[jboss-svn-commits] JBL Code SVN: r24295 - in labs/jbossesb/workspace/mlittle/legstar/product: rosetta/src/org/jboss/soa/esb/listeners and 2 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Mon Dec 8 03:38:57 EST 2008
Author: jim.ma
Date: 2008-12-08 03:38:57 -0500 (Mon, 08 Dec 2008)
New Revision: 24295
Added:
labs/jbossesb/workspace/mlittle/legstar/product/lib/ext/jbossweb-service.jar
Modified:
labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java
labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/TomcatGatewayListener.java
labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/TomcatServer.java
labs/jbossesb/workspace/mlittle/legstar/product/samples/quickstarts/tomcat_gateway/jboss-esb.xml
Log:
Added HTTP Basic Authentication for TomcatGatewayListener
Added: labs/jbossesb/workspace/mlittle/legstar/product/lib/ext/jbossweb-service.jar
===================================================================
(Binary files differ)
Property changes on: labs/jbossesb/workspace/mlittle/legstar/product/lib/ext/jbossweb-service.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java
===================================================================
--- labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java 2008-12-08 08:18:10 UTC (rev 24294)
+++ labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java 2008-12-08 08:38:57 UTC (rev 24295)
@@ -136,4 +136,8 @@
public static final String CONTEXT_TAG = "context";
public static final String ALLOW_HTTP_METHOD = "allowHttpMethod";
+ public static final String AUTH_METHOD = "authMethod";
+ public static final String SECURITY_DOMAIN = "securityDomain";
+ public static final String SECURITY_ROLE = "securityRole";
+
}
Modified: labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/TomcatGatewayListener.java
===================================================================
--- labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/TomcatGatewayListener.java 2008-12-08 08:18:10 UTC (rev 24294)
+++ labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/TomcatGatewayListener.java 2008-12-08 08:38:57 UTC (rev 24295)
@@ -20,19 +20,29 @@
package org.jboss.soa.esb.listeners.gateway;
import java.net.URI;
+import java.net.URL;
+import java.net.URLClassLoader;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import javax.management.ObjectName;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.LinkRef;
+import javax.naming.NamingException;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.core.StandardContext;
import org.apache.catalina.core.StandardWrapper;
+import org.apache.catalina.deploy.LoginConfig;
+import org.apache.catalina.deploy.SecurityCollection;
+import org.apache.catalina.deploy.SecurityConstraint;
import org.apache.catalina.loader.WebappLoader;
import org.apache.catalina.startup.ContextConfig;
import org.apache.log4j.Logger;
import org.jboss.mx.util.MBeanServerLocator;
+import org.jboss.naming.Util;
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.addressing.EPR;
import org.jboss.soa.esb.helpers.ConfigTree;
@@ -170,6 +180,16 @@
throw new ConfigurationException(e);
}
+ //Check the http security configuration
+ if (config.getAttribute(ListenerTagNames.AUTH_METHOD) != null) {
+ if (config.getAttribute(ListenerTagNames.SECURITY_DOMAIN) == null) {
+ throw new ConfigurationException("Security domain configuration for this context not found for http authentication method " + config.getAttribute(ListenerTagNames.AUTH_METHOD));
+ }
+
+ if (config.getAttribute(ListenerTagNames.SECURITY_ROLE) == null) {
+ throw new ConfigurationException("Security role configuration for this context not found for http authentication method " + config.getAttribute(ListenerTagNames.AUTH_METHOD));
+ }
+ }
}
/*
@@ -254,14 +274,23 @@
TomcatServer.getInstance().createConnector(port, properties);
ctx = new StandardContext();
- ctx.setLoader(new WebappLoader(getClass().getClassLoader()));
+ URL[] urls = new URL[]{};
+ URLClassLoader urlClassLoader = new URLClassLoader(urls, getClass().getClassLoader());
+
+ WebappLoader loader = new WebappLoader(urlClassLoader);
+ ctx.setLoader(loader);
ContextConfig ctxCfg = new ContextConfig();
ctx.addLifecycleListener(ctxCfg);
ctxCfg.setDefaultWebXml("org/apache/catalin/startup/NO_DEFAULT_XML");
ctx.setPath(httpContext);
ctx.setDocBase(".");
+
+
+ ClassLoader oldloader = Thread.currentThread().getContextClassLoader();
+ Thread.currentThread().setContextClassLoader(urlClassLoader);
initWebappDefaults(ctx);
+ Thread.currentThread().setContextClassLoader(oldloader);
TomcatServer.getInstance().addContext(host, ctx);
String connectorName = TomcatServer.DOMAIN_NAME + ":*,port=" + port + ",type=Connector";
@@ -333,8 +362,27 @@
* @throws Exception For errors during initialization
*/
protected void initWebappDefaults(StandardContext ctx) throws Exception {
- StandardWrapper sw = (StandardWrapper) ctx.createWrapper();
+ if (isHttpAuthConfiured()) {
+
+ InitialContext iniCtx = new InitialContext();
+
+ Context envCtx;
+ try {
+ envCtx = (Context) iniCtx.lookup("java:comp/env");
+ } catch (NamingException e) {
+ envCtx = (Context) iniCtx.lookup("java:comp");
+ envCtx = envCtx.createSubcontext("env");
+ }
+
+ String securityDomain = getConfig().getAttribute(ListenerTagNames.SECURITY_DOMAIN);
+ Util.bind(envCtx, "security/securityMgr", new LinkRef(securityDomain));
+ Util.bind(envCtx, "security/realmMapping", new LinkRef(securityDomain));
+ Util.bind(envCtx, "security/security-domain", new LinkRef(securityDomain));
+ Util.bind(envCtx, "security/subject", new LinkRef(securityDomain));
+ }
+ StandardWrapper sw = (StandardWrapper) ctx.createWrapper();
+
sw.setServletClass(dispatchServletClassName);
sw.setName("default");
ctx.addChild(sw);
@@ -350,6 +398,32 @@
throw e;
}
ctx.addServletMapping("/", "default");
+
+
+ //Add security support
+ if (isHttpAuthConfiured()) {
+ String securityRole = this.getConfig().getAttribute(ListenerTagNames.SECURITY_ROLE);
+ SecurityConstraint constraint = new SecurityConstraint();
+ constraint.addAuthRole(securityRole);
+ SecurityCollection collection = new SecurityCollection("all");
+ collection.addPattern("/*");
+ constraint.addCollection(collection);
+ ctx.addConstraint(constraint);
+
+ ctx.addSecurityRole(securityRole);
+
+ String authMethod = this.getConfig().getAttribute(ListenerTagNames.AUTH_METHOD);
+ LoginConfig config = new LoginConfig(authMethod, securityRole,
+ null, null);
+ ctx.setLoginConfig(config);
+ }
}
+
+ private boolean isHttpAuthConfiured() {
+ if (getConfig().getAttribute(ListenerTagNames.AUTH_METHOD) != null) {
+ return true;
+ }
+ return false;
+ }
}
\ No newline at end of file
Modified: labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/TomcatServer.java
===================================================================
--- labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/TomcatServer.java 2008-12-08 08:18:10 UTC (rev 24294)
+++ labs/jbossesb/workspace/mlittle/legstar/product/rosetta/src/org/jboss/soa/esb/listeners/gateway/TomcatServer.java 2008-12-08 08:38:57 UTC (rev 24295)
@@ -34,10 +34,12 @@
import org.apache.catalina.core.StandardEngine;
import org.apache.catalina.core.StandardHost;
import org.apache.catalina.core.StandardService;
+import org.apache.catalina.realm.MemoryRealm;
import org.apache.tomcat.util.IntrospectionUtils;
import org.apache.tomcat.util.modeler.Registry;
import org.jboss.mx.util.MBeanServerLocator;
import org.jboss.soa.esb.helpers.KeyValuePair;
+import org.jboss.web.tomcat.security.JBossSecurityMgrRealm;
/**
* This class creates and starts the jboss esb tomcat engine. The tomcat Connector
@@ -101,6 +103,17 @@
+ ":type=Engine"), null);
if (engines.size() == 0) {
StandardEngine engine = new StandardEngine();
+
+ //Add JBossSecurityMgrRealm
+ JBossSecurityMgrRealm realm = new JBossSecurityMgrRealm();
+ realm.setCertificatePrincipal("org.jboss.security.auth.certs.SubjectDNMapping");
+ realm.setAllRolesMode("authOnly");
+
+ engine.setRealm(realm);
+ Registry.getRegistry().registerComponent(realm,
+ new ObjectName(DOMAIN_NAME + ":type=Realm"), null);
+
+
engine.setDefaultHost("localhost");
engine.setDomain(DOMAIN_NAME);
engine.setName(DOMAIN_NAME + ".engine");
Modified: labs/jbossesb/workspace/mlittle/legstar/product/samples/quickstarts/tomcat_gateway/jboss-esb.xml
===================================================================
--- labs/jbossesb/workspace/mlittle/legstar/product/samples/quickstarts/tomcat_gateway/jboss-esb.xml 2008-12-08 08:18:10 UTC (rev 24294)
+++ labs/jbossesb/workspace/mlittle/legstar/product/samples/quickstarts/tomcat_gateway/jboss-esb.xml 2008-12-08 08:38:57 UTC (rev 24295)
@@ -26,9 +26,16 @@
<property name="Keystore" value="./key/.keystore"/>
<property name="Keypass" value="changeit"/>
<property name="allowTrace" value="true"/-->
- <tomcat-bus busid="HTTP-1" context="/jbossesb/tomcatgateway/serviceA" />
-
- <tomcat-bus busid="HTTP-2" context="/jbossesb/tomcatgateway/serviceB" />
+ <tomcat-bus busid="HTTP-1" context="/jbossesb/tomcatgateway/serviceA">
+ <property name="authMethod" value="BASIC"/>
+ <property name="securityDomain" value="java:/jaas/jmx-console"/>
+ <property name="securityRole" value="JBossAdmin"/>
+ </tomcat-bus>
+ <tomcat-bus busid="HTTP-2" context="/jbossesb/tomcatgateway/serviceB">
+ <property name="authMethod" value="BASIC"/>
+ <property name="securityDomain" value="java:/jaas/messaging"/>
+ <property name="securityRole" value="esbrole"/>
+ </tomcat-bus>
</tomcat-provider>
</providers>
More information about the jboss-svn-commits
mailing list