[jboss-svn-commits] JBL Code SVN: r21550 - in labs/jbossesb/workspace/dbevenius/security/product/rosetta: src/org/jboss/soa/esb/listeners/message and 1 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Thu Aug 14 15:28:02 EDT 2008
Author: beve
Date: 2008-08-14 15:28:02 -0400 (Thu, 14 Aug 2008)
New Revision: 21550
Modified:
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
Log:
Added test and synchronization to the refresh and getConfiguraiton methods.
Also the securityService is stored in the constructor of ActionProcessingPipleline to avoid calls to refresh.
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-08-14 19:13:03 UTC (rev 21549)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-08-14 19:28:02 UTC (rev 21550)
@@ -93,9 +93,11 @@
/**
* Performs authentication of the passed in SecurityContext.
* </p>
+ *
* This method will first try to authenticate the authRequest by using a custom <br>
* javax.security.auth.login.Configuration, which would be the case where the <br>
- * login module name specified exists in a jaas.login file. <br>
+ * login module name specified exists in a jaas.login file.
+ * <br>
* If the login module name cannot be found in jaas.login then this method will <br>
* fall back and try to authenticate using a an underlying Configuration. This would <br>
* be the case when running in an appserver for instance.
@@ -118,10 +120,8 @@
final EsbCallbackHandler callbackHandler = createCallbackHandler(config, authRequest);
try
{
- log.info("Configuration: " + configuration);
- log.info("OrgConfiguration :" + containerConfig);
// try to login with a standalone jaas login configuration file(for example jaas.login file)
- loginContext = new LoginContext(config.getModuleName(), securityContext.getSubject(), callbackHandler, configuration);
+ loginContext = new LoginContext(config.getModuleName(), securityContext.getSubject(), callbackHandler, getConfiguration());
}
catch (final LoginException ignore)
{
@@ -152,15 +152,6 @@
}
}
- private Principal getPrincipal( final Subject subject)
- {
- for (Principal principal : subject.getPrincipals())
- {
- return principal;
- }
- return null;
- }
-
/**
* Determines if the passed in Subject has the role specified in the context.
* @return true - if the callers has the role
@@ -192,14 +183,13 @@
}
final Properties securityProperties = Configuration.getSecurityServiceProperies();
- String loginConfigUrl = securityProperties.getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
+ final String loginConfigUrl = securityProperties.getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
if ( loginConfigUrl != null )
{
- URL loginUrl = ClassUtil.getResource(loginConfigUrl, getClass());
+ final URL loginUrl = ClassUtil.getResource(loginConfigUrl, getClass());
if ( loginUrl == null )
{
- final String invalidPropertyMsg =
- "The value for property [" + Environment.SECURITY_SERVICE_CONFIG_URL +
+ final String invalidPropertyMsg = "The value for property [" + Environment.SECURITY_SERVICE_CONFIG_URL +
"] must be a valid URL. This property should point to a file on the local file system or on the classpath.";
throw new ConfigurationException(invalidPropertyMsg);
}
@@ -212,10 +202,10 @@
public void logout(SecurityConfig config)
{
- throw new UnsupportedOperationException("Logout is not implemented for " + getClass().getName());
+ // NoOp
}
- public void refreshSecurityConfig()
+ public synchronized void refreshSecurityConfig()
{
if ( configuration != null )
{
@@ -224,6 +214,15 @@
}
}
+ private Principal getPrincipal( final Subject subject)
+ {
+ for (Principal principal : subject.getPrincipals())
+ {
+ return principal;
+ }
+ return null;
+ }
+
/**
* Creates an instance of EsbCallbackHandler specified in either jboss-esb.xml:
* <pre>
@@ -293,9 +292,19 @@
{
log.info("Adding file [ " + loginConfigUrl + "] as [" + LOGIN_CONFIG_URL_PREFIX + urlIndex + "]");
Security.setProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex, loginConfigUrl.toExternalForm());
- configuration = new ConfigFile();
+ setConfiguration(new ConfigFile());
}
}
+
+ private synchronized javax.security.auth.login.Configuration getConfiguration()
+ {
+ return configuration;
+ }
+
+ private synchronized void setConfiguration(final javax.security.auth.login.Configuration configuration)
+ {
+ this.configuration = configuration;
+ }
private void addRunAs( final String runAs, final Subject subject )
{
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-08-14 19:13:03 UTC (rev 21549)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-08-14 19:28:02 UTC (rev 21550)
@@ -108,6 +108,8 @@
private SecurityConfig securityConf;
+ private SecurityService securityService;
+
/**
* public constructor
*
@@ -258,7 +260,8 @@
{
securityConf = SecurityConfigUtil.createSecurityConfig(securityConfigs[0]);
LOGGER.info(securityConf);
- SecurityServiceFactory.getSecurityService().configure();
+ securityService = SecurityServiceFactory.getSecurityService();
+ securityService.configure();
}
}
@@ -367,7 +370,7 @@
AuthenticationRequest authRequest = (AuthenticationRequest) message.getProperties().getProperty( SecurityService.AUTH_REQUEST );
// perform the authentication
- SecurityServiceFactory.getSecurityService().authenticate(securityConf, securityContext, authRequest);
+ securityService.authenticate(securityConf, securityContext, authRequest);
// add the security context to the message
message.getProperties().setProperty( SecurityService.CONTEXT, securityContext );
@@ -379,12 +382,14 @@
faultTo(callDetails, Factory.createErrorMessage(Factory.UNEXPECTED_ERROR, message, e));
return false;
}
+ /*
catch (final ConfigurationException e)
{
LOGGER.error( "Authentication exception : ", e);
faultTo(callDetails, Factory.createErrorMessage(Factory.UNEXPECTED_ERROR, message, e));
return false;
}
+ */
finally
{
// always remove the authentication request as it contains sensitive information
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-08-14 19:13:03 UTC (rev 21549)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-08-14 19:28:02 UTC (rev 21550)
@@ -20,6 +20,7 @@
*/
package org.jboss.internal.soa.esb.services.security;
+import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
@@ -29,11 +30,10 @@
import java.util.Set;
import javax.security.auth.Subject;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
import junit.framework.JUnit4TestAdapter;
+import org.antlr.stringtemplate.test.FailedAssertionException;
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.common.Environment;
import org.jboss.soa.esb.services.security.SecurityConfig;
@@ -45,7 +45,6 @@
import org.jboss.soa.esb.services.security.auth.AuthenticationRequestImpl;
import org.jboss.soa.esb.services.security.principals.Group;
import org.jboss.soa.esb.services.security.principals.Role;
-//import org.jboss.soa.esb.services.security.principals.SSOPrincipal;
import org.jboss.soa.esb.util.ClassUtil;
import org.junit.After;
import org.junit.Before;
@@ -88,10 +87,8 @@
public void authenticateWithRole() throws ConfigurationException, SecurityServiceException
{
SecurityConfig configInfo = SecurityConfig.createSecurityInfo("adminRole", null, "SuccessfulLogin", null, null);
-
SecurityContext context = new SecurityContext(subject);
service.authenticate(configInfo, context, null);
-
Set<Principal> principals = subject.getPrincipals( Principal.class );
assertEquals( 2, principals.size() );
}
@@ -109,7 +106,6 @@
service.authenticate(configInfo, context, null);
Set<Principal> principals = subject.getPrincipals( Principal.class );
- System.out.println(principals);
assertEquals( 2, principals.size() );
}
@@ -134,12 +130,35 @@
@Test
public void refresh() throws SecurityServiceException
{
+ Runnable runnable = new Runnable()
+ {
+ public void run()
+ {
+ threadLogin();
+ }
+ };
+ for (int i = 0; i < 1000; i++)
+ {
+ Thread t1 = new Thread(runnable);
+ Thread t2 = new Thread(runnable);
+ t1.start();
+ t2.start();
+ }
+ }
+
+ private void threadLogin()
+ {
SecurityConfig configInfo = SecurityConfig.createSecurityInfo(null, null, "SuccessfulLogin", null, null);
- SecurityContext context = new SecurityContext(subject);
- Configuration configuration = Configuration.getConfiguration();
- System.out.println(configuration);
+ SecurityContext context = new SecurityContext(new Subject());
service.refreshSecurityConfig();
- service.authenticate( configInfo, context, null );
+ try
+ {
+ service.authenticate( configInfo, context, null );
+ }
+ catch (SecurityServiceException e)
+ {
+ fail(e.getMessage());
+ }
}
@Before
More information about the jboss-svn-commits
mailing list