[jbpm-commits] JBoss JBPM SVN: r3419 - jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication.
do-not-reply at jboss.org
do-not-reply at jboss.org
Thu Dec 18 05:28:30 EST 2008
Author: camunda
Date: 2008-12-18 05:28:30 -0500 (Thu, 18 Dec 2008)
New Revision: 3419
Modified:
jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationService.java
jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationServiceFactory.java
Log:
JBPM-1909: Added configuration properties to factory (like in other places of jbpm)
Modified: jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationService.java
===================================================================
--- jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationService.java 2008-12-18 09:25:04 UTC (rev 3418)
+++ jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationService.java 2008-12-18 10:28:30 UTC (rev 3419)
@@ -36,8 +36,10 @@
/**
* gets the authenticated actor id from the current Subject.
- * This Authenticator requires another configuration parameter
- * 'jbpm.authenticator.principal.classname'. This configuration property
+ * This Authenticator is either configured via the {@link SubjectAuthenticationServiceFactory}
+ * or it requires the two other configuration parameter
+ * 'jbpm.authenticator.principal.classname' and 'jbpm.authenticator.principal.allow.overwrite'
+ * This configuration property
* specifies the class name of the principal that should be used from
* the current subject. This could be for example org.jboss.security.CallerIdentity
* in an JBoss AS.
@@ -55,13 +57,38 @@
private static Log log = LogFactory.getLog(JbpmContext.class);
- private static final String principalClassName = JbpmConfiguration.Configs.getString("jbpm.authenticator.principal.classname");
- private static Class principalClass = ClassLoaderUtil.loadClass(principalClassName);
+ private Class principalClass;
- private static final boolean allowActorIdOverwrite = JbpmConfiguration.Configs.getBoolean("jbpm.authenticator.principal.allow.overwrite");
+ private boolean allowActorIdOverwrite;
private String actorId;
+
+ public SubjectAuthenticationService(String principalClassName, Boolean allowActorIdOverwrite)
+ {
+ if (principalClassName!=null) {
+ initPrincipalClass( principalClassName );
+ }
+ else {
+ initPrincipalClass(JbpmConfiguration.Configs.getString("jbpm.authenticator.principal.classname") );
+ }
+ if (allowActorIdOverwrite!=null) {
+ this.allowActorIdOverwrite = allowActorIdOverwrite;
+ }
+ else {
+ this.allowActorIdOverwrite = JbpmConfiguration.Configs.getBoolean("jbpm.authenticator.principal.allow.overwrite");
+ }
+ }
+ public SubjectAuthenticationService()
+ {
+ initPrincipalClass(JbpmConfiguration.Configs.getString("jbpm.authenticator.principal.classname") );
+ allowActorIdOverwrite = JbpmConfiguration.Configs.getBoolean("jbpm.authenticator.principal.allow.overwrite");
+ }
+
+ protected void initPrincipalClass(String principalClassName) {
+ this.principalClass = ClassLoaderUtil.loadClass(principalClassName);
+ }
+
public String getActorId() {
if (actorId==null) {
Modified: jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationServiceFactory.java
===================================================================
--- jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationServiceFactory.java 2008-12-18 09:25:04 UTC (rev 3418)
+++ jbpm3/trunk/modules/core/src/main/java/org/jbpm/security/authentication/SubjectAuthenticationServiceFactory.java 2008-12-18 10:28:30 UTC (rev 3419)
@@ -27,16 +27,63 @@
/**
* Factory to create a {@link SubjectAuthenticationService}.
*
+ * Two properties can be set: allowActorIdOverwrite & principalClassName.
+ *
+ * principalClassName configuration property
+ * specifies the class name of the principal that should be used from
+ * the current subject. This could be for example org.jboss.security.CallerIdentity
+ * in an JBoss AS.
+ *
+ * If not actorId is set, the name of that principal is used as the
+ * currently authenticated actorId. If an actorId!=null is set (via setActorId)
+ * this one overwrites the principal. This behavior is configurable via
+ * the allowActorIdOverwrite attribute. If this
+ * is set to false, setActorId is simply ignored.
+ *
+ * Example:
+ * <service name="authentication">
+ * <factory>
+ * <bean class="org.jbpm.security.authentication.SubjectAuthenticationServiceFactory">
+ * <field name="principalClassName"> <string value="org.jboss.security.CallerIdentity" /> </field>
+ * <field name="allowActorIdOverwrite"> <boolean value="true" /> </field>
+ * </bean>
+ * </factory>
+ * </service>
+ *
* @author bernd.ruecker at camunda.com
*/
public class SubjectAuthenticationServiceFactory implements ServiceFactory {
private static final long serialVersionUID = 1L;
+
+ private Boolean allowActorIdOverwrite;
+
+ private String principalClassName;
public Service openService() {
- return new SubjectAuthenticationService();
+ return new SubjectAuthenticationService(principalClassName, allowActorIdOverwrite);
}
public void close() {
}
+
+ public boolean isAllowActorIdOverwrite()
+ {
+ return allowActorIdOverwrite;
+ }
+
+ public void setAllowActorIdOverwrite(boolean allowActorIdOverwrite)
+ {
+ this.allowActorIdOverwrite = allowActorIdOverwrite;
+ }
+
+ public String getPrincipalClassName()
+ {
+ return principalClassName;
+ }
+
+ public void setPrincipalClassName(String principalClassName)
+ {
+ this.principalClassName = principalClassName;
+ }
}
More information about the jbpm-commits
mailing list