portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dlest...@apache.org
Subject cvs commit: jakarta-jetspeed-2/components/security/src/java login.conf repository_security.xml
Date Wed, 10 Mar 2004 06:08:50 GMT
dlestrat    2004/03/09 22:08:50

  Added:       components/security/src/java/org/apache/jetspeed/security
                        package.html GroupManager.java Role.java
                        UserManager.java SecurityProvider.java
                        SecurityHelper.java PortletPermission.java
                        UserPrincipal.java GroupPrincipal.java
                        PortletPermissionCollection.java BasePrincipal.java
                        RolePrincipal.java PermissionManager.java
                        SecurityException.java RoleManager.java User.java
                        Group.java
               components/security/src/java login.conf
                        repository_security.xml
  Log:
  More Security component.
  
  Revision  Changes    Path
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/package.html
  
  Index: package.html
  ===================================================================
  <html>
  <head>
    <title>org.apache.jetspeed.security.auth</title>
  </head>
  <body>
  
    <p>Jetspeed security service interfaces.</p>
    
  </body>
  </html>
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/GroupManager.java
  
  Index: GroupManager.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.Collection;
  import java.util.prefs.Preferences;
  
  /**
   * <p>Describes the service interface for managing groups.</p>
   * <p>Group hierarchy elements are being returned as a {@link Group}
   * collection.  The backing implementation must appropriately map 
   * the group hierarchy to a preferences sub-tree.</p> 
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public interface GroupManager
  {
  
      /**
       * <p>Add a new group.</p>
       * <p>Group principal names are relative to the /group node.</p>
       * <p>Group principal path names are stored leveraging the {@link Preferences}
       * api.  Groups will be stored under /group/theGroupName/theGroupNameChild
       * when given the full path name /theGroupName/theGroupNameChild.
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupNameChild).
       * @throws Throws a security exception.
       */
      void addGroup(String groupFullPathName) throws SecurityException;
  
      /**
       * <p>Remove a group.</p>
       * <p>Group principal names are relative to the {@link Preferences}
       * /group node.</p>
       * <p>Group principal path names are stored leveraging the {@link Preferences}
       * api.  Groups will be stored under /group/theGroupName/theGroupNameChild
       * when given the full path name /theGroupName/theGroupNameChild.
       * @param groupFullPathName The group name full path relative to the
       *                          /group node. (e.g. /theGroupName/theGroupNameChild)
       * @throws Throws a security exception.
       */
      void removeGroup(String groupFullPathName) throws SecurityException;
  
      /**
       * <p>Whether or not a group exists.</p>
       * @param groupFullPathName The group name full path relative to the
       *                          /group node. (e.g. /theGroupName/theGroupNameChild)
       * @return Whether or not a group exists.
       */
      boolean groupExists(String groupFullPathName);
  
      /**
       * <p>Get a group {@link Group} for a given group full path name.
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupChildName).
       * @return The {@link Preferences} node.
       * @throws Throws security exception if the group does not exist.
       */
      Group getGroup(String groupFullPathName) throws SecurityException;
  
      /**
       * <p>A collection of {@link Group} for all the groups
       * associated to a specific user.
       * @param username The user name.
       * @return A collection of {@link Group}.
       * @throws Throws security exception if the user does not exist.
       */
      Collection getGroupsForUser(String username) throws SecurityException;
  
      /**
       * <p>A collection of {@link User} for a specific group.</p>
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupChildName).
       * @return A collection of {@link User}.
       * @throws Throws security exception if the group does not exist.
       */
      Collection getUsersInGroup(String groupFullPathName) throws SecurityException;
  
      /**
       * <p>Add a user to a group.</p>
       * @param username The user name.
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupChildName).
       * @throws Throws a security exception.
       */
      void addUserToGroup(String username, String groupFullPathName) throws SecurityException;
  
      /**
       * <p>Remove a user from a group.</p>
       * @param username The user name.
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupChildName).
       * @throws Throws a security exception.
       */
      void removeUserFromGroup(String username, String groupFullPathName) throws SecurityException;
  
      /**
       * <p>Whether or not a user is in a group.</p>
       * @param username The user name.
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupChildName).
       * @return Whether or not a user is in a group.
       * @throws Throws security exception if the user or group does not exist.
       */
      boolean isUserInGroup(String username, String groupFullPathName) throws SecurityException;
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/Role.java
  
  Index: Role.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.prefs.Preferences;
  
  /**
   * <p>A role made of a {@link RolePrincipal} and the role {@link Preferences}.</p>
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public interface Role
  {
      /**
       * <p>Getter for the role {@link RolePrincipal}.</p>
       * @return The {@link RolePrincipal}.
       */
      RolePrincipal getPrincipal();
  
      /**
       * <p>Setter for the role {@link RolePrincipal}.</p>
       * @param rolePrincipal The {@link RolePrincipal}.
       */
      void setPrincipal(RolePrincipal rolePrincipal);
  
      /**
       * <p>Getter for the role {@link Preferences} node, providing access to the
       * role preferences properties.</p>
       * @return The {@link Preferences}.
       */
      Preferences getPreferences();
  
      /**
       * <p>Setter for the role {@link Preferences} node, providing access to the
       * role preferences properties.</p>
       * @param preferences The {@link Preferences}.
       */
      void setPreferences(Preferences preferences);
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/UserManager.java
  
  Index: UserManager.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.Iterator;
  
  /**
   * <p>Describes the interface for managing users and provides access
   * to the {@link User}.</p>
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public interface UserManager
  {
  
      /**
       * <p>Authenticate a user.</p>
       * @param username The user name.
       * @param password The user password.
       * @return Whether or not a user is authenticated.
       */
      boolean authenticate(String username, String password);
  
      /**
       * <p>Add a new user provided a username and password.</p>
       * @param username The user name.
       * @param password The password.
       * @throws Throws a security exception.
       */
      void addUser(String username, String password) throws SecurityException;
  
      /**
       * <p>Remove a user. If there is a {@link java.util.prefs.Preferences} node
       * for profile properties associated to this user, it will be removed as well.</p>
       * <p>{@link java.security.Permission} for this user will be removed as well.</p>
       * @param username The user name.
       * @throws Throws a security exception.
       */
      void removeUser(String username) throws SecurityException;
  
      /**
       * <p>Whether or not a user exists.</p>
       * @param username The user name.
       * @return Whether or not a user exists.
       */
      boolean userExists(String username);
  
      /**
       * <p>Get a {@link User} for a given username.</p>
       * @param username The username.
       * @return The {@link User}.
       * @throws Throws a security exception if the user cannot be found.
       */
      User getUser(String username) throws SecurityException;
  
      /**
       * <p>An iterator of {@link User} finding users matching the
       * corresponding filter criteria.</p>
       * @param filter The filter used to retrieve matching users.
       * @return The Iterator of {@link User}.
       */
      Iterator getUsers(String filter);
  
      /**
       * <p>Set the user password.</p>
       * @param username The user name.
       * @param password The password.
       * @throws Throws a security exception.
       * TODO This method should be changed to support multiple credentials.
       */
      void setPassword(String username, String password) throws SecurityException;
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/SecurityProvider.java
  
  Index: SecurityProvider.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  /**
   * <p>Utility component used to configure the security component.</p>
   * 
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public interface SecurityProvider
  {
      /**
       * <p>Getter for the {@link UserManager}.</p>
       * @return The UserManager.
       */
      UserManager getUserManager();
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/SecurityHelper.java
  
  Index: SecurityHelper.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.security.Principal;
  import java.util.Iterator;
  
  import javax.security.auth.Subject;
  
  import org.apache.jetspeed.security.impl.UserPrincipalImpl;
  import org.apache.jetspeed.security.impl.RolePrincipalImpl;
  import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
  
  /**
   * <p>Security helper.</p>
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   * @version $Id: SecurityHelper.java,v 1.1 2004/03/10 06:08:50 dlestrat Exp $
   */
  public class SecurityHelper
  {
      /**
       * <p>Given a subject, finds the first principal of the given classe for that subject.
       * If a principal of the given classe is not found, null is returned.</p>
       * @param subject The subject supplying the principals.
       * @param classe A class or interface derived from java.security.JetspeedPrincipal.
       * @return The first principal matching a principal classe parameter.
       */
      public static Principal getPrincipal(Subject subject, Class classe)
      {
          Principal principal = null;
          Iterator principals = subject.getPrincipals().iterator();
          while (principals.hasNext())
          {
              Principal p = (Principal) principals.next();
              if (classe.isInstance(p))
              {
                  principal = p;
                  break;
              }
          }
          return principal;
      }
  
      /**
       * <p>Given a subject, finds the first principal of the given classe for that subject.
       * If a principal of the given classe is not found, then the first
       * other principal is returned. If the list is empty, null is returned.</p>
       * @param subject The subject supplying the principals.
       * @param classe A class or interface derived from java.security.JetspeedPrincipal.
       * @return The first principal matching a principal classe parameter.
       */
      public static Principal getBestPrincipal(Subject subject, Class classe)
      {
  
          Principal principal = null;
          Iterator principals = subject.getPrincipals().iterator();
          while (principals.hasNext())
          {
              Principal p = (Principal) principals.next();
              if (classe.isInstance(p))
              {
                  principal = p;
                  break;
              }
              else
              {
                  if (principal == null)
                  {
                      principal = p;
                  }
              }
          }
          return principal;
      }
  
      public static String getPrincipalFullPath(Principal principal)
      {
          
          if ((UserPrincipal.class).isInstance(principal))
          {
              return UserPrincipalImpl.getFullPathFromPrincipalName(principal.getName());
          }
          else if ((RolePrincipal.class).isInstance(principal))
          {
              return RolePrincipalImpl.getFullPathFromPrincipalName(principal.getName());
          }
          else if ((GroupPrincipal.class).isInstance(principal))
          {
              return GroupPrincipalImpl.getFullPathFromPrincipalName(principal.getName());
          }
          else
          {
              return null;
          }
      }
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/PortletPermission.java
  
  Index: PortletPermission.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.security.AccessController;
  import java.security.AccessControlContext;
  import java.security.Permission;
  import java.security.PermissionCollection;
  import java.security.SecurityPermission;
  import java.util.StringTokenizer;
  
  import javax.security.auth.Subject;
  
  /**
   * <p>Portlet permission.</p>
   * <p>This code was partially inspired from articles from:</p>
   * <ul>
   *    <li><a href="http://www-106.ibm.com/developerworks/library/j-jaas/">
   *    Extend JAAS for class instance-level authorization.</a></li>
   * </ul>
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public class PortletPermission extends Permission
  {
  
      /** <p>Portlet view permission.</p> */
      static private int VIEW = 0x01;
  
      /** <p>Portlet edit permission.</p> */
      static private int EDIT = 0x02;
  
      /** <p>Portlet edit permission.</p> */
      static private int DELETE = 0x04;
  
      /** <p>Portlet minimize permission.</p> */
      static private int MINIMIZE = 0x08;
  
      /** <p>Portlet maximize permission.</p> */
      static private int MAXIMIZE = 0x10;
  
      /** <p>Portlet help permission.</p> */
      static private int HELP = 0x20;
  
      /** <p>Portlet view action.</p> */
      static final public String VIEW_ACTION = "view";
  
      /** <p>Portlet edit action.</p> */
      static final public String EDIT_ACTION = "edit";
  
      /** <p>Portlet edit action.</p> */
      static final public String DELETE_ACTION = "delete";
  
      /** <p>Portlet delete action.</p> */
      static final public String MINIMIZE_ACTION = "minimize";
  
      /** <p>Portlet maximize action.</p> */
      static final public String MAXIMIZE_ACTION = "maximize";
  
      /** <p>Portlet help action.</p> */
      static final public String HELP_ACTION = "help";
  
      /** <p>Mask used for determining what action to perform.</p> */
      int mask;
  
      /** <p>The subject the permission is being performed against.</p> */
      Subject subject;
  
      /**
       * <p>Constructor for PortletPermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public PortletPermission(String name, String actions)
      {
          this(name, actions, null);
      }
  
      /**
       * <p>Constructor for PortletPermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public PortletPermission(String name, String actions, Subject subject)
      {
          super(name);
          parseActions(actions);
          this.subject = subject;
      }
  
      /**
       * @see java.security.Permission#getActions()
       */
      public String getActions()
      {
          StringBuffer buf = new StringBuffer();
  
          if ((mask & VIEW) == VIEW)
          {
              buf.append(VIEW_ACTION);
          }
          if ((mask & EDIT) == EDIT)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(EDIT_ACTION);
          }
          if ((mask & DELETE) == DELETE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(DELETE_ACTION);
          }
          if ((mask & MINIMIZE) == MINIMIZE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(MINIMIZE_ACTION);
          }
          if ((mask & MAXIMIZE) == MAXIMIZE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(MAXIMIZE_ACTION);
          }
          if ((mask & HELP) == HELP)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(HELP_ACTION);
          }
  
          return buf.toString();
      }
  
      /**
       * @see java.security.Permission#hashCode()
       */
      public int hashCode()
      {
          StringBuffer value = new StringBuffer(getName());
          return value.toString().hashCode() ^ mask;
      }
  
      /**
       * @see java.security.Permission#equals(Object)
       */
      public boolean equals(Object object)
      {
          if (!(object instanceof PortletPermission))
              return false;
  
          PortletPermission p = (PortletPermission) object;
          boolean isEqual = ((p.getName().equals(getName())) && (p.mask == mask));
          return isEqual;
      }
  
      public boolean implies(Permission permission)
      {
          // The permission must be an instance 
          // of the PortletPermission.
          if (!(permission instanceof PortletPermission))
          {
              return false;
          }
  
          // The portlet name must be the same.
          if (!(permission.getName().equals(getName())))
          {
              return false;
          }
  
          PortletPermission portletPerm = (PortletPermission) permission;
  
          // Get the subject.
          // It was either provide in the constructor.
          Subject user = portletPerm.getSubject();
          // Or we get it from the AccessControlContext.
          if (null == user)
          {
              AccessControlContext context = AccessController.getContext();
              user = Subject.getSubject(context);
          }
          // No user was passed.  The permission must be denied.
          if (null == user)
          {
              return false;
          }
  
          // The action bits in portletPerm (permission) 
          // must be set in the current mask permission.
          if ((mask & portletPerm.mask) != portletPerm.mask)
          {
              return false;
          }
  
          return true;
      }
  
      /**
       * <p>Overrides <code>Permission.newPermissionCollection()</code>.</p>
       * @see java.security.Permission#newPermissionCollection()
       */
      public PermissionCollection newPermissionCollection()
      {
          return new PortletPermissionCollection();
      }
  
      /**
       * <p>Gets the subject.</p>
       * @return Returns a Subject
       */
      public Subject getSubject()
      {
          return subject;
      }
  
      /**
       * <p>Parses the actions string.</p>
       * <p>Actions are separated by commas or white space.</p>
       * @param actions The actions
       */
      private void parseActions(String actions)
      {
          mask = 0;
          if (actions != null)
          {
              StringTokenizer tokenizer = new StringTokenizer(actions, ",\t ");
              while (tokenizer.hasMoreTokens())
              {
                  String token = tokenizer.nextToken();
                  if (token.equals(VIEW_ACTION))
                      mask |= VIEW;
                  else if (token.equals(EDIT_ACTION))
                      mask |= EDIT;
                  else if (token.equals(DELETE_ACTION))
                      mask |= DELETE;
                  else if (token.equals(MINIMIZE_ACTION))
                      mask |= MINIMIZE;
                  else if (token.equals(MAXIMIZE_ACTION))
                      mask |= MAXIMIZE;
                  else if (token.equals(HELP_ACTION))
                      mask |= HELP;
                  else
                      throw new IllegalArgumentException("Unknown action: " + token);
              }
          }
      }
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/UserPrincipal.java
  
  Index: UserPrincipal.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  /**
   * <p>The user principal.</p>
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   * @version $Id: UserPrincipal.java,v 1.1 2004/03/10 06:08:50 dlestrat Exp $
   */
  public interface UserPrincipal extends BasePrincipal
  {
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/GroupPrincipal.java
  
  Index: GroupPrincipal.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  /**
   * <p>The group principal.</p>
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   * @version $Id: GroupPrincipal.java,v 1.1 2004/03/10 06:08:50 dlestrat Exp $
   */
  public interface GroupPrincipal extends BasePrincipal
  {
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/PortletPermissionCollection.java
  
  Index: PortletPermissionCollection.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.Collections;
  
  import java.security.Permission;
  import java.security.PermissionCollection;
  import java.util.Enumeration;
  import java.util.ArrayList;
  import java.util.Iterator;
  
  /**
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public class PortletPermissionCollection extends PermissionCollection
  {
  
      ArrayList perms = new ArrayList();
  
      /**
       * 
       */
      public PortletPermissionCollection()
      {
          super(); 
      }
  
      /**
       * @see java.security.PermissionCollection#add(java.security.Permission)
       */
      public void add(Permission permission)
      {
          perms.add(permission);
      }
  
      /**
       * @see java.security.PermissionCollection#implies(java.security.Permission)
       */
      public boolean implies(Permission permission)
      {
          for (Iterator i = perms.iterator(); i.hasNext(); ) 
          {
              if (((Permission)i.next()).implies(permission)) 
              {
                  return true;
              }
          }
          return false;
      }
  
      /**
       * @see java.security.PermissionCollection#elements()
       */
      public Enumeration elements()
      {
          return Collections.enumeration(perms);
      }
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/BasePrincipal.java
  
  Index: BasePrincipal.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.io.Serializable;
  
  import java.security.Principal;
  
  /**
  * <p>The base principal.</p>
  * @author <a href="mailto:taylor@apache.org">David Taylor</a>, <a href="mailto:dlestrat@apache.org">David Le Strat</a>
  */
  public interface BasePrincipal extends Principal, Serializable
  {
      /**
       * <p>Provides the principal full path prepending PREFS_{PRINCPAL}_ROOT if not prepended.</p>
       * @return The principal full path.
       */
      String getFullPath();
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/RolePrincipal.java
  
  Index: RolePrincipal.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
   package org.apache.jetspeed.security;
  
  /**
   * <p>The role principal.</p>
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   * @version $Id: RolePrincipal.java,v 1.1 2004/03/10 06:08:50 dlestrat Exp $
   */
  public interface RolePrincipal extends BasePrincipal
  {
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/PermissionManager.java
  
  Index: PermissionManager.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.security.Permission;
  import java.security.Permissions;
  import java.security.Principal;
  import java.util.Collection;
  
  /**
   * <p>Describe the interface for managing {@link Permission} and permission
   * association to {@link Principal}.  Permissions are used to manage Principals
   * access entitlement on specified resources.</p>
   * <p>For instance:</p>
   * <pre><code>
   * grant principal o.a.j.security.UserPrincipal "theUserPrincipal"
   * {
   *     permission o.a.j.security.PortletPermission "myportlet", "view,edit,minimize,maximize";
   * };
   * </code><pre>
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public interface PermissionManager
  {
  
      /**
       * <p>Gets the {@link Permissions} given a {@link Principal}.
       * @param principal The principal.
       * @return The permissions.
       */
      Permissions getPermissions(Principal principal);
  
      /**
       * <p>Gets the {@link Permissions} given a collection
       * of {@link Principal}.
       * @param principals A collection of principal.
       * @return The permissions.
       */
      Permissions getPermissions(Collection principals);
  
      /**
       * <p>Remove all instances of a given permission.</p>
       * @param permission The permission to remove.
       * @throws Throws a security exception.
       */
      void removePermission(Permission permission) throws SecurityException;
  
      /**
       * <p>Remove all permissions for a given principal.</p>
       * @param principal The principal.
       * @throws Throws a security exception.
       */
      void removePermissions(Principal principal) throws SecurityException;
  
      /**
       * <p>Grant a {@link Permission} to a given {@link Principal}. 
       * @param principal The principal.
       * @param permission The permission.
       * @throws Throws a security exception if the principal does not exist.
       */
      void grantPermission(Principal principal, Permission permission) throws SecurityException;
  
      /**
       * <p>Revoke a {@link Permission} from a given {@link Principal}.
       * @param principal The principal.
       * @param permission The permission.
       * @throws Throws a security exception.
       */
      void revokePermission(Principal principal, Permission permission) throws SecurityException;
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/SecurityException.java
  
  Index: SecurityException.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import org.apache.jetspeed.exception.JetspeedException;
  
  /**
   * <p>Exception throwns by members of the security service.</p>
   *
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public class SecurityException extends JetspeedException
  {
  
      /** <p>Principal does not exist exception message.</p> */
      public static final String PRINCIPAL_DOES_NOT_EXIST = "The principal does not exist.";
  
      /** <p>User principal already exists exception message.</p> */
      public static final String USER_ALREADY_EXISTS = "The user already exists.";
  
      /** <p>User principal does not exist exception message.</p> */
      public static final String USER_DOES_NOT_EXIST = "The user does not exist.";
  
      /** <p>Role principal already exists exception message.</p> */
      public static final String ROLE_ALREADY_EXISTS = "The role already exists.";
  
      /** <p>Role principal does not exist exception message.</p> */
      public static final String ROLE_DOES_NOT_EXIST = "The role does not exist.";
  
      /** <p>Group principal already exists exception message.</p> */
      public static final String GROUP_ALREADY_EXISTS = "The group already exists.";
  
      /** <p>Group principal does not exist exception message.</p> */
      public static final String GROUP_DOES_NOT_EXIST = "The group does not exist.";
  
      /**
       * <p>Default Constructor.</p>
       */
      public SecurityException()
      {
          super();
      }
  
      /**
       * <p>Constructor with exception message.</p>
       * @param message The exception message.
       */
      public SecurityException(String message)
      {
          super(message);
      }
  
      /**
       * <p>Constructor with nested exception.</p>
       * @param nested Nested exception.
       */
      public SecurityException(Throwable nested)
      {
          super(nested);
      }
  
      /**
       * <p>Constructor with exception message and nested exception.</p>
       * @param msg The exception message.
       * @param nested Nested exception.
       */
      public SecurityException(String msg, Throwable nested)
      {
          super(msg, nested);
      }
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/RoleManager.java
  
  Index: RoleManager.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.Collection;
  import java.util.prefs.Preferences;
  
  /**
   * <p>Describes the service interface for managing roles.</p>
   * <p>Role hierarchy elements are being returned as a {@link Role}
   * collection.  The backing implementation must appropriately map 
   * the role hierarchy to a preferences sub-tree.</p> 
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public interface RoleManager
  {
  
      /**
       * <p>Add a new role.</p>
       * <p>Role principal names are relative to the /role node.</p>
       * <p>Role principal path names are stored leveraging the {@link Preferences}
       * api.  Roles will be stored under /role/theGroupName/theGroupNameChild
       * when given the full path name /theRoleName/theRoleNameChild.
       * @param roleFullPathName The role name full path relative to the
       *                         /role node (e.g. /theRoleName/theRoleNameChild).
       * @throws Throws a security exception if the role already exists.
       */
      void addRole(String roleFullPathName) throws SecurityException;
  
      /**
       * <p>Remove a given role and all the children of that role.</p>
       * <p>Role principal names are relative to the /role node.</p>
       * <p>Role principal path names are stored leveraging the {@link Preferences}
       * api.  Roles will be stored under /role/theGroupName/theGroupNameChild
       * when given the full path name /theRoleName/theRoleNameChild.
       * @param roleFullPathName The role name full path relative to the
       *                         /role node (e.g. /theRoleName/theRoleNameChild).
       * @throws Throws a security exception.
       */
      void removeRole(String roleFullPathName) throws SecurityException;
  
      /**
       * <p>Whether or not a role exists.</p>
       * @param roleFullPathName The role name full path relative to the
       *                         /role node. (e.g. /theRoleName/theRoleNameChild)
       * @return Whether or not a role exists.
       */
      boolean roleExists(String roleFullPathName);
  
      /**
       * <p>Get a role {@link Role} for a given role full path name.
       * @param roleFullPathName The role name full path relative to the
       *                         /role node (e.g. /theRoleName/theRoleChildName).
       * @return The {@link Preferences} node.
       * @throws Throws a security exception if the role does not exist.
       */
      Role getRole(String roleFullPathName) throws SecurityException;
  
      /**
       * <p>A collection of {@link Role} for all the roles
       * associated to a specific user.</p>
       * @param username The user name.
       * @return A Collection of {@link Role}.
       * @throws Throws a security exception if the user does not exist.
       */
      Collection getRolesForUser(String username) throws SecurityException;
  
      /**
       * <p>A collection of {@link User} for all the users
       * in a specific role.</p>
       * @param roleFullPathName The role full path relative to
       *                         the /role node (e.g. /theRoleName/theRoleChildName)..
       * @return A Collection of {@link User}.
       * @throws Throws a security exception if the role does not exist.
       */
      Collection getUsersInRole(String roleFullPathName) throws SecurityException;
  
      /**
       * <p>A collection of {@link Role} for all the roles
       * associated to a specific group.
       * @param groupFullPathName The group full path relative to the 
       *                         /group node (e.g. /theGroupName/theGroupChildName).
       * @return A Collection of {@link Role}.
       * @throws Throws a security exception if the group does not exist.
       */
      Collection getRolesForGroup(String groupFullPathName) throws SecurityException;
  
      /**
       * <p>A collection of {@link Group} for all the groups
       * in a specific role.
       * @param roleFullPathName The role full path relative to
       *                         the /role node (e.g. /theRoleName/theRoleChildName)..
       * @return A Collection of {@link Group}.
       * @throws Throws a security exception if the role does not exist.
       */
      Collection getGroupsInRole(String roleFullPathName) throws SecurityException;
  
      /**
       * <p>Add a role to a user.</p>
       * @param username The user name.
       * @param roleFullPathName The role name full path relative to the
       *                         /role node (e.g. /theRoleName/theRoleChildName).
       * @throws Throws a security exception if the role or the user do not exist.
       */
      void addRoleToUser(String username, String roleFullPathName) throws SecurityException;
  
      /**
       * <p>Remove a user from a role.</p>
       * @param username The user name.
       * @param roleFullPathName The role name full path relative to the
       *                         /role node (e.g. /theRoleName/theRoleChildName).
       * @throws Throws a security exception.
       */
      void removeRoleFromUser(String username, String roleFullPathName) throws SecurityException;
  
      /**
       * <p>Whether or not a user is in a role.</p>
       * @param username The user name.
       * @param roleFullPathName The role name full path relative to the
       *                         /role node (e.g. /theRoleName/theRoleChildName).
       * @return Whether or not a user is in a role.
       * @throws Throws a security exception if the role or the user does not exist.
       */
      boolean isUserInRole(String username, String roleFullPathName) throws SecurityException;
  
      /**
       * <p>Add a role to a group.</p>
       * @param roleFullPathName The role full path relative to the 
       *                         /role node (e.g. /theRoleName/theRoleChildName).
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupChildName).
       * @throws Throws a security exception.
       */
      void addRoleToGroup(String roleFullPathName, String groupFullPathName) throws SecurityException;
  
      /**
       * <p>Remove a role from a group.</p>
       * @param roleFullPathName The role full path relative to the 
       *                         /role node (e.g. /theRoleName/theRoleChildName).
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupChildName).
       * @throws Throws a security exception.
       */
      void removeRoleFromGroup(String roleFullPathName, String groupFullPathName) throws SecurityException;
  
      /**
       * <p>Whether or not a role is in a group.</p>
       * @param groupFullPathName The group name full path relative to the
       *                          /group node (e.g. /theGroupName/theGroupChildName).
       * @param roleFullPathName The role full path relative to the 
       *                         /role node (e.g. /theRoleName/theRoleChildName).
       * @return Whether or not a role is in a group.
       * @throws Throws a security exception if the role or the group does not exist.
       */
      boolean isGroupInRole(String groupFullPathName, String roleFullPathName) throws SecurityException;
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/User.java
  
  Index: User.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.prefs.Preferences;
  
  import javax.security.auth.Subject;
  
  /**
   * <p>A user made of a {@link Subject} and the user {@link Preferences}.</p>
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public interface User
  {
      /**
       * <p>Getter for the user {@link Subject} populated with the 
       * application principals.</p>
       * @return The {@link Subject}.
       */
      Subject getSubject();
  
      /**
       * <p>Setter for the user {@link Subject} populated with the 
       * application principals.</p>
       * @param subject The {@link Subject}.
       */
      void setSubject(Subject subject);
  
      /**
       * <p>Getter for the user {@link Preferences} node, providing access to the
       * user preferences properties.</p>
       * @return The {@link Preferences}.
       */
      Preferences getPreferences();
  
      /**
       * <p>Setter for the user {@link Preferences} node, providing access to the
       * user preferences properties.</p>
       * @param preferences The {@link Preferences}.
       */
      void setPreferences(Preferences preferences);
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/Group.java
  
  Index: Group.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.prefs.Preferences;
  
  /**
   * <p>A group made of a {@link GroupPrincipal} and the group {@link Preferences}.</p>
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public interface Group
  {
      /**
       * <p>Getter for the group {@link GroupPrincipal}.</p>
       * @return The {@link GroupPrincipal}.
       */
      GroupPrincipal getPrincipal();
  
      /**
       * <p>Setter for the group {@link GroupPrincipal}.</p>
       * @param groupPrincipal The {@link GroupPrincipal}.
       */
      void setPrincipal(GroupPrincipal groupPrincipal);
  
      /**
       * <p>Getter for the group {@link Preferences} node, providing access to the
       * group preferences properties.</p>
       * @return The {@link Preferences}.
       */
      Preferences getPreferences();
  
      /**
       * <p>Setter for the group {@link Preferences} node, providing access to the
       * group preferences properties.</p>
       * @param preferences The {@link Preferences}.
       */
      void setPreferences(Preferences preferences);
  }
  
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/login.conf
  
  Index: login.conf
  ===================================================================
  Jetspeed {
     org.apache.jetspeed.security.impl.RdbmsLoginModule required debug=true;
  };
  
  
  1.1                  jakarta-jetspeed-2/components/security/src/java/repository_security.xml
  
  Index: repository_security.xml
  ===================================================================
  <!--
     - S E C U R I T Y  U S E R
  -->	
  <class-descriptor
      class="org.apache.jetspeed.security.om.impl.JetspeedUserPrincipalImpl"
      proxy="dynamic"
      table="SECURITY_PRINCIPAL"
  >
      <documentation>Represents a user principal.</documentation>
      <field-descriptor
          name="principalId"
          column="principal_id"
          jdbc-type="INTEGER"
          primarykey="true"
          indexed="true"
          autoincrement="true"
      >
      </field-descriptor>
      <field-descriptor
          name="classname"
          column="classname"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="fullPath"
          column="full_path"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="creationDate"
          column="creation_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <field-descriptor
          name="modifiedDate"
          column="modified_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <collection-descriptor
          name="credentials"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedCredentialImpl"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="true"
      >
          <documentation>This is the reference to security credentials.</documentation>
          <inverse-foreignkey field-ref="credentialId"/>
      </collection-descriptor>
      <collection-descriptor
          name="rolePrincipals"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedRolePrincipalImpl"
          proxy="true"
          refresh="true"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_USER_ROLE"
      >
          <documentation>This is the reference to role principals.</documentation>
          <fk-pointing-to-this-class column="USER_ID"/>
          <fk-pointing-to-element-class column="ROLE_ID"/>
      </collection-descriptor>
      <collection-descriptor
          name="groupPrincipals"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedGroupPrincipalImpl"
          proxy="true"
          refresh="true"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_USER_GROUP"
      >
          <documentation>This is the reference to group principals.</documentation>
          <fk-pointing-to-this-class column="USER_ID"/>
          <fk-pointing-to-element-class column="GROUP_ID"/>
      </collection-descriptor>
      <collection-descriptor
          name="permissions"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedPermissionImpl"
          proxy="false"
          refresh="false"
          auto-retrieve="false"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_PRINCIPAL_PERMISSION"
      >
          <documentation>This is the reference to a policy permission.</documentation>
          <fk-pointing-to-this-class column="PRINCIPAL_ID"/>
          <fk-pointing-to-element-class column="PERMISSION_ID"/>
      </collection-descriptor>
  </class-descriptor>
  
  <!--
     - S E C U R I T Y  C R E D E N T I A L
  -->
  <class-descriptor
      class="org.apache.jetspeed.security.om.impl.JetspeedCredentialImpl"
      proxy="dynamic"
      table="SECURITY_CREDENTIAL"
  >
      <field-descriptor
          name="credentialId"
          column="credential_id"
          jdbc-type="INTEGER"
          primarykey="true"
          indexed="true"
          autoincrement="true"
      >
      </field-descriptor>
      <field-descriptor
          name="principalId"
          column="principal_id"
          jdbc-type="INTEGER"
      >
      </field-descriptor>
      <field-descriptor
          name="value"
          column="value"
          jdbc-type="VARCHAR"
          nullable="false"
          length="150"
      >
      </field-descriptor>
       <field-descriptor
          name="type"
          column="type"
          jdbc-type="SMALLINT"
          nullable="false"
      >
      </field-descriptor>
      <field-descriptor
          name="classname"
          column="classname"
          jdbc-type="VARCHAR"
          nullable="true"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="creationDate"
          column="creation_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <field-descriptor
          name="modifiedDate"
          column="modified_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
  </class-descriptor>
  
  <!--
     - S E C U R I T Y  R O L E
  -->	
  <class-descriptor
      class="org.apache.jetspeed.security.om.impl.JetspeedRolePrincipalImpl"
      proxy="dynamic"
      table="SECURITY_PRINCIPAL"
  >
      <documentation>Represents a role principal.</documentation>
  	<field-descriptor
          name="principalId"
          column="principal_id"
          jdbc-type="INTEGER"
          primarykey="true"
          indexed="true"
          autoincrement="true"
      >
      </field-descriptor>
      <field-descriptor
          name="classname"
          column="classname"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="fullPath"
          column="full_path"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="creationDate"
          column="creation_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <field-descriptor
          name="modifiedDate"
          column="modified_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <collection-descriptor
          name="userPrincipals"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedUserPrincipalImpl"
          proxy="true"
          refresh="true"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_USER_ROLE"
      >
          <documentation>This is the reference to user principals.</documentation>
          <fk-pointing-to-this-class column="ROLE_ID"/>
          <fk-pointing-to-element-class column="USER_ID"/>
      </collection-descriptor>
      <collection-descriptor
          name="groupPrincipals"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedGroupPrincipalImpl"
          proxy="true"
          refresh="true"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_GROUP_ROLE"
      >
          <documentation>This is the reference to group principals.</documentation>
          <fk-pointing-to-this-class column="ROLE_ID"/>
          <fk-pointing-to-element-class column="GROUP_ID"/>
      </collection-descriptor>
      <collection-descriptor
          name="permissions"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedPermissionImpl"
          proxy="false"
          refresh="false"
          auto-retrieve="false"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_PRINCIPAL_PERMISSION"
      >
          <documentation>This is the reference to a policy permission.</documentation>
          <fk-pointing-to-this-class column="PRINCIPAL_ID"/>
          <fk-pointing-to-element-class column="PERMISSION_ID"/>
      </collection-descriptor>
  </class-descriptor>
  
  <!--
     - S E C U R I T Y  G R O U P
  -->	
  <class-descriptor
      class="org.apache.jetspeed.security.om.impl.JetspeedGroupPrincipalImpl"
      proxy="dynamic"
      table="SECURITY_PRINCIPAL"
  >
      <documentation>Represents a group principal.</documentation>
  	<field-descriptor
          name="principalId"
          column="principal_id"
          jdbc-type="INTEGER"
          primarykey="true"
          indexed="true"
          autoincrement="true"
      >
      </field-descriptor>
      <field-descriptor
          name="classname"
          column="classname"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="fullPath"
          column="full_path"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="creationDate"
          column="creation_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <field-descriptor
          name="modifiedDate"
          column="modified_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <collection-descriptor
          name="userPrincipals"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedUserPrincipalImpl"
          proxy="true"
          refresh="true"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_USER_GROUP"
      >
          <documentation>This is the reference to user principals.</documentation>
          <fk-pointing-to-this-class column="GROUP_ID"/>
          <fk-pointing-to-element-class column="USER_ID"/>
      </collection-descriptor>
      <collection-descriptor
          name="rolePrincipals"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedRolePrincipalImpl"
          proxy="true"
          refresh="true"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_GROUP_ROLE"
      >
          <documentation>This is the reference to group principals.</documentation>
          <fk-pointing-to-this-class column="GROUP_ID"/>
          <fk-pointing-to-element-class column="ROLE_ID"/>
      </collection-descriptor>
      <collection-descriptor
          name="permissions"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedPermissionImpl"
          proxy="false"
          refresh="false"
          auto-retrieve="false"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_PRINCIPAL_PERMISSION"
      >
          <documentation>This is the reference to a policy permission.</documentation>
          <fk-pointing-to-this-class column="PRINCIPAL_ID"/>
          <fk-pointing-to-element-class column="PERMISSION_ID"/>
      </collection-descriptor>
  </class-descriptor>
  
  <!--
     - S E C U R I T Y  P R I N C I P A L
  -->	
  <class-descriptor
      class="org.apache.jetspeed.security.om.impl.JetspeedPrincipalImpl"
      proxy="dynamic"
      table="SECURITY_PRINCIPAL"
  >
      <documentation>Represents a security principal in the security policy.</documentation>
      <field-descriptor
          name="principalId"
          column="principal_id"
          jdbc-type="INTEGER"
          primarykey="true"
          indexed="true"
          autoincrement="true"
      >
      </field-descriptor>
      <field-descriptor
          name="classname"
          column="classname"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="fullPath"
          column="full_path"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="creationDate"
          column="creation_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <field-descriptor
          name="modifiedDate"
          column="modified_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <collection-descriptor
          name="permissions"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedPermissionImpl"
          proxy="true"
          refresh="true"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_PRINCIPAL_PERMISSION"
      >
          <documentation>This is the reference to a policy permission.</documentation>
          <fk-pointing-to-this-class column="PRINCIPAL_ID"/>
          <fk-pointing-to-element-class column="PERMISSION_ID"/>
      </collection-descriptor>
  </class-descriptor>
  
  <!--
     - S E C U R I T Y  P E R M I S S I O N
  -->	
  <class-descriptor
      class="org.apache.jetspeed.security.om.impl.JetspeedPermissionImpl"
      proxy="dynamic"
      table="SECURITY_PERMISSION"
  >
      <documentation>Represents a security permission in the security policy.</documentation>
      <field-descriptor
          name="permissionId"
          column="permission_id"
          jdbc-type="INTEGER"
          primarykey="true"
          indexed="true"
          autoincrement="true"
      >
      </field-descriptor>
      <field-descriptor
          name="classname"
          column="classname"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="name"
          column="name"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="actions"
          column="actions"
          jdbc-type="VARCHAR"
          nullable="false"
          length="254"
      >
      </field-descriptor>
      <field-descriptor
          name="creationDate"
          column="creation_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
      <field-descriptor
          name="modifiedDate"
          column="modified_date"
          jdbc-type="TIMESTAMP"
          nullable="false"
      >
      </field-descriptor>
          <collection-descriptor
          name="principals"
          element-class-ref="org.apache.jetspeed.security.om.impl.JetspeedPrincipalImpl"
          proxy="true"
          refresh="true"
          auto-retrieve="true"
          auto-update="true"
          auto-delete="false"
          indirection-table="SECURITY_PRINCIPAL_PERMISSION"
      >
          <documentation>This is the reference to a permission principals.</documentation>
          <fk-pointing-to-this-class column="PERMISSION_ID"/>
          <fk-pointing-to-element-class column="PRINCIPAL_ID"/>
      </collection-descriptor>
  </class-descriptor>
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message