[jboss-svn-commits] JBL Code SVN: r21174 - in labs/jbossesb/workspace/dbevenius/security/product: rosetta/src/org/jboss/soa/esb/common and 6 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Tue Jul 22 12:56:24 EDT 2008
Author: beve
Date: 2008-07-22 12:56:23 -0400 (Tue, 22 Jul 2008)
New Revision: 21174
Added:
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityServiceFactoryUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml
Removed:
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.policy
Modified:
labs/jbossesb/workspace/dbevenius/security/product/etc/schemas/xml/jbossesb-1.0.1.xsd
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Environment.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/ModulePropertyManager.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/ActionMapper.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapper.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/MessageAwareListener.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/JaasSecurityServiceUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/build.xml
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.login
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jboss-esb.xml
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jbossesb-properties.xml
Log:
Refactored out the login from MessageAwareListener. This is now in ActionProcessingPipeline.
The configruation has been moved to jbossesb-propreties.xml
Modified: labs/jbossesb/workspace/dbevenius/security/product/etc/schemas/xml/jbossesb-1.0.1.xsd
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/etc/schemas/xml/jbossesb-1.0.1.xsd 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/etc/schemas/xml/jbossesb-1.0.1.xsd 2008-07-22 16:56:23 UTC (rev 21174)
@@ -392,67 +392,31 @@
</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
- <xsd:sequence>
- <xsd:element maxOccurs="1" minOccurs="0" ref="jesb:authentication" />
- </xsd:sequence>
<xsd:attribute name="runAs" type="xsd:string" use="optional">
<xsd:annotation>
<xsd:documentation xml:lang="en">
+ Is used to specify that a specific security role given by the role-name value should be used
+ as the security identity for this service.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
+ <xsd:attribute name="moduleName" type="xsd:string" use="optional">
+ <xsd:annotation>
+ <xsd:documentation xml:lang="en">
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
<xsd:attribute name="useCallerIdentity" type="xsd:string" use="optional">
<xsd:annotation>
<xsd:documentation xml:lang="en">
+ Is used to indicate that the current caller's identity should be propagated as the security identity
+ this service.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
</xsd:element>
- <xsd:element name="authentication">
- <xsd:annotation>
- <xsd:documentation xml:lang="en">
- </xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element maxOccurs="1" minOccurs="0" ref="jesb:login-config" />
- <xsd:element maxOccurs="unbounded" minOccurs="0" ref="jesb:policy-config" />
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
-
- <xsd:element name="login-config">
- <xsd:annotation>
- <xsd:documentation xml:lang="en">
- </xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="xsd:anyType">
- <xsd:attribute name="file" type="xsd:string" use="required" />
- <xsd:attribute name="moduleName" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
-
- <xsd:element name="policy-config">
- <xsd:annotation>
- <xsd:documentation xml:lang="en">
- </xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="xsd:anyType">
- <xsd:attribute name="file" type="xsd:string" use="required" />
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
-
-
<!-- 88888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888
Listener base types.
88888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888-->
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -35,6 +35,8 @@
import org.jboss.soa.esb.helpers.NamingContextException;
import org.jboss.soa.esb.helpers.NamingContextPool;
+import com.arjuna.common.util.propertyservice.PropertyManager;
+
public class Configuration
{
private static Logger _logger = Logger.getLogger(Configuration.class);
@@ -415,4 +417,19 @@
throw new ConfigurationException("Unexpected exception while accessing naming context pool", nce) ;
}
}
+
+ /**
+ * The SecurityService Implememtation Class
+ *
+ * @return String the fully qualified name of the ServiceService implementation class
+ */
+ public static String getSecurityServiceImplementationClass()
+ {
+ return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_IMPEMENTATION_CLASS);
+ }
+
+ public static String getSecurityServiceConfigUrl()
+ {
+ return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
+ }
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Environment.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Environment.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Environment.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -205,6 +205,12 @@
public static final String MESSAGE_TRACE = "org.jboss.soa.esb.messagetrace"; // on or off
public static final String PER_MESSAGE_TRACE = "org.jboss.soa.esb.permessagetrace"; // on or off
+ /**
+ * The SecurityService Implementation class
+ */
+ public static final String SECURITY_SERVICE_IMPEMENTATION_CLASS = "org.jboss.soa.esb.services.security.implementationClass";
+ public static final String SECURITY_SERVICE_CONFIG_URL = "org.jboss.soa.esb.services.security.configUrl";
+
// Configuration options for the Naming Context pooling.
/**
* The maximum pool size.
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/ModulePropertyManager.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/ModulePropertyManager.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/ModulePropertyManager.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -101,6 +101,8 @@
public static final String DBSTORE_MODULE = "dbstore";
public static final String FILTER_MODULE = "filters";
+
+ public static final String SECURITY_MODULE = "security";
/**
* Get the property manager responsible for the module component in the
@@ -143,12 +145,9 @@
try
{
- PropertyManager propertyManager = PropertyManagerFactory
- .getPropertyManager(
- "org.jboss.soa.esb.propertymanager." + name, name);
+ PropertyManager propertyManager = PropertyManagerFactory.getPropertyManager("org.jboss.soa.esb.propertymanager." + name, name);
- String propertiesFilename = System.getProperty(
- Environment.PROPERTIES_FILE, Environment.DEFAULT_PROPERTY_FILE);
+ String propertiesFilename = System.getProperty(Environment.PROPERTIES_FILE, Environment.DEFAULT_PROPERTY_FILE);
/*
* Does not cause reloading of the same file over and over. Once it is
@@ -157,8 +156,7 @@
try
{
- propertyManager.load(XMLFilePlugin.class.getName(),
- propertiesFilename);
+ propertyManager.load(XMLFilePlugin.class.getName(), propertiesFilename);
}
catch (LoadPropertiesException ex)
{
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/ActionMapper.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/ActionMapper.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/ActionMapper.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -61,6 +61,7 @@
{
listenerConfigTree.setAttribute(ListenerTagNames.MEP_ATTRIBUTE_TAG, mep.toString()) ;
}
+ SecurityMapper.map(listenerConfigTree, listenerService);
List<Action> actionList = actions.getActionList();
try {
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapper.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapper.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapper.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -55,6 +55,5 @@
final Element securityElement = YADOMUtil.addElement( toConfigTree, ListenerTagNames.SECURITY_TAG );
MapperUtil.serialize( security, securityElement );
}
- YADOMUtil.removeEmptyAttributes( toConfigTree );
}
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -41,15 +41,25 @@
import org.jboss.soa.esb.couriers.CourierUtil;
import org.jboss.soa.esb.helpers.ConfigTree;
import org.jboss.soa.esb.listeners.ListenerTagNames;
+import org.jboss.soa.esb.listeners.lifecycle.ManagedLifecycleException;
import org.jboss.soa.esb.listeners.message.errors.Factory;
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.message.Properties;
import org.jboss.soa.esb.services.persistence.MessageStore;
+import org.jboss.soa.esb.services.security.JaasSecurityContext;
+import org.jboss.soa.esb.services.security.SecurityConfigInfo;
+import org.jboss.soa.esb.services.security.SecurityConfigUtil;
+import org.jboss.soa.esb.services.security.SecurityContext;
+import org.jboss.soa.esb.services.security.SecurityServiceFactory;
import org.jboss.soa.esb.util.ClassUtil;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.concurrent.atomic.AtomicBoolean;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
+
/**
* Action Processing Pipeline. <p/> Runs a list of action classes on a message
*
@@ -95,6 +105,8 @@
* The flag indicating whether we are using implicit or explicit processing.
*/
private boolean defaultProcessing ;
+
+ private SecurityConfigInfo securityConf;
/**
* public constructor
@@ -240,6 +252,17 @@
}
processors = processorList
.toArray(new ActionPipelineProcessor[processorList.size()]);
+
+ ConfigTree[] securityConfigs = config.getChildren( ListenerTagNames.SECURITY_TAG );
+ if (securityConfigs.length > 0)
+ {
+ securityConf = SecurityConfigUtil.createSecurityConfigInfo(securityConfigs[0]);
+ LOGGER.info(securityConf);
+ if ( securityConf != null )
+ {
+ SecurityServiceFactory.getSecurityService().configure();
+ }
+ }
}
/**
@@ -267,6 +290,7 @@
}
}
active.set(true);
+
}
/**
@@ -299,11 +323,73 @@
LOGGER.debug("pipeline process for message: "+message.getHeader());
}
+ SecurityContext securityContext = null;
+ if ( securityConf != null )
+ {
+ // if the gateway or another service passed a subject use that subject for authentication.
+ final Subject subject = (Subject) message.getAttachment().get( "Subject" );
+
+ // create a security context.
+ securityContext = new JaasSecurityContext(securityConf, subject);
+
+ // authenticate the subject
+ try
+ {
+ SecurityServiceFactory.getSecurityService().authenticate(securityContext);
+ }
+ catch (LoginException e)
+ {
+ LOGGER.error( "Loging exception : ", e);
+ faultTo(callDetails, Factory.createErrorMessage(Factory.UNEXPECTED_ERROR, message, e));
+ return false;
+ }
+
+ LOGGER.info("Subject after authentication" + securityContext.getSubject());
+
+ PrivilegedAction<Boolean> action = new PrivilegedAction<Boolean>()
+ {
+ public Boolean run()
+ {
+ return processPipeline(message);
+ }
+ };
+ Boolean processResult = (Boolean)Subject.doAsPrivileged(securityContext.getSubject(), action, null);
+ return processResult.booleanValue();
+ }
+ else
+ {
+ return processPipeline(message);
+ }
+ }
+ else
+ {
+ LOGGER.debug("pipeline process disabled for message: "+message.getHeader());
+
+ faultTo(callDetails, Factory.createErrorMessage(Factory.NOT_ENABLED, message, null));
+ long procTime = System.nanoTime() - start;
+ DeliveryObservableLogger.getInstance().logMessage(new MessageStatusBean(procTime, message,
+ MessageStatusBean.MESSAGE_FAILED));
+
+ return false;
+ }
+ }
+
+ private boolean processPipeline(final Message message)
+ {
+ long start = System.nanoTime();
+ final Call callDetails = new Call() ;
+ callDetails.copy(message.getHeader().getCall()) ;
+
+ if (LOGGER.isDebugEnabled())
+ {
+ LOGGER.debug("pipeline process for message: "+message.getHeader());
+ }
+
final int numProcessors = processors.length;
final Message[] messages = new Message[numProcessors];
Message currentMessage = message;
-
+
for (int count = 0; count < numProcessors; count++)
{
final ActionPipelineProcessor processor = processors[count];
@@ -386,18 +472,6 @@
DeliveryObservableLogger.getInstance().logMessage(new MessageStatusBean(procTime, message,
MessageStatusBean.MESSAGE_SENT));
return true;
- }
- else
- {
- LOGGER.debug("pipeline process disabled for message: "+message.getHeader());
-
- faultTo(callDetails, Factory.createErrorMessage(Factory.NOT_ENABLED, message, null));
- long procTime = System.nanoTime() - start;
- DeliveryObservableLogger.getInstance().logMessage(new MessageStatusBean(procTime, message,
- MessageStatusBean.MESSAGE_FAILED));
-
- return false;
- }
}
/**
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/MessageAwareListener.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/MessageAwareListener.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/MessageAwareListener.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -23,15 +23,10 @@
package org.jboss.soa.esb.listeners.message;
import java.lang.reflect.Method;
-import java.net.URL;
-import java.security.PrivilegedAction;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
-import javax.security.auth.Subject;
-import javax.security.auth.login.LoginException;
-
import org.apache.log4j.Logger;
import org.jboss.internal.soa.esb.couriers.PickUpOnlyCourier;
import org.jboss.soa.esb.ConfigurationException;
@@ -53,11 +48,6 @@
import org.jboss.soa.esb.listeners.lifecycle.ManagedLifecycleThreadState;
import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.services.registry.RegistryException;
-import org.jboss.soa.esb.services.security.JaasSecurityContext;
-import org.jboss.soa.esb.services.security.SecurityConfigInfo;
-import org.jboss.soa.esb.services.security.SecurityConfigUtil;
-import org.jboss.soa.esb.services.security.SecurityContext;
-import org.jboss.soa.esb.services.security.SecurityServiceFactory;
import org.jboss.soa.esb.util.Util;
/**
@@ -101,8 +91,6 @@
private boolean transactional = false;
private boolean rollbackOnPipelineFaults = true;
- private SecurityConfigInfo securityConf;
-
/**
* public constructor
*
@@ -158,12 +146,6 @@
throw new ConfigurationException(
"Missing or invalid " + ListenerTagNames.EPR_TAG + " element");
_epr = ListenerUtil.assembleEpr(eprElement);
- ConfigTree[] securityConfigs = _config.getChildren( ListenerTagNames.SECURITY_TAG );
- if (securityConfigs.length > 0)
- {
- securityConf = SecurityConfigUtil.createSecurityConfigInfo(securityConfigs[0]);
- _logger.info(securityConf);
- }
String latency = _config.getAttribute(ListenerTagNames.POLL_LATENCY_SECS_TAG);
long lSeconds = 10;
@@ -197,15 +179,6 @@
final ActionProcessingPipeline pipeline ;
try
{
- if ( securityConf != null )
- {
- SecurityServiceFactory.getJaasSecurityService().addLoginConfig(securityConf.getLoginConfig());
-
- for (URL policy : securityConf.getPolicyFiles())
- {
- SecurityServiceFactory.getJaasSecurityService().addPolicy(policy);
- }
- }
pipeline = new ActionProcessingPipeline(_config) ;
pipeline.setTransactional(transactional);
pipeline.initialise() ;
@@ -298,9 +271,6 @@
boolean problem = false;
PickUpOnlyCourier pickUpCourier = null ;
-
-
-
try
{
transactionStrategy.begin();
@@ -365,34 +335,11 @@
if (null != message)
{
- // check if this service has declared a security policy.
- JaasSecurityContext securityContext = null;
- if ( securityConf != null )
- {
- try
- {
- // if the gateway or another service passed a subject use that subject for authentication.
- final Subject subject = (Subject) message.getAttachment().get( "JaasSubject" );
-
- // create a security context.
- securityContext = new JaasSecurityContext(securityConf, subject);
-
- // authenticate the subject
- SecurityServiceFactory.getJaasSecurityService().authenticate(securityContext);
- _logger.info("After successful authentication Subject" + securityContext.getSubject());
- }
- catch (LoginException e)
- {
- _logger.error( "LoginException in service: " , e);
- problem=true;
- return;
- }
- }
try
{
final Message pipelineMessage = message ;
final Object txHandle = transactionStrategy.suspend();
- final TransactionalRunner txRunner = new TransactionalRunner(pickUpCourier, pipelineMessage, txHandle, securityContext);
+ final TransactionalRunner txRunner = new TransactionalRunner(pickUpCourier, pipelineMessage, txHandle);
updateThreadCount(+1);
_execService.execute(txRunner);
@@ -550,48 +497,18 @@
CourierUtil.cleanCourier(pickUpOnlyCourier) ;
}
}
-
+
class TransactionalRunner implements Runnable
{
- private SecurityContext securityContext;
-
- public TransactionalRunner (PickUpOnlyCourier courier, Message pipelineMessage, Object txHandle)
+ public TransactionalRunner (PickUpOnlyCourier courier, Message pipelineMessage, Object txHandle)
{
_courier = courier;
_pipelineMessage = pipelineMessage;
_txHandle = txHandle;
}
- public TransactionalRunner (PickUpOnlyCourier courier, Message pipelineMessage, Object txHandle, SecurityContext context)
- {
- this(courier, pipelineMessage, txHandle);
- this.securityContext = context;
- }
-
public void run()
{
- if ( securityContext == null )
- {
- processPipeline();
- }
- else
- {
- // create a priviledged action
- PrivilegedAction<Object> action = new PrivilegedAction<Object>()
- {
- public Object run()
- {
- processPipeline();
- return null;
- }
- };
- // run with a fresh AccessControll context (this is the last argument which is null.
- Subject.doAsPrivileged(securityContext.getSubject(), action, null);
- }
- }
-
- public void processPipeline()
- {
boolean problem = false;
try
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityService.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityService.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -22,10 +22,16 @@
import java.net.URL;
import java.security.Security;
+
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+
import org.apache.log4j.Logger;
import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.common.Configuration;
+import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.util.ClassUtil;
+
import com.sun.security.auth.login.ConfigFile;
/**
@@ -38,7 +44,6 @@
public class JaasSecurityService implements SecurityService
{
public static final String LOGIN_CONFIG_URL_PREFIX = "login.config.url.";
- public static final String POLICY_URL_PREFIX = "policy.url.";
private Logger log = Logger.getLogger(JaasSecurityService.class);
@@ -51,12 +56,35 @@
*/
public void authenticate( final SecurityContext context) throws LoginException
{
- log.info( context );
- System.setProperty("java.security.auth.login.config", context.getConfigInfo().getLoginConfig().toExternalForm() );
LoginContext loginContext = new LoginContext(context.getConfigInfo().getModuleName(), context.getSubject(), null, new ConfigFile());
loginContext.login();
}
+ public void configure() throws ConfigurationException
+ {
+ String loginConfigUrl = Configuration.getSecurityServiceConfigUrl();
+ if ( loginConfigUrl == null )
+ {
+ final String missingPropertyMsg =
+ "A config url was missing from the properties file. Please make sure" +
+ " that the configuration has a [" + Environment.SECURITY_SERVICE_CONFIG_URL +
+ "] property defined. This property should point to a file on the local file system or on the classpath.";
+ throw new ConfigurationException(missingPropertyMsg);
+ }
+
+ URL loginUrl = ClassUtil.getResource(loginConfigUrl, getClass());
+ log.info("LoginUrl : " + loginUrl);
+ if ( loginUrl == null )
+ {
+ final String invalidPropertyMsg =
+ "The value for property [" + Environment.SECURITY_SERVICE_CONFIG_URL +
+ "] must be a valid URL. This property should point to a file on the local file system or on the classpath.";
+ throw new ConfigurationException(invalidPropertyMsg);
+ }
+
+ addLoginConfig(loginUrl);
+ }
+
public void addLoginConfig(final URL loginConfigUrl) throws ConfigurationException
{
if (loginConfigUrl == null)
@@ -83,51 +111,13 @@
if (!loginUrlRegistered)
{
log.info("Adding file [ " + loginConfigUrl + "] as [" + LOGIN_CONFIG_URL_PREFIX + urlIndex + "]");
- System.setProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex, loginConfigUrl.toExternalForm());
+ Security.setProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex, loginConfigUrl.toExternalForm());
}
}
-
- public void addPolicy(final URL policyUrl) throws ConfigurationException
- {
- if (policyUrl == null)
- {
- throw new ConfigurationException("Could not locate the policy file at Url [" + policyUrl + "]");
- }
-
- int urlIndex = 1;
- boolean policyUrlRegistered = false;
- String registeredPolicyUrl;
- while ((registeredPolicyUrl = Security.getProperty(POLICY_URL_PREFIX + urlIndex)) != null)
- {
- policyUrlRegistered = registeredPolicyUrl.equals(policyUrl.toString());
- if (policyUrlRegistered)
- {
- break;
- }
- else
- {
- urlIndex++;
- }
- }
-
- if (!policyUrlRegistered)
- {
- log.info("Adding file [ " + policyUrl + "] as [" + POLICY_URL_PREFIX + urlIndex + "]");
- System.setProperty(POLICY_URL_PREFIX + urlIndex, policyUrl.toExternalForm());
- }
- }
- @SuppressWarnings("unused")
- private void dumpSetPolicyUrl()
+ public void logout(SecurityContext securityContext) throws LoginException
{
- int urlIndex = 1;
- String registeredPolicyUrl;
- log.info("Dump registeredPolicies:");
- while ((registeredPolicyUrl = Security.getProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex)) != null)
- {
- log.info(LOGIN_CONFIG_URL_PREFIX + urlIndex + "=" + registeredPolicyUrl);
- urlIndex++;
- }
+ throw new UnsupportedOperationException ("Not implemented yet!");
}
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -20,12 +20,7 @@
*/
package org.jboss.soa.esb.services.security;
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.List;
-import org.jboss.soa.esb.util.ClassUtil;
-
/**
*
* @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
@@ -36,45 +31,23 @@
private String runAs;
private String useCallerIdentity;
private String moduleName;
- private URL loginConfig;
- private List<URL> policyFiles;
private SecurityConfigInfo(
- final String loginConfig,
final String runAs,
final String useCallerIdentity,
- final String moduleName,
- final List<String> policyFiles)
+ final String moduleName)
{
this.runAs = runAs;
this.useCallerIdentity = useCallerIdentity;
this.moduleName = moduleName;
- if ( loginConfig != null )
- {
- this.loginConfig = ClassUtil.getResource(loginConfig, getClass());
- }
- if ( policyFiles != null )
- {
- this.policyFiles = new ArrayList<URL>();
- for (String policyFile : policyFiles)
- {
- URL url = ClassUtil.getResource(policyFile, getClass());
- if ( url == null )
- throw new IllegalArgumentException("Could not locate policy file [" + policyFile + "]");
-
- this.policyFiles.add(ClassUtil.getResource(policyFile, getClass()));
- }
- }
}
public static SecurityConfigInfo createSecurityInfo(
- final String loginConfig,
final String runAs,
final String useCallerIdentity,
- final String moduleName,
- final List<String> policyFiles)
+ final String moduleName)
{
- return new SecurityConfigInfo(loginConfig, runAs, useCallerIdentity, moduleName, policyFiles);
+ return new SecurityConfigInfo(runAs, useCallerIdentity, moduleName);
}
public String getRunAs()
@@ -85,27 +58,16 @@
{
return useCallerIdentity;
}
- public URL getLoginConfig()
- {
- return loginConfig;
- }
public String getModuleName()
{
return moduleName;
}
- public List<URL> getPolicyFiles()
- {
- return policyFiles;
- }
-
@Override
public String toString()
{
- return "[SecurityConfigInfo : runAs=" + runAs + ", useCallerIdentity=" + useCallerIdentity + ", moduleName=" + moduleName + ", loginConfig=" + loginConfig + ", configPolicies=" + policyFiles + "]";
+ return "[SecurityConfigInfo : runAs=" + runAs + ", useCallerIdentity=" + useCallerIdentity + ", moduleName=" + moduleName + "]";
}
- //TODO: add equals and hashcode methods
-
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -20,9 +20,6 @@
*/
package org.jboss.soa.esb.services.security;
-import java.util.ArrayList;
-import java.util.List;
-
import org.jboss.soa.esb.helpers.ConfigTree;
import org.jboss.soa.esb.listeners.ListenerTagNames;
@@ -40,27 +37,10 @@
public static SecurityConfigInfo createSecurityConfigInfo(final ConfigTree securityFragment)
{
- String moduleName = null;
- String policyFile = null;
final String runAs = securityFragment.getAttribute(ListenerTagNames.RUN_AS_TAG);
final String useCallersIdentity = securityFragment.getAttribute(ListenerTagNames.USE_CALLERS_IDENTIDY_TAG);
- final ConfigTree[] authElements = securityFragment.getChildren(ListenerTagNames.AUTHENTICATION_TAG);
- List<String> configPolicies = new ArrayList<String>();
- if (authElements.length > 0)
- {
- final ConfigTree authElement = authElements[0];
- final ConfigTree[] loginConfig = authElement.getChildren(ListenerTagNames.LOGIN_CONFIG_TAG);
- if (loginConfig.length > 0 )
- {
- policyFile = loginConfig[0].getAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG);
- moduleName = loginConfig[0].getAttribute(ListenerTagNames.MODULE_NAME_TAG);
- }
- final ConfigTree[] policyConfigs = authElement.getChildren(ListenerTagNames.CONFIG_POLICY_TAG);
- for (ConfigTree policyConfig : policyConfigs)
- {
- configPolicies.add(policyConfig.getAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG));
- }
- }
- return SecurityConfigInfo.createSecurityInfo(policyFile, runAs, useCallersIdentity, moduleName, configPolicies);
+ final String moduleName = securityFragment.getAttribute(ListenerTagNames.MODULE_NAME_TAG);
+
+ return SecurityConfigInfo.createSecurityInfo(runAs, useCallersIdentity, moduleName);
}
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -20,8 +20,6 @@
*/
package org.jboss.soa.esb.services.security;
-import java.net.URL;
-
import javax.security.auth.login.LoginException;
import org.jboss.soa.esb.ConfigurationException;
@@ -33,9 +31,9 @@
*/
public interface SecurityService
{
- void addLoginConfig(final URL loginConfigUrl) throws ConfigurationException;
+ void configure() throws ConfigurationException;
- void addPolicy(final URL policyUrl) throws ConfigurationException;
-
void authenticate(final SecurityContext securityContext) throws LoginException;
+
+ void logout(final SecurityContext securityContext) throws LoginException;
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -20,15 +20,48 @@
*/
package org.jboss.soa.esb.services.security;
-public class SecurityServiceFactory
+import org.apache.log4j.Logger;
+import org.jboss.soa.esb.common.Configuration;
+import org.jboss.soa.esb.util.ClassUtil;
+
+public class SecurityServiceFactory
{
- private static SecurityService jaasSecurityService = new JaasSecurityService();
+ private static Logger log = Logger.getLogger(SecurityServiceFactory.class);
- private SecurityServiceFactory() {}
-
- public static SecurityService getJaasSecurityService()
+ private static SecurityService instance;
+
+ private SecurityServiceFactory() { }
+
+ public static SecurityService getSecurityService()
{
- return jaasSecurityService;
+ if (instance != null)
+ {
+ return instance;
+ }
+
+ String className = Configuration.getSecurityServiceImplementationClass();
+ if ( className == null )
+ {
+ throw new SecurityException("No SecurityService implementation has been set. Please check the configuration");
+ }
+
+ SecurityService service = null;
+ try
+ {
+ log.info("Using [" + className + "] as the SecurityService implementation.");
+ Class<?> securityClass = ClassUtil.forName(className, SecurityService.class);
+ service = (SecurityService) securityClass.newInstance();
+ }
+ catch (ClassNotFoundException e)
+ {
+ throw new SecurityException("Registry Implementation=" + className + " not found", e);
+ }
+ catch (Exception e)
+ {
+ throw new SecurityException("Invocation exception. " + e.getLocalizedMessage(), e);
+ }
+ instance = service;
+ return service;
}
-
+
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -22,6 +22,7 @@
package org.jboss.soa.esb.listeners.config.mappers;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
import java.io.IOException;
import java.io.InputStream;
@@ -55,35 +56,33 @@
private XMLBeansModel model;
private Service service;
+
+ private Node securityNode;
@Test
- public void mapSecurityProperties() throws ConfigurationException
+ public void mapRunAs() throws ConfigurationException
{
- SecurityMapper.map( root, service );
-
- Node securityNode = root.getFirstChild();
- assertEquals( ListenerTagNames.SECURITY_TAG, securityNode.getNodeName() );
-
Node runAsNode = securityNode.getAttributes().getNamedItem( ListenerTagNames.RUN_AS_TAG );
- assertEquals( ListenerTagNames.RUN_AS_TAG, runAsNode.getNodeName() );
+ assertNotNull( runAsNode.getNodeName() );
assertEquals( "MrPoon", runAsNode.getNodeValue() );
-
- Node authNode = securityNode.getChildNodes().item( 1 );
- assertEquals( ListenerTagNames.AUTHENTICATION_TAG, authNode.getNodeName() );
- Node loginNode = authNode.getChildNodes().item( 1 );
- assertEquals( ListenerTagNames.LOGIN_CONFIG_TAG, loginNode.getNodeName() );
- Node fileNode = loginNode.getAttributes().getNamedItem( ListenerTagNames.CONFIG_POLICY_FILE_TAG );
- assertEquals( ListenerTagNames.CONFIG_POLICY_FILE_TAG, fileNode.getNodeName() );
- assertEquals( "/jaas.login", fileNode.getNodeValue() );
- assertEquals( "mod1", loginNode.getAttributes().getNamedItem(ListenerTagNames.MODULE_NAME_TAG).getNodeValue());
-
- Node policyNode = authNode.getChildNodes().item( 3 );
- fileNode = policyNode.getAttributes().getNamedItem( ListenerTagNames.CONFIG_POLICY_FILE_TAG );
- assertEquals( ListenerTagNames.CONFIG_POLICY_FILE_TAG, fileNode.getNodeName() );
- assertEquals( "/jaas.policy", fileNode.getNodeValue() );
-
}
+ @Test
+ public void mapModuleName() throws ConfigurationException
+ {
+ Node moduleNameNode = securityNode.getAttributes().getNamedItem( ListenerTagNames.MODULE_NAME_TAG );
+ assertNotNull( moduleNameNode.getNodeName() );
+ assertEquals( "mod1", moduleNameNode.getNodeValue());
+ }
+
+ @Test
+ public void mapUseCallersIdentity() throws ConfigurationException
+ {
+ Node userIdentityNode = securityNode.getAttributes().getNamedItem( ListenerTagNames.USE_CALLERS_IDENTIDY_TAG );
+ assertNotNull( userIdentityNode.getNodeName() );
+ assertEquals( "user1", userIdentityNode.getNodeValue());
+ }
+
// setup methods
@Before
@@ -92,6 +91,9 @@
root = createRootElement();
model = getXmlBeanModel( ESB_CONFIG );
service = model.getServices().get( 0 );
+
+ SecurityMapper.map( root, service );
+ securityNode = root.getFirstChild();
}
private XMLBeansModel getXmlBeanModel( String fileName ) throws ConfigurationException, IOException
@@ -110,7 +112,6 @@
return root;
}
-
/**
* Just here to get proved access to the XMLBeansModel
*
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml 2008-07-22 16:56:23 UTC (rev 21174)
@@ -21,16 +21,13 @@
</providers>
<services>
<service category="Test2" name="JMSJCATest" description="JMS JCA Test">
- <security runAs="MrPoon">
- <authentication>
- <login-config file="/jaas.login" moduleName="mod1"/>
- <policy-config file="/jaas.policy"/>
- </authentication>
- </security>
-
+ <security runAs="MrPoon" moduleName="mod1" useCallersIdentity="user1"/>
<listeners>
<jms-listener name="JMSListener" busidref="quickstartEsbChannel" maxThreads="1"/>
</listeners>
+ <actions>
+ <action name="TestDefaultRouteAction" class="org.jboss.soa.esb.actions.ContentBasedRouter"/>
+ </actions>
</service>
</services>
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/JaasSecurityServiceUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -22,8 +22,7 @@
import static org.junit.Assert.assertEquals;
-import java.util.ArrayList;
-import java.util.List;
+import java.net.URL;
import java.util.Set;
import javax.security.auth.Subject;
@@ -33,6 +32,9 @@
import junit.framework.JUnit4TestAdapter;
import org.jboss.soa.esb.ConfigurationException;
+import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.Before;
import org.junit.Test;
/**
@@ -47,14 +49,14 @@
private SecurityService service = new JaasSecurityService();
private Subject subject = new Subject();
- private static String loginConfigFileName = "jaas.login";
-
@Test
- public void loginSuccess() throws LoginException, ConfigurationException
+ public void configure() throws ConfigurationException, LoginException
{
- SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(loginConfigFileName, null, null, "SuccessfulLogin", null);
+ SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(null, null, "SuccessfulLogin");
JaasSecurityContext context = new JaasSecurityContext(configInfo, subject);
+
service.authenticate(context);
+
Set<TestPrincipal> principals = context.getSubject().getPrincipals( TestPrincipal.class );
assertEquals( 1, principals.size() );
assertEquals( "test", principals.iterator().next().getName() );
@@ -63,29 +65,19 @@
@Test ( expected = FailedLoginException.class )
public void loginFailure() throws LoginException, ConfigurationException
{
- SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(loginConfigFileName, null, null, "FailureLogin", null);
+ SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(null, null, "FailureLogin");
JaasSecurityContext context = new JaasSecurityContext(configInfo, subject);
service.authenticate( context );
}
- @Test
- public void addloginConfig() throws ConfigurationException
+ @Before
+ public void setup() throws ConfigurationException
{
- SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(loginConfigFileName, null, null, "FailureLogin", null);
- service.addLoginConfig(configInfo.getLoginConfig());
- assertEquals(configInfo.getLoginConfig().toString(), System.getProperty(JaasSecurityService.LOGIN_CONFIG_URL_PREFIX+1));
+ URL resource = ClassUtil.getResource("security-properties.xml", getClass());
+ System.setProperty(Environment.PROPERTIES_FILE, "abs://" + resource.getFile());
+ service.configure();
}
- @Test
- public void addPolicyConfig() throws ConfigurationException
- {
- List<String> policies = new ArrayList<String>();
- policies.add("jaas.policy");
- SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(loginConfigFileName, null, null, "FailureLogin", policies);
- service.addPolicy(configInfo.getPolicyFiles().get(0));
- assertEquals(configInfo.getLoginConfig().toString(), System.getProperty(JaasSecurityService.LOGIN_CONFIG_URL_PREFIX+1));
- }
-
public static junit.framework.Test suite()
{
return new JUnit4TestAdapter( JaasSecurityServiceUnitTest.class );
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -23,10 +23,7 @@
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
-import java.io.File;
import java.net.URL;
-import java.util.ArrayList;
-import java.util.List;
import junit.framework.JUnit4TestAdapter;
@@ -45,25 +42,21 @@
public class SecurityConfigUtilUnitTest
{
private String runAs = "kalle";
- private String loginConfigFile = "jaas.login";
- private URL policyUrl;
- private List<String> policyFiles = new ArrayList<String>();
@Test
public void createSecurityConfigInfoWithAuth()
{
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, loginConfigFile, null, policyFiles);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, null);
SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
assertEquals(runAs, securityInfo.getRunAs());
assertNull(securityInfo.getUseCallerIdentity());
- assertEquals(policyUrl, securityInfo.getLoginConfig());
}
@Test
public void createSecurityConfigInfoWithoutAuth()
{
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, null, null, policyFiles);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, null);
SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
assertEquals(runAs, securityInfo.getRunAs());
assertNull(securityInfo.getUseCallerIdentity());
@@ -73,7 +66,7 @@
public void createSecurityConfigInfoWithUseCallersIdentity()
{
final String callersIdentity = "DrCox";
- final ConfigTree securityFragment = createSecurityFragment(runAs, callersIdentity, null, null, policyFiles);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, callersIdentity, null);
SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
assertEquals(callersIdentity, securityInfo.getUseCallerIdentity());
}
@@ -82,30 +75,11 @@
public void createSecurityConfigInfoWithModuleName()
{
final String moduleName = "testModule";
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, loginConfigFile, moduleName, policyFiles);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, moduleName);
SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
assertEquals(moduleName, securityInfo.getModuleName());
}
- @Test
- public void createSecurityPolicyFiles()
- {
- final String policyFile = "jaas.policy";
- policyFiles.add(policyFile);
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, loginConfigFile, null, policyFiles);
- SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
- System.out.println(securityFragment);
- System.out.println(securityInfo);
- File file = new File(securityInfo.getPolicyFiles().get(0).getFile());
- assertEquals(policyFile, file.getName());
- }
-
- @Before
- public void setup()
- {
- policyUrl = ClassUtil.getResource(loginConfigFile, getClass());
- }
-
public static junit.framework.Test suite()
{
return new JUnit4TestAdapter(SecurityConfigUtilUnitTest.class);
@@ -114,26 +88,12 @@
private ConfigTree createSecurityFragment(
final String runAs,
final String callerIdentity,
- final String loginConfigFile,
- final String moduleName,
- final List<String> policyFiles)
+ final String moduleName)
{
final ConfigTree securityElement = new ConfigTree(ListenerTagNames.SECURITY_TAG);
securityElement.setAttribute(ListenerTagNames.RUN_AS_TAG, runAs);
securityElement.setAttribute(ListenerTagNames.USE_CALLERS_IDENTIDY_TAG, callerIdentity);
-
- final ConfigTree authElement = new ConfigTree(ListenerTagNames.AUTHENTICATION_TAG, securityElement);
- if (loginConfigFile != null )
- {
- final ConfigTree policyElement = new ConfigTree(ListenerTagNames.LOGIN_CONFIG_TAG, authElement);
- policyElement.setAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG, loginConfigFile);
- policyElement.setAttribute(ListenerTagNames.MODULE_NAME_TAG, moduleName);
- }
- for (String fileName : policyFiles)
- {
- final ConfigTree policyElement = new ConfigTree(ListenerTagNames.CONFIG_POLICY_TAG, authElement);
- policyElement.setAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG, fileName);
- }
+ securityElement.setAttribute(ListenerTagNames.MODULE_NAME_TAG, moduleName);
return securityElement;
}
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityServiceFactoryUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityServiceFactoryUnitTest.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityServiceFactoryUnitTest.java 2008-07-22 16:56:23 UTC (rev 21174)
@@ -0,0 +1,55 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security;
+
+import static org.junit.Assert.assertNotNull;
+
+import java.net.URL;
+
+import junit.framework.JUnit4TestAdapter;
+
+import org.jboss.soa.esb.common.Environment;
+import org.jboss.soa.esb.util.ClassUtil;
+import org.junit.Test;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class SecurityServiceFactoryUnitTest
+{
+ @Test
+ public void getSecurityService() throws Exception
+ {
+ URL resource = ClassUtil.getResource("security-properties.xml", getClass());
+ System.setProperty(Environment.PROPERTIES_FILE, "abs://" + resource.getFile());
+ //System.setProperty( "com.arjuna.common.util.propertyservice.verbosePropertyManager","ON");
+ SecurityService securityService = SecurityServiceFactory.getSecurityService();
+ assertNotNull( securityService );
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(SecurityServiceFactoryUnitTest.class);
+ }
+
+}
Deleted: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.policy
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.policy 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.policy 2008-07-22 16:56:23 UTC (rev 21174)
@@ -1,3 +0,0 @@
-grant {
- Principal org.jboss.soa.esb.services.security.TestPrincipal "test"
-};
\ No newline at end of file
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml 2008-07-22 16:56:23 UTC (rev 21174)
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ JBoss, Home of Professional Open Source
+ Copyright 2006, JBoss Inc., and others contributors as indicated
+ by the @authors tag. All rights reserved.
+ See the copyright.txt in the distribution for a
+ full listing of individual contributors.
+ This copyrighted material is made available to anyone wishing to use,
+ modify, copy, or redistribute it subject to the terms and conditions
+ of the GNU Lesser General Public License, v. 2.1.
+ This program is distributed in the hope that it will be useful, but WITHOUT A
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+ You should have received a copy of the GNU Lesser General Public License,
+ v.2.1 along with this distribution; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ MA 02110-1301, USA.
+
+ (C) 2005-2006,
+ @author JBoss Inc.
+-->
+<!-- $Id: jbossesb-unittest-properties.xml $ -->
+<!--
+ These options are described in the JBossESB manual.
+ Defaults are provided here for convenience only.
+
+ Please read through this file prior to using the system, and consider
+ updating the specified entries.
+-->
+<esb
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="jbossesb-1_0.xsd">
+ <properties name="core">
+ <property name="org.jboss.soa.esb.jndi.server.type" value="jboss"/>
+ <property name="org.jboss.soa.esb.jndi.server.url" value="localhost"/>
+ <property name="org.jboss.soa.esb.persistence.connection.factory" value="org.jboss.internal.soa.esb.persistence.format.MessageStoreFactoryImpl"/>
+ <property name="jboss.esb.invm.scope.default" value="NONE"/>
+ </properties>
+ <properties name="security">
+ <property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.soa.esb.services.security.JaasSecurityService"/>
+ <property name="org.jboss.soa.esb.services.security.configUrl" value="jaas.login"/>
+ </properties>
+ <properties name="registry">
+ <property name="org.jboss.soa.esb.registry.queryManagerURI"
+ value="jnp://localhost:1099/InquiryService?org.apache.juddi.registry.rmi.Inquiry#inquire"/>
+ <property name="org.jboss.soa.esb.registry.lifeCycleManagerURI"
+ value="jnp://localhost:1099/PublishService?org.apache.juddi.registry.rmi.Publish#publish" />
+ <property name="org.jboss.soa.esb.registry.implementationClass"
+ value="org.jboss.internal.soa.esb.services.registry.JAXRRegistryImpl"/>
+ <property name="org.jboss.soa.esb.registry.factoryClass"
+ value="org.apache.ws.scout.registry.ConnectionFactoryImpl"/>
+ <property name="org.jboss.soa.esb.registry.user"
+ value="jbossesb"/>
+ <property name="org.jboss.soa.esb.registry.password"
+ value="password"/>
+ <!-- the following parameter is scout specific to set the type of communication between scout and the UDDI (embedded, rmi, soap) -->
+ <property name="org.jboss.soa.esb.scout.proxy.transportClass"
+ value="org.apache.ws.scout.transport.RMITransport"/>
+ </properties>
+ <properties name="transports" depends="core">
+ <property name="org.jboss.soa.esb.mail.smtp.host" value="localhost"/>
+ <property name="org.jboss.soa.esb.mail.smtp.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.mail.smtp.password" value=""/>
+ <property name="org.jboss.soa.esb.mail.smtp.port" value="25"/>
+ </properties>
+ <properties name="connection">
+ <property name="min-pool-size" value="5"/>
+ <property name="max-pool=size" value="10"/>
+ <property name="blocking-timeout-millis" value="5000"/>
+ <property name="abandoned-connection-timeout" value="10000"/>
+ <property name="abandoned-connection-time-interval" value="30000"/>
+ </properties>
+ <properties name="dbstore">
+ <property name="org.jboss.soa.esb.persistence.db.connection.url" value="jdbc:hsqldb:hsql://localhost:9001/"/>
+ <property name="org.jboss.soa.esb.persistence.db.jdbc.driver" value="org.hsqldb.jdbcDriver"/>
+ <property name="org.jboss.soa.esb.persistence.db.user" value="sa"/>
+ <property name="org.jboss.soa.esb.persistence.db.pwd" value=""/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.initial.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.min.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.max.size" value="5"/>
+ <!--table managed by pool to test for valid connections - created by pool automatically -->
+ <property name="org.jboss.soa.esb.persistence.db.pool.test.table" value="pooltest"/>
+ <!-- # of milliseconds to timeout waiting for a connection from pool -->
+ <property name="org.jboss.soa.esb.persistence.db.pool.timeout.millis" value="5000"/>
+ <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.StandaloneConnectionManager"/>
+ </properties>
+ <properties name="messagerouting">
+ <property name="org.jboss.soa.esb.routing.cbrClass" value="org.jboss.internal.soa.esb.services.routing.cbr.JBossRulesRouter"/>
+ </properties>
+</esb>
Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/build.xml 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/build.xml 2008-07-22 16:56:23 UTC (rev 21174)
@@ -5,7 +5,6 @@
${line.separator}
</description>
- <property name="additional.deploys" value="jaas.login" />
<!--property name="deploy.exploded.requested" value="true" /-->
<!-- Import the base Ant build script... -->
@@ -30,5 +29,17 @@
<classpath refid="exec-classpath"/>
</java>
</target>
+
+ <target name="quickstart-specific-deploys">
+ <echo message="Copy jbossesb-properties.xml and jaas.login to jbossesb.sar" />
+ <copy todir="${quickstart.org.jboss.esb.server.home}/server/${quickstart.org.jboss.esb.server.config}/deploy/jbossesb.sar" overwrite="true">
+ <fileset dir="${basedir}">
+ <include name="jbossesb-properties.xml"/>
+ <include name="jaas.login"/>
+ </fileset>
+ </copy>
+ </target>
+
+
</project>
Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.login
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.login 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.login 2008-07-22 16:56:23 UTC (rev 21174)
@@ -3,4 +3,4 @@
};
FailureLogin {
org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
-};
+};
\ No newline at end of file
Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jboss-esb.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jboss-esb.xml 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jboss-esb.xml 2008-07-22 16:56:23 UTC (rev 21174)
@@ -24,11 +24,12 @@
category="FirstServiceESB"
name="SimpleListenerSecured"
description="Hello World">
- <security>
- <authentication>
- <login-config file="/jaas.login" moduleName="SuccessfulLogin"/>
- </authentication>
- </security>
+ <security moduleName="SuccessfulLogin" runAs="kalle"/>
+
+ <!-- uncomment to force an login exception
+ <security moduleName="FailureLogin" runAs="kalle"/>
+ -->
+
<listeners>
<jms-listener name="JMS-Gateway"
busidref="quickstartGwChannel"
Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jbossesb-properties.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jbossesb-properties.xml 2008-07-22 15:32:01 UTC (rev 21173)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jbossesb-properties.xml 2008-07-22 16:56:23 UTC (rev 21174)
@@ -31,33 +31,36 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="jbossesb-1_0.xsd">
<properties name="core">
- <property name="org.jboss.soa.esb.jndi.server.type" value="jboss"/>
- <property name="org.jboss.soa.esb.jndi.server.url" value="localhost"/>
+ <property name="org.jboss.soa.esb.jndi.server.context.factory" value="org.jnp.interfaces.NamingContextFactory"/>
+ <property name="org.jboss.soa.esb.jndi.server.url" value="${jboss.esb.bind.address}:1099"/>
<property name="org.jboss.soa.esb.persistence.connection.factory" value="org.jboss.internal.soa.esb.persistence.format.MessageStoreFactoryImpl"/>
+ <property name="org.jboss.soa.esb.loadbalancer.policy" value="org.jboss.soa.esb.listeners.ha.RoundRobin"/>
<property name="jboss.esb.invm.scope.default" value="NONE"/>
</properties>
- <properties name="registry">
- <property name="org.jboss.soa.esb.registry.queryManagerURI"
- value="jnp://localhost:1099/InquiryService?org.apache.juddi.registry.rmi.Inquiry#inquire"/>
- <property name="org.jboss.soa.esb.registry.lifeCycleManagerURI"
- value="jnp://localhost:1099/PublishService?org.apache.juddi.registry.rmi.Publish#publish" />
- <property name="org.jboss.soa.esb.registry.implementationClass"
- value="org.jboss.internal.soa.esb.services.registry.JAXRRegistryImpl"/>
- <property name="org.jboss.soa.esb.registry.factoryClass"
- value="org.apache.ws.scout.registry.ConnectionFactoryImpl"/>
- <property name="org.jboss.soa.esb.registry.user"
- value="jbossesb"/>
- <property name="org.jboss.soa.esb.registry.password"
- value="password"/>
+ <properties name="security">
+ <property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.soa.esb.services.security.JaasSecurityService"/>
+ <property name="org.jboss.soa.esb.services.security.configUrl" value="/jaas.login"/>
+ </properties>
+ <properties name="registry">
+ <property name="org.jboss.soa.esb.registry.queryManagerURI" value="org.apache.juddi.registry.local.InquiryService#inquire"/>
+ <property name="org.jboss.soa.esb.registry.lifeCycleManagerURI" value="org.apache.juddi.registry.local.PublishService#publish"/>
+ <property name="org.jboss.soa.esb.registry.implementationClass" value="org.jboss.internal.soa.esb.services.registry.JAXRRegistryImpl"/>
+ <property name="org.jboss.soa.esb.registry.factoryClass" value="org.apache.ws.scout.registry.ConnectionFactoryImpl"/>
+ <property name="org.jboss.soa.esb.registry.user" value="jbossesb"/>
+ <property name="org.jboss.soa.esb.registry.password" value="password"/>
<!-- the following parameter is scout specific to set the type of communication between scout and the UDDI (embedded, rmi, soap) -->
- <property name="org.jboss.soa.esb.scout.proxy.transportClass"
- value="org.apache.ws.scout.transport.RMITransport"/>
+ <property name="org.jboss.soa.esb.scout.proxy.transportClass" value="org.apache.ws.scout.transport.LocalTransport"/>
</properties>
<properties name="transports" depends="core">
<property name="org.jboss.soa.esb.mail.smtp.host" value="localhost"/>
<property name="org.jboss.soa.esb.mail.smtp.user" value="jbossesb"/>
<property name="org.jboss.soa.esb.mail.smtp.password" value=""/>
<property name="org.jboss.soa.esb.mail.smtp.port" value="25"/>
+ <property name="org.jboss.soa.esb.mail.smtp.auth" value="true"/>
+ <property name="org.jboss.soa.esb.ftp.localdir" value="/tmp"/>
+ <property name="org.jboss.soa.esb.ftp.remotedir" value="/tmp"/>
+ <property name="org.jboss.soa.esb.jms.connectionPool" value="20"/>
+ <property name="org.jboss.soa.esb.jms.sessionSleep" value="30"/>
</properties>
<properties name="connection">
<property name="min-pool-size" value="5"/>
@@ -67,20 +70,29 @@
<property name="abandoned-connection-time-interval" value="30000"/>
</properties>
<properties name="dbstore">
+
+ <!-- connection manager type -->
+ <!-- <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.StandaloneConnectionManager"/> -->
+ <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.J2eeConnectionManager"/>
+
+ <!-- this property is only used if using the j2ee connection manager -->
+ <property name="org.jboss.soa.esb.persistence.db.datasource.name" value="java:/JBossESBDS"/>
+
+ <!-- standalone connection pooling settings -->
<property name="org.jboss.soa.esb.persistence.db.connection.url" value="jdbc:hsqldb:hsql://localhost:9001/"/>
<property name="org.jboss.soa.esb.persistence.db.jdbc.driver" value="org.hsqldb.jdbcDriver"/>
- <property name="org.jboss.soa.esb.persistence.db.user" value="sa"/>
- <property name="org.jboss.soa.esb.persistence.db.pwd" value=""/>
+ <property name="org.jboss.soa.esb.persistence.db.user" value="sa"/>
+ <property name="org.jboss.soa.esb.persistence.db.pwd" value=""/>
<property name="org.jboss.soa.esb.persistence.db.pool.initial.size" value="2"/>
- <property name="org.jboss.soa.esb.persistence.db.pool.min.size" value="2"/>
- <property name="org.jboss.soa.esb.persistence.db.pool.max.size" value="5"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.min.size" value="2"/>
+ <property name="org.jboss.soa.esb.persistence.db.pool.max.size" value="5"/>
<!--table managed by pool to test for valid connections - created by pool automatically -->
- <property name="org.jboss.soa.esb.persistence.db.pool.test.table" value="pooltest"/>
- <!-- # of milliseconds to timeout waiting for a connection from pool -->
+ <property name="org.jboss.soa.esb.persistence.db.pool.test.table" value="pooltest"/>
<property name="org.jboss.soa.esb.persistence.db.pool.timeout.millis" value="5000"/>
- <property name="org.jboss.soa.esb.persistence.db.conn.manager" value="org.jboss.internal.soa.esb.persistence.manager.StandaloneConnectionManager"/>
+
+ </properties>
+ <properties name="filters">
+ <property name="org.jboss.soa.esb.filter.1" value="org.jboss.internal.soa.esb.message.filter.MetaDataFilter"/>
+ <property name="org.jboss.soa.esb.filter.2" value="org.jboss.internal.soa.esb.message.filter.GatewayFilter"/>
</properties>
- <properties name="messagerouting">
- <property name="org.jboss.soa.esb.routing.cbrClass" value="org.jboss.internal.soa.esb.services.routing.cbr.JBossRulesRouter"/>
- </properties>
</esb>
More information about the jboss-svn-commits
mailing list