[jboss-svn-commits] JBL Code SVN: r23470 - in labs/jbossesb/branches/JBESB_4_4_GA_CP/product: docs and 10 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Thu Oct 16 01:58:54 EDT 2008
Author: beve
Date: 2008-10-16 01:58:54 -0400 (Thu, 16 Oct 2008)
New Revision: 23470
Added:
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/login-config.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/login-config.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/login-config.xml
Removed:
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/install/conf/jaas.login
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas.login
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jaas.login
Modified:
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.classpath
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/build-distr.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.odt
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.pdf
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/install/conf/jbossesb-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/build.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/security-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipelineUnitTest.java
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/security-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/build.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbossesb-properties.xml
labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/readme.txt
Log:
Work for https://jira.jboss.org/jira/browse/JBESB-2120 "JaasSecurityService configured multiple times"
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.classpath
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.classpath 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/.classpath 2008-10-16 05:58:54 UTC (rev 23470)
@@ -1,6 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry excluding="**/.svn/" kind="src" path="rosetta/src"/>
+ <classpathentry kind="src" path="rosetta/tests/resources"/>
<classpathentry excluding="**/.svn/" kind="src" path="rosetta/tests/src"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
<classpathentry kind="lib" path="build/lib/activation-1.1.jar"/>
@@ -30,13 +31,13 @@
<classpathentry kind="lib" path="build/lib/jaxb-xjc-2.1.4.jar"/>
<classpathentry kind="lib" path="build/lib/jaxen-1.1-beta-8.jar"/>
<classpathentry kind="lib" path="build/lib/jaxr-api-1.0rc2.jar"/>
+ <classpathentry kind="lib" path="build/lib/jbossall-client-4.2.2.GA.jar"/>
<classpathentry kind="lib" path="build/lib/jaxws-rt-2.1.1.jar"/>
<classpathentry kind="lib" path="build/lib/jaxws-tools-2.1.1.jar"/>
- <classpathentry kind="lib" path="build/lib/jboss-4.2.2.GA.jar"/>
<classpathentry kind="lib" path="build/lib/jboss-aop-jdk50-1.5.6.GA.jar"/>
<classpathentry kind="lib" path="build/lib/jboss-cache-1.2.4.SP2.jar"/>
<classpathentry kind="lib" path="build/lib/jboss-system-4.2.2.GA.jar"/>
- <classpathentry kind="lib" path="build/lib/jbossall-client-4.2.2.GA.jar"/>
+ <classpathentry kind="lib" path="build/jbossesb/lib/ext/jbosssx.jar"/>
<classpathentry kind="lib" path="build/lib/jcr-1.0.jar"/>
<classpathentry kind="lib" path="build/lib/jdom-1.0.jar"/>
<classpathentry kind="lib" path="build/lib/jettison-1.0-RC1.jar"/>
@@ -141,5 +142,6 @@
<classpathentry kind="lib" path="ftp/lib/ftplet-api-1.0-incubator-SNAPSHOT.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftpserver-admin-gui-1.0-incubator-SNAPSHOT.jar"/>
<classpathentry kind="lib" path="ftp/lib/ftpserver-core-1.0-incubator-SNAPSHOT.jar"/>
+ <classpathentry kind="lib" path="build/lib/jboss-4.2.2.GA.jar"/>
<classpathentry kind="output" path="bin"/>
</classpath>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/build-distr.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/build-distr.xml 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/build-distr.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -80,7 +80,6 @@
<include name="jbossesb-properties.xml"/>
<include name="esb.juddi.xml"/>
<include name="actionArtifactMap.properties"/>
- <include name="jaas.login"/>
<include name="privateKeyStore"/>
<include name="publicKeyStore"/>
</fileset>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.odt
===================================================================
(Binary files differ)
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/docs/ServicesGuide.pdf
===================================================================
(Binary files differ)
Deleted: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/install/conf/jaas.login
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/install/conf/jaas.login 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/install/conf/jaas.login 2008-10-16 05:58:54 UTC (rev 23470)
@@ -1 +0,0 @@
-// Plase login module configs here
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/install/conf/jbossesb-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/install/conf/jbossesb-properties.xml 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/install/conf/jbossesb-properties.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -40,7 +40,6 @@
<properties name="security">
<property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
<property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
- <property name="org.jboss.soa.esb.services.security.configUrl" value="/jaas.login"/>
<property name="org.jboss.soa.esb.services.security.privateKeystore" value="/privateKeyStore"/>
<property name="org.jboss.soa.esb.services.security.privateKeystorePassword" value="testKeystorePassword"/>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/internal/soa/esb/services/security/JaasSecurityService.java 2008-10-16 05:58:54 UTC (rev 23470)
@@ -20,24 +20,19 @@
*/
package org.jboss.internal.soa.esb.services.security;
-import java.net.URL;
import java.security.Principal;
-import java.security.Security;
import java.util.List;
-import java.util.Properties;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import org.apache.log4j.Logger;
import org.jboss.internal.soa.esb.assertion.AssertArgument;
import org.jboss.security.RunAsIdentity;
import org.jboss.security.SecurityAssociation;
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.common.Configuration;
-import org.jboss.soa.esb.common.Environment;
import org.jboss.soa.esb.services.security.SecurityConfig;
import org.jboss.soa.esb.services.security.SecurityContext;
import org.jboss.soa.esb.services.security.SecurityService;
@@ -47,8 +42,6 @@
import org.jboss.soa.esb.services.security.principals.Role;
import org.jboss.soa.esb.util.ClassUtil;
-import com.sun.security.auth.login.ConfigFile;
-
/**
* Concrete impl of a SecurityService in JBoss ESB that uses JAAS.
* <p/>
@@ -60,7 +53,6 @@
* <properties name="security">
* <property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
* <property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
- * <property name="org.jboss.soa.esb.services.security.configUrl" value="/jaas.login"/>
* </properties>
* </pre>}
*
@@ -70,39 +62,14 @@
public final class JaasSecurityService implements SecurityService
{
/*
- * Property name for login config urls.
- */
- private static final String LOGIN_CONFIG_URL_PREFIX = "login.config.url.";
-
- /*
* Callback handler implementation name
*/
private String callbackHandlerClassName;
- /*
- * Original login configuration e.g JBoss AS login configuration
- */
- private javax.security.auth.login.Configuration containerConfig;
-
- /*
- * Custom login configuration
- */
- private javax.security.auth.login.Configuration configuration;
-
- private final Logger log = Logger.getLogger(JaasSecurityService.class);
-
/**
* Performs authentication of the passed in SecurityContext.
* </p>
*
- * This method will first try to authenticate the authRequest by using a custom <br>
- * javax.security.auth.login.Configuration, which would be the case where the <br>
- * login module name specified exists in a jaas.login file.
- * <br>
- * If the login module name cannot be found in jaas.login then this method will <br>
- * fall back and try to authenticate using a an underlying Configuration. This would <br>
- * be the case when running in an appserver for instance.
- *
* @param config - the security configuration. Properties from jboss-esb.xml
* @param securityContext - the security context to be used.
* @param authRequest - the authentication request to be processed.
@@ -118,18 +85,14 @@
try
{
final EsbCallbackHandler callbackHandler = createCallbackHandler(config, authRequest);
- try
+ if (callbackHandler != null)
{
- // try to login with a standalone jaas login configuration file(for example jaas.login file)
- loginContext = new LoginContext(config.getModuleName(), securityContext.getSubject(), callbackHandler, getConfiguration());
+ loginContext = new LoginContext(config.getModuleName(), securityContext.getSubject(), callbackHandler);
}
- catch (final LoginException ignore)
+ else
{
- // fall back and try using the orginal configuration(for example jboss login-config.xml)
- loginContext = new LoginContext(config.getModuleName(), securityContext.getSubject(), callbackHandler, containerConfig);
+ loginContext = new LoginContext(config.getModuleName(), securityContext.getSubject());
}
-
- // invoke the login process
loginContext.login();
final Subject subject = securityContext.getSubject();
@@ -147,7 +110,6 @@
// associate the runAs role with jboss security
SecurityAssociation.pushRunAsIdentity(new RunAsIdentity(runAs, principal.getName()));
}
-
}
catch (final LoginException e)
{
@@ -180,7 +142,7 @@
*/
public boolean isCallerInRole( final Subject subject, final Principal role)
{
- Set<java.security.acl.Group> principals = subject.getPrincipals(java.security.acl.Group.class);
+ final Set<java.security.acl.Group> principals = subject.getPrincipals(java.security.acl.Group.class);
for (java.security.acl.Group group : principals)
{
if ( group.isMember(role) )
@@ -195,31 +157,8 @@
*/
public void configure() throws ConfigurationException
{
- try
- {
- containerConfig = javax.security.auth.login.Configuration.getConfiguration();
- }
- catch(final SecurityException ignore)
- {
- log.warn("Could not locate a security configuration");
- }
-
- final Properties securityProperties = Configuration.getSecurityServiceProperies();
- final String loginConfigUrl = securityProperties.getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
- if ( loginConfigUrl != null )
- {
- final URL loginUrl = ClassUtil.getResource(loginConfigUrl, getClass());
- if ( loginUrl == null )
- {
- final String invalidPropertyMsg = "The value for property [" + Environment.SECURITY_SERVICE_CONFIG_URL +
- "] must be a valid URL. This property should point to a file on the local file system or on the classpath.";
- throw new ConfigurationException(invalidPropertyMsg);
- }
- addLoginConfig(loginUrl);
- }
-
// get a EsbCallbackHandler if one is configured in jbossesb-properties.xml
- callbackHandlerClassName = securityProperties.getProperty(Environment.SECURITY_SERVICE_CALLBACK_HANLDER_CLASS);
+ callbackHandlerClassName = Configuration.getSecurityServiceCallbackHandlerImplClass();
}
public void logout(SecurityConfig config)
@@ -227,16 +166,12 @@
// NoOp
}
- public synchronized void refreshSecurityConfig()
- {
- if ( configuration != null )
- {
- log.info("Refreshing Security configuration");
- configuration.refresh();
- }
- }
+ public void refreshSecurityConfig()
+ {
+ // NoOp
+ }
- private Principal getPrincipal( final Subject subject)
+ private Principal getPrincipal( final Subject subject)
{
for (Principal principal : subject.getPrincipals())
{
@@ -287,53 +222,12 @@
return callbackHandler;
}
- private void addLoginConfig(final URL loginConfigUrl) throws ConfigurationException
- {
- if (loginConfigUrl == null)
- {
- throw new ConfigurationException("Could not locate the login config file at Url [" + loginConfigUrl + "]");
- }
-
- int urlIndex = 1;
- boolean loginUrlRegistered = false;
- String registeredLoginUrl;
- while ((registeredLoginUrl = Security.getProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex)) != null)
- {
- loginUrlRegistered = registeredLoginUrl.equals(loginConfigUrl.toString());
- if (loginUrlRegistered)
- {
- break;
- }
- else
- {
- urlIndex++;
- }
- }
-
- if (!loginUrlRegistered)
- {
- log.info("Adding file [ " + loginConfigUrl + "] as [" + LOGIN_CONFIG_URL_PREFIX + urlIndex + "]");
- Security.setProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex, loginConfigUrl.toExternalForm());
- setConfiguration(new ConfigFile());
- }
- }
-
- private synchronized javax.security.auth.login.Configuration getConfiguration()
- {
- return configuration;
- }
-
- private synchronized void setConfiguration(final javax.security.auth.login.Configuration configuration)
- {
- this.configuration = configuration;
- }
-
private void addRunAs( final String runAs, final Subject subject )
{
if ( runAs != null )
{
final Role runAsRole = new Role(runAs);
- Set<Group> principals = subject.getPrincipals(Group.class);
+ final Set<Group> principals = subject.getPrincipals(Group.class);
if ( principals.isEmpty() )
{
final Group group = new Group("Roles");
@@ -358,7 +252,7 @@
try
{
@SuppressWarnings("unchecked")
- Class<T> forName = ClassUtil.forName(className, getClass());
+ final Class<T> forName = ClassUtil.forName(className, getClass());
return forName.newInstance();
}
catch (final ClassNotFoundException e)
@@ -374,5 +268,4 @@
throw new SecurityServiceException("IllegalAccess while trying to create an impl of [" + className + "]", e);
}
}
-
}
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/common/Configuration.java 2008-10-16 05:58:54 UTC (rev 23470)
@@ -462,11 +462,6 @@
return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_IMPEMENTATION_CLASS);
}
- public static String getSecurityServiceConfigUrl()
- {
- return ModulePropertyManager.getPropertyManager(ModulePropertyManager.SECURITY_MODULE).getProperty(Environment.SECURITY_SERVICE_CONFIG_URL);
- }
-
/*
* Private Keystore getters
*/
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipeline.java 2008-10-16 05:58:54 UTC (rev 23470)
@@ -308,9 +308,6 @@
{
securityConf = SecurityConfigUtil.createSecurityConfig(securityConfigs[0]);
LOGGER.debug(securityConf);
- final SecurityService securitySerivce = SecurityServiceFactory.getSecurityService();
- securitySerivce.configure();
- securitySerivce.refreshSecurityConfig();
}
}
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityServiceFactory.java 2008-10-16 05:58:54 UTC (rev 23470)
@@ -2,17 +2,17 @@
* JBoss, Home of Professional Open Source Copyright 2008, Red Hat Middleware
* LLC, and individual contributors by the @authors tag. See the copyright.txt
* in the distribution for a full listing of individual contributors.
- *
+ *
* This is free software; you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 2.1 of the License, or (at your option)
* any later version.
- *
+ *
* This software is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
* details.
- *
+ *
* You should have received a copy of the GNU Lesser General Public License
* along with this software; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
@@ -28,7 +28,7 @@
public class SecurityServiceFactory
{
private static Logger log = Logger.getLogger(SecurityServiceFactory.class);
-
+
private static SecurityService instance;
private SecurityServiceFactory() { }
@@ -52,11 +52,12 @@
log.info("Using [" + className + "] as the SecurityService implementation.");
Class<?> securityClass = ClassUtil.forName(className, SecurityService.class);
service = (SecurityService) securityClass.newInstance();
- }
+ service.configure();
+ }
catch (ClassNotFoundException e)
{
throw new ConfigurationException("SecurityService Implementation=" + className + " not found", e);
- }
+ }
catch (Exception e)
{
throw new ConfigurationException("Invocation exception. " + e.getLocalizedMessage(), e);
@@ -64,5 +65,5 @@
instance = service;
return service;
}
-
+
}
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/build.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/build.xml 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/build.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -25,6 +25,9 @@
<property name="org.jboss.esb.ftp.lib.dir" location="${org.jboss.esb.root.dir}/ftp/lib"/>
<path id="org.jboss.esb.tests.base.classpath">
+ <!-- added these first two jar explicetly to get the security features working -->
+ <fileset dir="${org.jboss.esb.lib.dir}" includes="jaxr-api*.jar"/>
+ <fileset dir="${org.jboss.esb.lib.dir}" includes="jbossall-client-*.jar"/>
<fileset dir="${org.jboss.esb.ext.lib.dir}" includes="*.jar"/>
<fileset dir="${org.jboss.esb.lib.dir}" includes="*.jar"/>
<fileset dir="${org.jboss.esb.root.dir}/../testlib" includes="*.jar"/>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-10-16 05:58:54 UTC (rev 23470)
@@ -30,9 +30,11 @@
import java.util.Set;
import javax.security.auth.Subject;
+import javax.security.auth.login.Configuration;
import junit.framework.JUnit4TestAdapter;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.common.Environment;
import org.jboss.soa.esb.services.security.SecurityConfig;
@@ -173,7 +175,6 @@
Builder builder = new SecurityConfig.Builder("SuccessfulLogin");
SecurityConfig configInfo = builder.build();
SecurityContext context = new SecurityContext(new Subject());
- service.refreshSecurityConfig();
try
{
service.authenticate( configInfo, context, null );
@@ -190,7 +191,18 @@
jbossEsbProperties = System.getProperty(Environment.PROPERTIES_FILE);
URL resource = ClassUtil.getResource("security-properties.xml", getClass());
System.setProperty(Environment.PROPERTIES_FILE, "abs://" + resource.getFile());
- service.configure();
+
+ // set up login-config.xml
+ XMLLoginConfigImpl loginConfigImpl = new XMLLoginConfigImpl();
+ loginConfigImpl.setValidateDTD(true);
+
+ // our login-config.xml (in the same directory as this class
+ URL loginConfig = ClassUtil.getResource("login-config.xml", getClass());
+ System.setProperty("java.security.auth.login.config", loginConfig.getFile());
+ loginConfigImpl.loadConfig();
+
+ Configuration.setConfiguration(loginConfigImpl);
+
}
@After
Deleted: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas.login
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas.login 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/jaas.login 2008-10-16 05:58:54 UTC (rev 23470)
@@ -1,9 +0,0 @@
-SuccessfulLogin {
- org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=true;
-};
-FailureLogin {
- org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
-};
-UserPassLogin {
- org.jboss.soa.esb.services.security.UserPassLoginModule required;
-};
\ No newline at end of file
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/login-config.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/login-config.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/login-config.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -0,0 +1,29 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+<policy>
+
+ <application-policy name = "SuccessfulLogin">
+ <authentication>
+ <login-module code = "org.jboss.soa.esb.services.security.TestLoginModule" flag = "required" >
+ <module-option name = "forceLogin">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "FailureLogin">
+ <authentication>
+ <login-module code = "org.jboss.soa.esb.services.security.TestLoginModule" flag = "required" >
+ <module-option name = "forceLogin">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "UserPassLogin">
+ <authentication>
+ <login-module code = "org.jboss.soa.esb.services.security.UserPassLoginModule" flag = "required"/>
+ </authentication>
+ </application-policy>
+
+</policy>
+
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/security-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/security-properties.xml 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/internal/soa/esb/services/security/security-properties.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -40,7 +40,6 @@
<properties name="security">
<property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
<property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
- <property name="org.jboss.soa.esb.services.security.configUrl" value="jaas.login"/>
<property name="org.jboss.soa.esb.services.security.privateKeystore" value="privateKeyStore"/>
<property name="org.jboss.soa.esb.services.security.privateKeystorePassword" value="testKeystorePassword"/>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipelineUnitTest.java
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipelineUnitTest.java 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/ActionProcessingPipelineUnitTest.java 2008-10-16 05:58:54 UTC (rev 23470)
@@ -24,14 +24,13 @@
import java.io.Serializable;
import java.net.URL;
-import java.security.AccessControlContext;
-import java.security.AccessController;
import javax.security.auth.Subject;
+import javax.security.auth.login.Configuration;
-import junit.framework.JUnit4TestAdapter;
import junit.framework.TestCase;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.common.Environment;
import org.jboss.soa.esb.common.ModulePropertyManager;
@@ -42,7 +41,6 @@
import org.jboss.soa.esb.message.format.MessageFactory;
import org.jboss.soa.esb.services.security.PublicCryptoUtil;
import org.jboss.soa.esb.services.security.SecurityContext;
-import org.jboss.soa.esb.services.security.SecurityContextUnitTest;
import org.jboss.soa.esb.services.security.SecurityService;
import org.jboss.soa.esb.services.security.SecurityServiceException;
import org.jboss.soa.esb.services.security.TestPrincipal;
@@ -50,8 +48,6 @@
import org.jboss.soa.esb.services.security.auth.AuthenticationRequestImpl;
import org.jboss.soa.esb.services.security.principals.User;
import org.jboss.soa.esb.util.ClassUtil;
-import org.junit.After;
-import org.junit.Before;
public class ActionProcessingPipelineUnitTest extends TestCase
{
@@ -75,6 +71,17 @@
jbossEsbProperties = System.getProperty(Environment.PROPERTIES_FILE);
URL resource = ClassUtil.getResource("security-properties.xml", getClass());
System.setProperty(Environment.PROPERTIES_FILE, "abs://" + resource.getFile());
+
+ // set up login-config.xml
+ XMLLoginConfigImpl loginConfigImpl = new XMLLoginConfigImpl();
+ loginConfigImpl.setValidateDTD(true);
+
+ // our login-config.xml (in the same directory as this class
+ URL loginConfig = ClassUtil.getResource("login-config.xml", getClass());
+ System.setProperty("java.security.auth.login.config", loginConfig.getFile());
+ loginConfigImpl.loadConfig();
+
+ Configuration.setConfiguration(loginConfigImpl);
}
@Override
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/login-config.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/login-config.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/login-config.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -0,0 +1,29 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+<policy>
+
+ <application-policy name = "SuccessfulLogin">
+ <authentication>
+ <login-module code = "org.jboss.soa.esb.services.security.TestLoginModule" flag = "required" >
+ <module-option name = "forceLogin">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "FailureLogin">
+ <authentication>
+ <login-module code = "org.jboss.soa.esb.services.security.TestLoginModule" flag = "required" >
+ <module-option name = "forceLogin">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "UserPassLogin">
+ <authentication>
+ <login-module code = "org.jboss.soa.esb.services.security.UserPassLoginModule" flag = "required"/>
+ </authentication>
+ </application-policy>
+
+</policy>
+
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/security-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/security-properties.xml 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/listeners/message/security-properties.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -40,7 +40,6 @@
<properties name="security">
<property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
<property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
- <property name="org.jboss.soa.esb.services.security.configUrl" value="jaas.login"/>
<property name="org.jboss.soa.esb.services.security.privateKeystore" value="privateKeyStore"/>
<property name="org.jboss.soa.esb.services.security.privateKeystorePassword" value="testKeystorePassword"/>
Deleted: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login 2008-10-16 05:58:54 UTC (rev 23470)
@@ -1,9 +0,0 @@
-SuccessfulLogin {
- org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=true;
-};
-FailureLogin {
- org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
-};
-UserPassLogin {
- org.jboss.soa.esb.services.security.SimpleLoginModule required ;
-};
\ No newline at end of file
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/rosetta/tests/src/org/jboss/soa/esb/services/security/security-properties.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -40,7 +40,6 @@
<properties name="security">
<property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
<property name="org.jboss.soa.esb.services.security.callbackHandler" value="org.jboss.internal.soa.esb.services.security.UserPassCallbackHandler"/>
- <property name="org.jboss.soa.esb.services.security.configUrl" value="jaas.login"/>
<property name="org.jboss.soa.esb.services.security.privateKeystore" value="privateKeyStore"/>
<property name="org.jboss.soa.esb.services.security.privateKeystorePassword" value="testKeystorePassword"/>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/build.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/build.xml 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/build.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -52,15 +52,14 @@
</target>
<target name="quickstart-specific-deploys">
- <echo message="Copy jaas.login to jbossesb.sar" />
- <copy todir="${org.jboss.esb.server.deploy.dir}/jbossesb.sar" filtering="true" overwrite="true">
+ <copy todir="${build.dir}" filtering="true" overwrite="true">
<filterset>
<filter token="KEYSTORE_PATH" value="${basedir}/keystore"/>
<filter token="ROLES_FILE_PATH" value="${basedir}/roles.properties"/>
</filterset>
<fileset dir="${basedir}">
- <include name="jaas.login"/>
+ <include name="login-config.xml"/>
</fileset>
</copy>
</target>
Deleted: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jaas.login
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jaas.login 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jaas.login 2008-10-16 05:58:54 UTC (rev 23470)
@@ -1,3 +0,0 @@
-CertLogin {
- org.jboss.soa.esb.services.security.auth.login.CertificateLoginModule required keyStoreURL="file://@KEYSTORE_PATH@" keyStorePassword="storepassword" rolesPropertiesFile="file://@ROLES_FILE_PATH@";
-};
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbossesb-properties.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbossesb-properties.xml 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/jbossesb-properties.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -39,7 +39,6 @@
</properties>
<properties name="security">
<property name="org.jboss.soa.esb.services.security.implementationClass" value="org.jboss.internal.soa.esb.services.security.JaasSecurityService"/>
- <property name="org.jboss.soa.esb.services.security.configUrl" value="/jaas.login"/>
</properties>
<properties name="registry">
<property name="org.jboss.soa.esb.registry.queryManagerURI" value="org.apache.juddi.registry.local.InquiryService#inquire"/>
Added: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/login-config.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/login-config.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/login-config.xml 2008-10-16 05:58:54 UTC (rev 23470)
@@ -0,0 +1,10 @@
+ <!-- To be pasted into <server>/<configname>/conf/login-config.xml -->
+ <application-policy name = "CertLogin">
+ <authentication>
+ <login-module code = "org.jboss.soa.esb.services.security.auth.login.CertificateLoginModule" flag = "required" >
+ <module-option name = "keyStoreURL">file://@KEYSTORE_PATH@</module-option>
+ <module-option name = "keyStorePassword">storepassword</module-option>
+ <module-option name = "rolesPropertiesFile">file://@ROLES_FILE_PATH@</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
Modified: labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/readme.txt
===================================================================
--- labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/readme.txt 2008-10-16 05:34:28 UTC (rev 23469)
+++ labs/jbossesb/branches/JBESB_4_4_GA_CP/product/samples/quickstarts/security_cert/readme.txt 2008-10-16 05:58:54 UTC (rev 23470)
@@ -49,11 +49,14 @@
1. Type 'ant deploy'.
- 2. Type 'ant runtest'.
+ 2. Copy the xml element from build/login-config.xml and paste it into your servers conf/login-config.xml
+ This contains the login module configuration used by this quickstart.
+ 3. Restart you jbossesb server. This is needed so that the security configuration get picked up.
+ 4. Type 'ant runtest'.
- 3. Switch back to Application Server console to see the output from the ESB
+ 5. Switch back to Application Server console to see the output from the ESB
- 4. In this folder ("Window1"), type 'ant undeploy'.
+ 6. In this folder ("Window1"), type 'ant undeploy'.
@@ -66,7 +69,7 @@
<security moduleName="CertLogin" rolesAllowed="worker" callbackHandler="org.jboss.soa.esb.services.security.auth.login.CertCallbackHandler">
<property name="alias" value="certtest"/>
</security>
- # 'moduleName' identified the JAAS Login Module to use. This is an index into the file jaas.login.
+ # 'moduleName' identified the JAAS Login Module to use. This is an index into the file login-config.xml file.
# 'rolesAllowed' lists the roles that are allowed to execute this service. To see how the roles are mapped please see item 3 below.
# 'alias' specifies the alias that will be used to identify a certificate in the keystore.
@@ -75,16 +78,22 @@
2.JAAS Configuration
- CertLogin {
- org.jboss.soa.esb.services.security.auth.login.CertificateLoginModule required keyStoreURL="file://@KEYSTORE_PATH@" keyStorePassword="storepassword" rolesPropertiesFile="file://@ROLES_FILE_PATH@";
- };
+ <application-policy name = "CertLogin">
+ <authentication>
+ <login-module code = "org.jboss.soa.esb.services.security.auth.login.CertificateLoginModule" flag = "required" >
+ <module-option name = "keyStoreURL">file://@KEYSTORE_PATH@</module-option>
+ <module-option name = "keyStorePassword">storepassword</module-option>
+ <module-option name = "rolesPropertiesFile">file://@ROLES_FILE_PATH@</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
# CertificateLoginModule is the login module that will be used.
# 'keyStoreURL' is the path to the keystore that will be used to verify the certificates. This can be a file on the local file system or on the classpath.
# 'keyStorePassword' is the password to the keystore.
# 'rolesPropertiesFile' path to a file containing role mappings. Please see the next item for more information about the roles mapping.
3.Role Mapping
- This file is can be optionally specified in jaas.login by using the 'rolesPropertiesFile'. This can point to a file on the local file system or to
+ This file is can be optionally specified in login-config.xml by using the 'rolesPropertiesFile'. This can point to a file on the local file system or to
a file on the classpath.
The is an example of such a file:
# user=role1,role2,...
More information about the jboss-svn-commits
mailing list