</version>
+        <version>${version.org.jboss.web}</version>
       </dependency>
+      <dependency>
+         <groupId>org.picketbox</groupId>
+         <artifactId>picketbox</artifactId>
+         <version>${version.org.picketbox}</version>
+      </dependency>
+
     </dependencies>
   </dependencyManagement>
 

Modified: projects/security/security-negotiation/trunk/pom.xml
===================================================================
--- projects/security/security-negotiation/trunk/pom.xml	2011-06-07 15:46:06 UTC (rev 111537)
+++ projects/security/security-negotiation/trunk/pom.xml	2011-06-07 16:50:19 UTC (rev 111538)
@@ -3,7 +3,7 @@
    <parent>
       <groupId>org.jboss.security</groupId>
       <artifactId>jboss-negotiation-project</artifactId>
-      <version>2.1.1.SNAPSHOT</version>
+      <version>2.2.0.SNAPSHOT</version>
       <relativePath>parent/pom.xml</relativePath>
    </parent>
    <modelVersion>4.0.0</modelVersion>



More information about the jboss-cvs-commits mailing list