[jbpm-commits] JBoss JBPM SVN: r3419 - jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication.

do-not-reply at jboss.org do-not-reply at jboss.org
Thu Dec 18 05:28:30 EST 2008


Author: camunda
Date: 2008-12-18 05:28:30 -0500 (Thu, 18 Dec 2008)
New Revision: 3419

Modified:
   jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationService.java
   jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationServiceFactory.java
Log:
JBPM-1909: Added configuration properties to factory (like in other places of jbpm)

Modified: jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationService.java
===================================================================
--- jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationService.java	2008-12-18 09:25:04 UTC (rev 3418)
+++ jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationService.java	2008-12-18 10:28:30 UTC (rev 3419)
@@ -36,8 +36,10 @@
 
 /**
  * gets the authenticated actor id from the current Subject.
- * This Authenticator requires another configuration parameter 
- * 'jbpm.authenticator.principal.classname'. This configuration property 
+ * This Authenticator is either configured via the {@link SubjectAuthenticationServiceFactory}
+ * or it requires the two other configuration parameter 
+ * 'jbpm.authenticator.principal.classname' and 'jbpm.authenticator.principal.allow.overwrite'
+ * This configuration property 
  * specifies the class name of the principal that should be used from 
  * the current subject. This could be for example org.jboss.security.CallerIdentity
  * in an JBoss AS. 
@@ -55,13 +57,38 @@
   
   private static Log log = LogFactory.getLog(JbpmContext.class);
   
-  private static final String principalClassName = JbpmConfiguration.Configs.getString("jbpm.authenticator.principal.classname");
-  private static Class principalClass = ClassLoaderUtil.loadClass(principalClassName);
+  private Class principalClass;
   
-  private static final boolean allowActorIdOverwrite = JbpmConfiguration.Configs.getBoolean("jbpm.authenticator.principal.allow.overwrite");
+  private boolean allowActorIdOverwrite;
   
   private String actorId;
+  
+  public SubjectAuthenticationService(String principalClassName, Boolean allowActorIdOverwrite)
+  {
+    if (principalClassName!=null) {
+      initPrincipalClass( principalClassName );
+    }
+    else {
+      initPrincipalClass(JbpmConfiguration.Configs.getString("jbpm.authenticator.principal.classname") );      
+    }
+    if (allowActorIdOverwrite!=null) {
+      this.allowActorIdOverwrite = allowActorIdOverwrite;      
+    }
+    else {
+      this.allowActorIdOverwrite = JbpmConfiguration.Configs.getBoolean("jbpm.authenticator.principal.allow.overwrite");
+    }
+  }
 
+  public SubjectAuthenticationService() 
+  {    
+    initPrincipalClass(JbpmConfiguration.Configs.getString("jbpm.authenticator.principal.classname") );      
+    allowActorIdOverwrite = JbpmConfiguration.Configs.getBoolean("jbpm.authenticator.principal.allow.overwrite");
+  }
+
+  protected void initPrincipalClass(String principalClassName) {
+    this.principalClass = ClassLoaderUtil.loadClass(principalClassName);
+  }
+
   public String getActorId() {
     if (actorId==null) {
 

Modified: jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationServiceFactory.java
===================================================================
--- jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationServiceFactory.java	2008-12-18 09:25:04 UTC (rev 3418)
+++ jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationServiceFactory.java	2008-12-18 10:28:30 UTC (rev 3419)
@@ -27,16 +27,63 @@
 /**
  * Factory to create a {@link SubjectAuthenticationService}.
  * 
+ * Two properties can be set:  allowActorIdOverwrite & principalClassName.
+ * 
+ * principalClassName configuration property 
+ * specifies the class name of the principal that should be used from 
+ * the current subject. This could be for example org.jboss.security.CallerIdentity
+ * in an JBoss AS. 
+ * 
+ * If not actorId is set, the name of that principal is used as the 
+ * currently authenticated actorId. If an actorId!=null is set (via setActorId)
+ * this one overwrites the principal. This behavior is configurable via
+ * the allowActorIdOverwrite attribute. If this
+ * is set to false, setActorId is simply ignored.
+ * 
+ * Example:
+ * <service name="authentication">
+ *   <factory>
+ *      <bean class="org.jbpm.security.authentication.SubjectAuthenticationServiceFactory">
+ *         <field name="principalClassName"> <string value="org.jboss.security.CallerIdentity" /> </field>
+ *         <field name="allowActorIdOverwrite"> <boolean value="true" /> </field>
+ *      </bean>
+ *   </factory>
+ * </service>
+ * 
  * @author bernd.ruecker at camunda.com
  */
 public class SubjectAuthenticationServiceFactory implements ServiceFactory {
 
   private static final long serialVersionUID = 1L;
+  
+  private Boolean allowActorIdOverwrite;
+  
+  private String principalClassName;
 
   public Service openService() {
-    return new SubjectAuthenticationService();
+    return new SubjectAuthenticationService(principalClassName, allowActorIdOverwrite);
   }
 
   public void close() {
   }
+
+  public boolean isAllowActorIdOverwrite()
+  {
+    return allowActorIdOverwrite;
+  }
+
+  public void setAllowActorIdOverwrite(boolean allowActorIdOverwrite)
+  {
+    this.allowActorIdOverwrite = allowActorIdOverwrite;
+  }
+
+  public String getPrincipalClassName()
+  {
+    return principalClassName;
+  }
+
+  public void setPrincipalClassName(String principalClassName)
+  {
+    this.principalClassName = principalClassName;
+  }
 }




More information about the jbpm-commits mailing list