[jboss-jira] [JBoss JIRA] (AS7-6422) OptionsRoleMappingProvider cannot work on AS7

[Tomaz Cerar (JIRA)]

    [ https://issues.jboss.org/browse/AS7-6422?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12751498#comment-12751498 ] 

Tomaz Cerar commented on AS7-6422:
----------------------------------

given that AS7 does not provide nested properties inside properties this fix should be done to provider itself
                
> OptionsRoleMappingProvider cannot work on AS7
> ---------------------------------------------
>
>                 Key: AS7-6422
>                 URL: https://issues.jboss.org/browse/AS7-6422
>             Project: Application Server 7
>          Issue Type: Feature Request
>          Components: Security
>    Affects Versions: 7.1.2.Final (EAP), 7.1.3.Final (EAP)
>            Reporter: Akram Ben Aissi
>            Assignee: Anil Saldhana
>
> The OptionsRoleMappingProvider available in picketbox jars is intended to provided a simple way to map some toles to other roles.
> This case is usefull in many cases where you get roles from a system and want to map them to one or several JaaS Roles.
> However, OptionsRoleMappingProvider cannot be used in AS7 to map roles to groups because this provider contains an attribute Properties roleMaps which requires a Properties object to be initialized.
> A Properties object cannot be passed by AS7 configuration, so this provider cannot be used as is.
> Here is its required syntax according to picketbox documentation:
> {code:xml} 
> <mapping-module code="org.jboss.security.mapping.providers.OptionsRoleMappingProvider"
>           type="role">
>              <module-option name="rolesMap" >
>                         <java:properties xmlns:java="urn:jboss:java-properties"
>                                  xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
>                                  xs:schemaLocation="urn:jboss:java-properties resource:java-properties_1_0.xsd">
>                                  <java:property>
>                                     <java:key>validuser</java:key>
>                                     <java:value>AuthorizedUser,InternalUser</java:value>
>                                  </java:property>
>                            </java:properties>
>                       </module-option>
>                    <module-option name="replaceRoles">false</module-option>
>                </mapping-module>
>        </mapping>
> {code} 
> Such a syntax is not possible in AS7.
> Here is the incriminated code:
> {code:java} 
> private Properties roleMapProperties = new Properties();
>    /**
>     * Specifies
>     */
>    private boolean REPLACE_ROLES = false;
>    
>    public void init(Map<String,Object> opt)
>    {
>      this.options = opt;
>      if(options != null)
>      {
>         if(options.containsKey(REPLACE_ROLES_STRING))
>         {
>            REPLACE_ROLES = "true".equalsIgnoreCase((String)options.get(REPLACE_ROLES_STRING)); 
>         }
>         if(options.containsKey(ROLES_MAP))
>         {
>            roleMapProperties = (Properties)options.get(ROLES_MAP);
>         } 
>      } 
>    }
> {code} 
> As you can see, roleMapProperties is a Properties.
> But in AS7, options.get(ROLES_MAP) returns a String.
> So an adapter is required to make the AS match the contract, or another implemtation is required.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira