[jboss-svn-commits] JBL Code SVN: r21254 - in labs/jbossesb/workspace/dbevenius/security/product/rosetta: src/org/jboss/soa/esb/common and 7 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Mon Jul 28 06:00:02 EDT 2008
Author: beve
Date: 2008-07-28 06:00:01 -0400 (Mon, 28 Jul 2008)
New Revision: 21254
Added:
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequest.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestBuilder.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestImpl.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/HttpAuthRequestBuilder.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/DummyCallbackHandler.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/http/
Modified:
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/OpenSSOSecuritySerivce.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Environment.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/sso-security-properties.xml
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
Log:
Minor refactoring and sample code for the extraction of security information(AuthenticationRequst)
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -23,8 +23,10 @@
import java.net.URL;
import java.security.Principal;
import java.security.Security;
+import java.util.Properties;
import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
@@ -32,9 +34,9 @@
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.common.Configuration;
import org.jboss.soa.esb.common.Environment;
-import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.services.security.SecurityContext;
import org.jboss.soa.esb.services.security.SecurityService;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
import org.jboss.soa.esb.services.security.principals.Role;
import org.jboss.soa.esb.util.ClassUtil;
@@ -54,7 +56,8 @@
private Logger log = Logger.getLogger(JaasSecurityService.class);
private javax.security.auth.login.Configuration configuration;
-
+ private CallbackHandler callbackHandler;
+
/**
* Authenticates a Subject using the information contained in the passed in
* Security context, and adds any role specified in {@link SecurityContext#getConfigInfo()}
@@ -63,12 +66,12 @@
* @param context the security context to be used.
* @throws LoginException if the authentication fails
*/
- public void authenticate( final SecurityContext context, final Message message) throws SecurityException
+ public void authenticate( final SecurityContext context, final AuthenticationRequest authRequest) throws SecurityException
{
LoginContext loginContext;
try
{
- loginContext = new LoginContext(context.getConfigInfo().getModuleName(), context.getSubject(), null, configuration);
+ loginContext = new LoginContext(context.getConfigInfo().getModuleName(), context.getSubject(), callbackHandler, configuration);
loginContext.login();
addRunAs(context);
}
@@ -89,7 +92,8 @@
public void configure() throws ConfigurationException
{
- String loginConfigUrl = Configuration.getSecurityServiceConfigUrl();
+ final Properties securityProperties = Configuration.getSecurityServiceProperies();
+ String loginConfigUrl = securityProperties.getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
if ( loginConfigUrl != null )
{
URL loginUrl = ClassUtil.getResource(loginConfigUrl, getClass());
@@ -103,6 +107,13 @@
addLoginConfig(loginUrl);
}
+ // get a javax.security.auth.callback.CallbackHandler if one is configured
+ String callbackHandlerClassName = securityProperties.getProperty(Environment.SECURITY_SERVICE_CALLBACK_HANLDER_CLASS);
+ if ( callbackHandlerClassName != null )
+ {
+ callbackHandler = getInstance(callbackHandlerClassName);
+ }
+
}
public void addLoginConfig(final URL loginConfigUrl) throws ConfigurationException
@@ -150,4 +161,25 @@
}
}
+ private <T> T getInstance( final String className ) throws ConfigurationException
+ {
+ try
+ {
+ Class<T> forName = ClassUtil.forName(className, getClass());
+ return forName.newInstance();
+ }
+ catch (final ClassNotFoundException e)
+ {
+ throw new ConfigurationException(e.getMessage(), e);
+ }
+ catch (final InstantiationException e)
+ {
+ throw new ConfigurationException(e.getMessage(), e);
+ }
+ catch (final IllegalAccessException e)
+ {
+ throw new ConfigurationException(e.getMessage(), e);
+ }
+ }
+
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/OpenSSOSecuritySerivce.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/OpenSSOSecuritySerivce.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/internal/soa/esb/services/security/OpenSSOSecuritySerivce.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -31,10 +31,10 @@
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.common.Configuration;
import org.jboss.soa.esb.common.Environment;
-import org.jboss.soa.esb.message.Message;
import org.jboss.soa.esb.services.security.SecurityContext;
import org.jboss.soa.esb.services.security.SecurityService;
import org.jboss.soa.esb.services.security.SecurityServiceException;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
import org.jboss.soa.esb.services.security.principals.Role;
import org.jboss.soa.esb.services.security.principals.SSOPrincipal;
import org.jboss.soa.esb.util.ClassUtil;
@@ -65,46 +65,42 @@
* @param context the security context to be used.
* @throws LoginException if the subject has not been authenticated by OpenSSO
*/
- public void authenticate(final SecurityContext securityContext, final Message message) throws SecurityServiceException
+ public void authenticate(final SecurityContext securityContext, final AuthenticationRequest authRequest) throws SecurityServiceException
{
final Subject subject = securityContext.getSubject();
log.info("Subject [" + subject + "]");
Set<SSOPrincipal> principals = subject.getPrincipals(SSOPrincipal.class);
- checkTokens(principals);
-
- SSOPrincipal ssoPrincipal = principals.iterator().next();
- try
- {
- log.info(ssoPrincipal);
- SSOTokenManager tokenMgr = SSOTokenManager.getInstance();
- SSOToken ssoToken = tokenMgr.createSSOToken(ssoPrincipal.getToken());
- tokenMgr.refreshSession(ssoToken);
- if (!tokenMgr.isValidToken(ssoToken))
- {
- throw new SecurityServiceException("Subject does not have a valid session in OpenSSO. Subject was : " + subject);
- }
- log.info("OpenSSO successful authorization");
- addRunAs(securityContext);
- }
- catch (SSOException e)
- {
- throw new SecurityServiceException("The principal identified by the tokenId does not have an existing SSO Session.", e);
- }
- }
-
- /*
- * check that the number on ssotokens is one and only one.
- */
- private void checkTokens(final Set<SSOPrincipal> principals) throws SecurityServiceException
- {
if (principals.isEmpty())
{
+ // not authenticated. Try to authenticate user information in message
throw new SecurityServiceException("No principals was found on subject. Excpected a SSOPrincipal");
}
else if (principals.size() > 1 )
{
throw new SecurityServiceException("Only one SSOPrincipal is expected to be found on the subject");
}
+ else
+ {
+
+ SSOPrincipal ssoPrincipal = principals.iterator().next();
+ try
+ {
+ log.info(ssoPrincipal);
+ SSOTokenManager tokenMgr = SSOTokenManager.getInstance();
+ SSOToken ssoToken = tokenMgr.createSSOToken(ssoPrincipal.getToken());
+ tokenMgr.refreshSession(ssoToken);
+ if (!tokenMgr.isValidToken(ssoToken))
+ {
+ throw new SecurityServiceException("Subject does not have a valid session in OpenSSO. Subject was : " + subject);
+ }
+ log.info("OpenSSO successful authorization");
+ addRunAs(securityContext);
+ }
+ catch (SSOException e)
+ {
+ throw new SecurityServiceException("The principal identified by the tokenId does not have an existing SSO Session.", e);
+ }
+ }
}
/**
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -432,4 +432,14 @@
{
return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
}
+
+ public static String getSecurityServiceCallbackHandlerImplClass()
+ {
+ return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_CALLBACK_HANLDER_CLASS);
+ }
+
+ public static Properties getSecurityServiceProperies()
+ {
+ return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperties();
+ }
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Environment.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Environment.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/common/Environment.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -208,8 +208,10 @@
/**
* The SecurityService Implementation class
*/
- public static final String SECURITY_SERVICE_IMPEMENTATION_CLASS = "org.jboss.soa.esb.services.security.implementationClass";
- public static final String SECURITY_SERVICE_CONFIG_URL = "org.jboss.soa.esb.services.security.configUrl";
+ public static final String SECURITY_SERVICE_IMPEMENTATION_CLASS = "org.jboss.soa.esb.services.security.implementationClass";
+ public static final String SECURITY_SERVICE_CALLBACK_HANLDER_CLASS = "org.jboss.soa.esb.services.security.callbackHandler";
+ public static final String SECURITY_SERVICE_CALLBACK = "org.jboss.soa.esb.services.security.callback_";
+ public static final String SECURITY_SERVICE_CONFIG_URL = "org.jboss.soa.esb.services.security.configUrl";
// Configuration options for the Naming Context pooling.
/**
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -60,6 +60,8 @@
import org.jboss.soa.esb.services.security.SecurityService;
import org.jboss.soa.esb.services.security.SecurityServiceException;
import org.jboss.soa.esb.services.security.SecurityServiceFactory;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequestImpl;
import org.jboss.soa.esb.util.ClassUtil;
/**
@@ -260,10 +262,7 @@
{
securityConf = SecurityConfigUtil.createSecurityConfigInfo(securityConfigs[0]);
LOGGER.info(securityConf);
- if (securityConf != null && securityConf.needsAuthentiation())
- {
- SecurityServiceFactory.getSecurityService().configure();
- }
+ SecurityServiceFactory.getSecurityService().configure();
}
}
@@ -323,7 +322,7 @@
LOGGER.debug("pipeline process for message: "+message.getHeader());
}
- if ( securityConf != null )
+ if (securityConf != null)
{
return processPipelineSecured(message);
}
@@ -352,14 +351,14 @@
final Call callDetails = new Call() ;
callDetails.copy(message.getHeader().getCall()) ;
- // if the gateway or another service passed a subject use that subject for authentication.
+ // if the gateway or another service passed a subject, use that subject for authentication.
Subject subject = (Subject) message.getProperties().getProperty( SecurityService.SUBJECT );
SecurityContext securityContext = new JaasSecurityContext(securityConf, subject);
try
{
- SecurityServiceFactory.getSecurityService().authenticate(securityContext, message);
+ SecurityServiceFactory.getSecurityService().authenticate(securityContext, null);
message.getProperties().setProperty( SecurityService.SUBJECT, securityContext.getSubject());
LOGGER.debug("Subject after authentication" + securityContext.getSubject());
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -78,11 +78,6 @@
return "[SecurityConfigInfo : runAs=" + runAs + ", useCallerIdentity=" + useCallerIdentity + ", moduleName=" + moduleName + "]";
}
- public boolean needsAuthentiation()
- {
- return moduleName != null;
- }
-
public boolean hasRunAs()
{
return runAs != null;
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -26,7 +26,7 @@
import javax.security.auth.login.LoginException;
import org.jboss.soa.esb.ConfigurationException;
-import org.jboss.soa.esb.message.Message;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
/**
* This interface represents a Security service.
@@ -57,7 +57,7 @@
* @param securityContext - the security context to authenticate
* @throws LoginException - if the authentication was not sucessful
*/
- void authenticate(final SecurityContext securityContext, final Message message) throws SecurityServiceException;
+ void authenticate(final SecurityContext securityContext, final AuthenticationRequest authRequest) throws SecurityServiceException;
/**
* Determines if the subject contains the passed in role in it's
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequest.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequest.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -0,0 +1,16 @@
+package org.jboss.soa.esb.services.security.auth;
+
+import java.security.Principal;
+import java.util.Map;
+import java.util.Set;
+
+public interface AuthenticationRequest
+{
+
+ public abstract Set<?> getCredentials();
+
+ public abstract Map<String, ?> getProperties();
+
+ public abstract Principal getPrincipal();
+
+}
\ No newline at end of file
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestBuilder.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestBuilder.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestBuilder.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -0,0 +1,16 @@
+package org.jboss.soa.esb.services.security.auth;
+
+
+public interface AuthenticationRequestBuilder
+{
+ /**
+ * Create a instance of {@link AuthenticationRequestImpl}, populated
+ * with security information contained in the message parameter.
+ *
+ * @param message - The ESB Message object instance from which security properties should
+ * be extracted
+ * @return AuthenticationRequest
+ */
+ AuthenticationRequest buildRequest(final Object request);
+
+}
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestImpl.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestImpl.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestImpl.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -0,0 +1,100 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth;
+
+import java.io.Serializable;
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class AuthenticationRequestImpl implements Serializable, AuthenticationRequest
+{
+ private static final long serialVersionUID = 1L;
+
+ private Principal principal;
+ private Set<?> credentials;
+ private Map<String,?> properties;
+
+ /* (non-Javadoc)
+ * @see org.jboss.soa.esb.services.security.auth.AuthenticationRequest#getCredentials()
+ */
+ public Set<?> getCredentials()
+ {
+ return credentials;
+ }
+
+ /* (non-Javadoc)
+ * @see org.jboss.soa.esb.services.security.auth.AuthenticationRequest#getProperties()
+ */
+ public Map<String, ?> getProperties()
+ {
+ return properties;
+ }
+
+ /* (non-Javadoc)
+ * @see org.jboss.soa.esb.services.security.auth.AuthenticationRequest#getPrincipal()
+ */
+ public Principal getPrincipal()
+ {
+ return principal;
+ }
+
+ public static class Builder
+ {
+ // required
+ private Principal principal;
+ private Set<?> credentials;
+
+ // optional
+ private Map<String,Object> properties = new HashMap<String,Object>();
+
+ public Builder(final Principal principal, final Set<?> credentials)
+ {
+ this.principal = principal;
+ this.credentials = credentials;
+ }
+
+ public Builder property( final String name, final Object value)
+ {
+ properties.put(name, value);
+ return this;
+ }
+
+ public AuthenticationRequest bulid()
+ {
+ return new AuthenticationRequestImpl(this);
+ }
+ }
+
+ private AuthenticationRequestImpl(final Builder builder)
+ {
+ principal = builder.principal;
+ credentials = builder.credentials;
+ properties = builder.properties;
+ }
+
+}
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/HttpAuthRequestBuilder.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/HttpAuthRequestBuilder.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/auth/http/HttpAuthRequestBuilder.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -0,0 +1,12 @@
+package org.jboss.soa.esb.services.security.auth.http;
+
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequest;
+import org.jboss.soa.esb.services.security.auth.AuthenticationRequestBuilder;
+
+public class HttpAuthRequestBuilder implements AuthenticationRequestBuilder
+{
+ public AuthenticationRequest buildRequest(final Object request)
+ {
+ return null;
+ }
+}
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/DummyCallbackHandler.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/DummyCallbackHandler.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/DummyCallbackHandler.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -0,0 +1,42 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.internal.soa.esb.services.security;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class DummyCallbackHandler implements CallbackHandler
+{
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
+ {
+ // no op
+ }
+
+}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -62,7 +62,7 @@
{
SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(null, null, "SuccessfulLogin");
JaasSecurityContext context = new JaasSecurityContext(configInfo, subject);
-
+ service.configure();
service.authenticate(context, null);
Set<TestPrincipal> principals = context.getSubject().getPrincipals( TestPrincipal.class );
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/sso-security-properties.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/sso-security-properties.xml 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/sso-security-properties.xml 2008-07-28 10:00:01 UTC (rev 21254)
@@ -39,6 +39,7 @@
</properties>
<properties name="security">
<property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
+ <property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.DummyCallbackHandler"/>
<property name="org.jboss.soa.esb.services.security.configUrl" value="opensso.properties"/>
</properties>
<properties name="registry">
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-07-28 09:51:15 UTC (rev 21253)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -78,23 +78,6 @@
}
@Test
- public void needsAuthentication()
- {
- final String moduleName = "testModule";
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, moduleName);
- SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
- assertTrue(securityInfo.needsAuthentiation());
- }
-
- @Test
- public void doesNotNeedAuthentication()
- {
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, null);
- SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
- assertFalse(securityInfo.needsAuthentiation());
- }
-
- @Test
public void hasRunAs()
{
final ConfigTree securityFragment = createSecurityFragment(runAs, null, null);
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestUnitTest.java (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/AuthenticationRequestUnitTest.java 2008-07-28 10:00:01 UTC (rev 21254)
@@ -0,0 +1,52 @@
+/*
+ * JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
+ * LLC, and individual contributors by the @authors tag. See the copyright.txt
+ * in the distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This software is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this software; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ * site: http://www.fsf.org.
+ */
+package org.jboss.soa.esb.services.security.auth;
+
+import static org.junit.Assert.*;
+
+import java.security.Principal;
+
+import org.jboss.soa.esb.services.security.TestPrincipal;
+import org.junit.Test;
+
+import junit.framework.JUnit4TestAdapter;
+
+/**
+ *
+ * @author <a href="mailto:dbevenius at redhat.com">Daniel Bevenius</a>
+ *
+ */
+public class AuthenticationRequestUnitTest
+{
+ @Test
+ public void contruct()
+ {
+ final Principal principal = new TestPrincipal("testUser");
+ AuthenticationRequest request = new AuthenticationRequestImpl.Builder(principal, null ).bulid();
+ assertEquals( principal, request.getPrincipal());
+ }
+
+ public static junit.framework.Test suite()
+ {
+ return new JUnit4TestAdapter(AuthenticationRequestUnitTest.class);
+ }
+
+}
More information about the jboss-svn-commits
mailing list