[jboss-svn-commits] JBL Code SVN: r21586 - in labs/jbossesb/workspace/dbevenius/security/product: rosetta/src/org/jboss/soa/esb/services/security and 4 other directories.

[jboss-svn-commits at lists.jboss.org]

Author: beve
Date: 2008-08-17 04:06:35 -0400 (Sun, 17 Aug 2008)
New Revision: 21586

Added:
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagatorUnitTest.java
Modified:
   labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
   labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/opensso/jboss-esb.xml
Log:
Moved the seucirty propagation to its own action


Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java	2008-08-16 20:37:18 UTC (rev 21585)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java	2008-08-17 08:06:35 UTC (rev 21586)
@@ -32,8 +32,6 @@
 
 import org.apache.log4j.Logger;
 import org.jboss.internal.soa.esb.assertion.AssertArgument;
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityAssociation;
 import org.jboss.soa.esb.ConfigurationException;
 import org.jboss.soa.esb.common.Configuration;
 import org.jboss.soa.esb.common.Environment;
@@ -139,17 +137,6 @@
 		{
 			throw new SecurityServiceException("Exception while trying to login:", e);
 		} 
-		
-		final Subject subject = securityContext.getSubject();
-		final Principal principal = getPrincipal(subject);
-		//	associate the subject with jboss security
-		SecurityAssociation.pushSubjectContext(subject, principal, subject.getPublicCredentials());
-		
-		//	associate the runAs role with jboss security
-		if ( runAs != null )
-		{
-    		SecurityAssociation.pushRunAsIdentity(new RunAsIdentity(runAs, principal.getName()));
-		}
 	}
 	
 	/**
@@ -214,15 +201,6 @@
 		}
 	}
 
-	private Principal getPrincipal( final Subject subject)
-	{
-		for (Principal principal : subject.getPrincipals())
-		{
-			return principal;
-		}
-		return null;
-	}
-
 	/**
 	 * Creates an instance of EsbCallbackHandler specified in either jboss-esb.xml:
 	 * <pre>

Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java	                        (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagator.java	2008-08-17 08:06:35 UTC (rev 21586)
@@ -0,0 +1,83 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ * 
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ * 
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.actions;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import org.jboss.security.RunAsIdentity;
+import org.jboss.security.SecurityAssociation;
+import org.jboss.soa.esb.actions.BeanConfiguredAction;
+import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.services.security.SecurityContext;
+import org.jboss.soa.esb.services.security.SecurityService;
+
+/**
+ * JBossSecurityPropagator is an ESB action that can be used to 
+ * propagate security information to JBoss Application Server(JBossAS).
+ * </p>
+ * This action can be placed before an action that calls out the a 
+ * JBossAS instance, for example an EJB call.
+ * 
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class JBossSecurityPropagator implements BeanConfiguredAction
+{
+	private String runAs;
+	
+	public Message process(final Message message)
+	{
+		final SecurityContext securityContext = (SecurityContext) message.getProperties().getProperty( SecurityService.CONTEXT );
+		if ( securityContext != null )
+		{
+			final Subject subject = securityContext.getSubject();
+			final Principal principal = getPrincipal(subject);
+			
+			//	associate the subject with jboss security
+			SecurityAssociation.pushSubjectContext(subject, principal, subject.getPublicCredentials());
+			
+			if ( runAs != null )
+			{
+    			//	associate the runAs role with jboss security
+	    		SecurityAssociation.pushRunAsIdentity(new RunAsIdentity(runAs, principal.getName()));
+			}
+			
+		}
+		return message;
+	}
+	
+	public void setRunAs(String runAs)
+	{
+		this.runAs = runAs;
+	}
+
+	private Principal getPrincipal( final Subject subject)
+	{
+		for (Principal principal : subject.getPrincipals())
+		{
+			return principal;
+		}
+		return null;
+	}
+
+}

Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagatorUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagatorUnitTest.java	                        (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/actions/JBossSecurityPropagatorUnitTest.java	2008-08-17 08:06:35 UTC (rev 21586)
@@ -0,0 +1,70 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ * 
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ * 
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.actions;
+
+import static org.junit.Assert.*;
+
+import javax.security.auth.Subject;
+
+import org.jboss.security.SecurityAssociation;
+import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.message.format.MessageFactory;
+import org.jboss.soa.esb.services.security.SecurityContext;
+import org.jboss.soa.esb.services.security.SecurityService;
+import org.jboss.soa.esb.services.security.principals.User;
+import org.junit.Test;
+
+import junit.framework.JUnit4TestAdapter;
+
+/**
+ * Unittest for {@link JBossSecurityPropagator}
+ * </p>
+ * 
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class JBossSecurityPropagatorUnitTest
+{
+	@Test
+	public void process()
+	{
+		JBossSecurityPropagator propagator = new JBossSecurityPropagator();
+		propagator.setRunAs("adminRole");
+		Message message = MessageFactory.getInstance().getMessage();
+		Subject subject = new Subject();
+		subject.getPrincipals().add(new User("testUser"));
+		
+		SecurityContext securityContext = new SecurityContext(subject);
+		message.getProperties().setProperty( SecurityService.CONTEXT, securityContext );
+		
+		propagator.process(message);
+		
+		Subject jbossSubject = SecurityAssociation.getSubject();
+		System.out.println(jbossSubject);
+		assertEquals( subject, jbossSubject);
+	}
+	
+	public static junit.framework.Test suite()
+	{
+		return new JUnit4TestAdapter(JBossSecurityPropagatorUnitTest.class);
+	}
+
+}

Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/opensso/jboss-esb.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/opensso/jboss-esb.xml	2008-08-16 20:37:18 UTC (rev 21585)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/opensso/jboss-esb.xml	2008-08-17 08:06:35 UTC (rev 21586)
@@ -71,6 +71,11 @@
 		<service category="OpenSSO" name="Service3" description="Service 3" invmScope="GLOBAL">
 			<security moduleName="OpenSSOLogin" runAs="adminRole"/>
 			<actions mep="OneWay">
+
+				<action name="propagate" class="org.jboss.soa.esb.services.security.actions.JBossSecurityPropagator">
+					<property name="runAs" value="adminRole"/>
+				</action>
+
 				<action name="action1" class="org.jboss.soa.esb.actions.SystemPrintln">
 					<property name="printfull" value="false"/>
 					<property name="message" value="In Service3"/>