[jboss-svn-commits] JBL Code SVN: r21206 - in labs/jbossesb/workspace/dbevenius/security/product/rosetta: src/org/jboss/soa/esb/services/security and 1 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Thu Jul 24 02:56:12 EDT 2008
Author: beve
Date: 2008-07-24 02:56:12 -0400 (Thu, 24 Jul 2008)
New Revision: 21206
Modified:
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityContext.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
Log:
Added docs and clean up of api.
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-07-24 06:16:37 UTC (rev 21205)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-07-24 06:56:12 UTC (rev 21206)
@@ -21,6 +21,7 @@
package org.jboss.internal.soa.esb.services.security;
import java.net.URL;
+import java.security.Principal;
import java.security.Security;
import javax.security.auth.Subject;
@@ -55,7 +56,8 @@
/**
* Authenticates a Subject using the information contained in the passed in
- * Security context
+ * Security context, and adds any role specified in {@link SecurityContext#getConfigInfo()}
+ * runAs member.
*
* @param context the security context to be used.
* @throws LoginException if the authentication fails
@@ -65,23 +67,18 @@
LoginContext loginContext = new LoginContext(context.getConfigInfo().getModuleName(), context.getSubject(), null, configuration);
loginContext.login();
- addRunAs( context );
+ addRunAs(context);
}
- public void addRunAs( final SecurityContext context )
+ /**
+ * Determines if the passed in Subjects has the role specified in the context.
+ * @return true - if the callers has the role
+ */
+ public boolean isCallerInRole( final Subject subject, final Principal role)
{
- final String runAs = context.getConfigInfo().getRunAs();
- if ( runAs != null )
- {
- context.getSubject().getPrincipals().add(new Role(runAs));
- }
+ return subject.getPrincipals().contains(role);
}
- public boolean isCallerInRole( final Subject subject, final SecurityContext context)
- {
- return subject.getPrincipals().contains(new Role(context.getConfigInfo().getRunAs()));
- }
-
public void configure() throws ConfigurationException
{
String loginConfigUrl = Configuration.getSecurityServiceConfigUrl();
@@ -131,10 +128,18 @@
}
}
- public void logout(SecurityContext context) throws LoginException
+ public void logout(SecurityContext context)
{
- LoginContext loginContext = new LoginContext(context.getConfigInfo().getModuleName(), context.getSubject(), null, configuration);
- loginContext.logout();
+ throw new UnsupportedOperationException("Logout is not implemented for " + getClass().getName());
}
+ private void addRunAs( final SecurityContext context )
+ {
+ final String runAs = context.getConfigInfo().getRunAs();
+ if ( runAs != null )
+ {
+ context.getSubject().getPrincipals().add(new Role(runAs));
+ }
+ }
+
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityContext.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityContext.java 2008-07-24 06:16:37 UTC (rev 21205)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityContext.java 2008-07-24 06:56:12 UTC (rev 21206)
@@ -25,35 +25,31 @@
import javax.security.auth.Subject;
/**
- * JAAS Security context implementation
+ * JAAS Security context implementation.
* <p/>
+ *
* @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
- *
+ * @since 4.4
*/
public class JaasSecurityContext implements SecurityContext, Serializable
{
private static final long serialVersionUID = 1L;
-
private Subject subject;
private SecurityConfigInfo configInfo;
- public JaasSecurityContext(final Subject subject)
+ /**
+ * Constructs a JassSecurityContext with the passed in paramters.
+ *
+ * @param configInfo - {@link SecurityConfigInfo} instance
+ * @param subject - Subject for this context. If null, a new Subject will be created.
+ */
+ public JaasSecurityContext(final SecurityConfigInfo configInfo, final Subject subject)
{
this.subject = subject == null ? this.subject = new Subject():subject;
- }
-
- public JaasSecurityContext( final SecurityConfigInfo configInfo )
- {
this.configInfo = configInfo;
}
- public JaasSecurityContext(final SecurityConfigInfo configInfo, final Subject subject)
- {
- this(subject);
- this.configInfo = configInfo;
- }
-
- /* (non-Javadoc)
+ /**
* @see org.jboss.soa.esb.services.security.SecurityContext2#getConfigInfo()
*/
public SecurityConfigInfo getConfigInfo()
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java 2008-07-24 06:16:37 UTC (rev 21205)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java 2008-07-24 06:56:12 UTC (rev 21206)
@@ -22,9 +22,10 @@
/**
+ * This class is indended to security related configuration properties.
*
* @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
- *
+ * @since 4.4
*/
public class SecurityConfigInfo
{
@@ -32,7 +33,6 @@
private String useCallerIdentity;
private String moduleName;
-
private SecurityConfigInfo(
final String runAs,
final String useCallerIdentity,
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-07-24 06:16:37 UTC (rev 21205)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-07-24 06:56:12 UTC (rev 21206)
@@ -20,25 +20,54 @@
*/
package org.jboss.soa.esb.services.security;
+import java.security.Principal;
+
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.jboss.soa.esb.ConfigurationException;
/**
+ * This interface represents a Security service.
+ * <p/>
*
* @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ * @since 4.4
*
*/
public interface SecurityService
{
+ /**
+ * Configure the security serivce for usage. This should take care of
+ * reading any needed configurations required by the security system.
+ *
+ * @throws ConfigurationException
+ */
void configure() throws ConfigurationException;
+ /**
+ * Authenticates a subject.
+ *
+ * @param securityContext - the security context to authenticate
+ * @throws LoginException - if the authentication was not sucessful
+ */
void authenticate(final SecurityContext securityContext) throws LoginException;
- void addRunAs(final SecurityContext securityContext);
+ /**
+ * Determines if the subject contains the passed in role in it's
+ * set of Principals.
+ *
+ * @param subject - the Subject instance belonging to the caller.
+ * @param context - the principal instance representing the role to check for.
+ * @return true - if the caller has the role of
+ */
+ boolean isCallerInRole(final Subject subject, final Principal role);
- boolean isCallerInRole(final Subject subject, final SecurityContext context);
-
- void logout(final SecurityContext securityContext) throws LoginException;
+ /**
+ * Logout and clean up of any security state.
+ *
+ * @param securityContext
+ * @throws LoginException
+ */
+ void logout(final SecurityContext securityContext);
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-07-24 06:16:37 UTC (rev 21205)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-07-24 06:56:12 UTC (rev 21206)
@@ -84,12 +84,13 @@
@Test
public void isCallerInRole() throws LoginException
{
- SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo("adminRole", null, "SuccessfulLogin");
+ final String roleName = "adminRole";
+ SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(roleName, null, "SuccessfulLogin");
JaasSecurityContext context = new JaasSecurityContext(configInfo, subject);
service.authenticate(context);
Subject subject = new Subject();
- subject.getPrincipals().add(new Role("adminRole"));
- assertTrue( service.isCallerInRole(subject, context));
+ subject.getPrincipals().add(new Role(roleName));
+ assertTrue( service.isCallerInRole(subject, new Role(roleName)));
}
@Test ( expected = FailedLoginException.class )
More information about the jboss-svn-commits
mailing list