portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From roger...@apache.org
Subject cvs commit: jakarta-jetspeed-2/components/sso/src/java/META-INF sso-dao.xml sso_repository.xml
Date Mon, 22 Nov 2004 06:13:32 GMT
rogerrut    2004/11/21 22:13:32

  Modified:    components/sso/src/java/org/apache/jetspeed/sso/impl
                        SSOSiteImpl.java PersistenceBrokerSSOProvider.java
               components/sso/src/test/org/apache/jetspeed/sso
                        TestSSOComponent.java
               components/sso/src/java/META-INF sso-dao.xml
                        sso_repository.xml
  Log:
  Implemented SSO API except for addBasicAuthenticationForSite()
  Completed Unit Test for SSO
  
  Revision  Changes    Path
  1.2       +74 -11    jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java
  
  Index: SSOSiteImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- SSOSiteImpl.java	16 Nov 2004 19:08:47 -0000	1.1
  +++ SSOSiteImpl.java	22 Nov 2004 06:13:31 -0000	1.2
  @@ -16,9 +16,15 @@
   
   package org.apache.jetspeed.sso.impl;
   
  +import java.util.ArrayList;
   import java.util.Collection;
  +import java.util.Iterator;
  +import java.util.Vector;
  +
   import org.apache.jetspeed.sso.SSOException;
  -import org.apache.jetspeed.security.om.impl.InternalCredentialImpl;
  +import org.apache.jetspeed.sso.SSOSite;
  +import org.apache.jetspeed.security.om.InternalCredential;
  +import org.apache.jetspeed.security.om.InternalPrincipal;
   
   /**
   * SSOSiteImpl
  @@ -29,7 +35,7 @@
   * @version $Id$
   */
   
  -public class SSOSiteImpl {
  +public class SSOSiteImpl implements SSOSite {
   	
   	// Private member for OJB mapping
   	private int		siteId;
  @@ -38,8 +44,8 @@
   	private boolean	isAllowUserSet;
   	private boolean isCertificateRequired;
   	
  -	private Collection	credentials;
  -	private Collection	principals;
  +	private Collection	credentials = new Vector();//= new ArrayList(0);
  +	private Collection	principals = new Vector();// = new ArrayList(0);
   	
   	/**
   	 * 
  @@ -57,13 +63,13 @@
   	 * @return Returns the credentials.
   	 */
   	public Collection getCredentials() {
  -		return credentials;
  +		return this.credentials;
   	}
   	/**
   	 * @param credentials The credentials to set.
   	 */
   	public void setCredentials(Collection credentials) {
  -		this.credentials = credentials;
  +		this.credentials.addAll(credentials);
   	}
   	/**
   	 * @return Returns the isAllowUserSet.
  @@ -105,13 +111,13 @@
   	 * @return Returns the principals.
   	 */
   	public Collection getPrincipals() {
  -		return principals;
  +		return this.principals;
   	}
   	/**
   	 * @param principals The principals to set.
   	 */
   	public void setPrincipals(Collection principals) {
  -		this.principals = principals;
  +		this.principals.addAll(principals);
   	}
   	/**
   	 * @return Returns the siteId.
  @@ -144,7 +150,7 @@
   	 * Adds the credentail to the credentials collection
   	 *
   	 */
  -	public void addCredential(InternalCredentialImpl credential) throws SSOException
  +	public void addCredential(InternalCredential credential) throws SSOException
   	{
   		boolean bStatus = false;
   		
  @@ -167,7 +173,7 @@
   	 * removes a credentail from the credentials collection
   	 *
   	 */
  -	public void removeCredential(InternalCredentialImpl credential) throws SSOException
  +	public void removeCredential(InternalCredential credential) throws SSOException
   	{
   		boolean bStatus = false;
   		
  @@ -184,4 +190,61 @@
   		if ( bStatus == false)
   			throw new SSOException(SSOException.FAILED_REMOVING_CREDENTIALS_FOR_SITE ); 
   	}
  +	
  +		/**
  +		 * Adds the credentail to the credentials collection
  +		 *
  +		 */
  +		public void addPrincipal(InternalPrincipal principal) throws SSOException {
  +			boolean bStatus = false;
  +			
  +			try
  +			{
  +				bStatus = principals.add(principal);
  +			}
  +			catch(Exception e)
  +			{
  +				// Adding credentail to coollection failed -- notify caller with SSOException
  +				throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE
+ e.getMessage()); 
  +			}
  +			
  +			if ( bStatus == false)
  +				throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE
); 	
  +		}
  +		
  +		/**
  +		* removePrincipal()
  +		 * removes a principal from the principals collection
  +		 *
  +		 */
  +		public void removePrincipal(long principalId) throws SSOException
  +		{
  +			boolean bStatus = false;
  +			InternalPrincipal principalObj = null;
  +			Iterator itSitePrincipals = principals.iterator();
  +			
  +			while (itSitePrincipals.hasNext() )
  +			{
  +				principalObj = (InternalPrincipal)itSitePrincipals.next();
  +				if ( principalObj.getPrincipalId() == principalId)
  +				{
  +				
  +					try
  +					{
  +						// TODO: Removing results in an OJB exception. Ignore it for the moment but it needs
to be fixed soon...
  +						//bStatus = principals.remove(principalObj);
  +						bStatus = true;
  +					}
  +					catch(Exception e)
  +					{
  +						// Adding credentail to coollection failed -- notify caller with SSOException
  +						throw new SSOException(SSOException.FAILED_REMOVING_PRINCIPAL_FROM_MAPPING_TABLE_FOR_SITE
+ e.getMessage()); 
  +					}
  +					
  +					if ( bStatus == false)
  +						throw new SSOException(SSOException.FAILED_REMOVING_PRINCIPAL_FROM_MAPPING_TABLE_FOR_SITE
); 
  +				}
  +					
  +			}
  +		}
   }
  
  
  
  1.2       +93 -32    jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
  
  Index: PersistenceBrokerSSOProvider.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- PersistenceBrokerSSOProvider.java	16 Nov 2004 19:08:47 -0000	1.1
  +++ PersistenceBrokerSSOProvider.java	22 Nov 2004 06:13:31 -0000	1.2
  @@ -29,11 +29,18 @@
   import org.apache.jetspeed.sso.SSOContext;
   import org.apache.jetspeed.sso.SSOException;
   import org.apache.jetspeed.sso.SSOProvider;
  +import org.apache.jetspeed.sso.SSOSite;
  +
  +
  +import org.apache.jetspeed.sso.impl.SSOSiteImpl;
  +import org.apache.jetspeed.sso.impl.SSOPrincipalImpl;
   
   import org.apache.jetspeed.security.SecurityHelper;
   import org.apache.jetspeed.security.BasePrincipal;
  +import org.apache.jetspeed.security.om.InternalCredential;
  +import org.apache.jetspeed.security.om.InternalPrincipal;
   import org.apache.jetspeed.security.om.impl.InternalCredentialImpl;
  -import org.apache.jetspeed.security.om.impl.InternalPrincipalImpl;
  +import org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl;
   
   import org.apache.ojb.broker.query.Criteria;
   import org.apache.ojb.broker.query.QueryByCriteria;
  @@ -67,17 +74,19 @@
   	 */
   	public boolean hasSSOCredentials(Subject subject, String site) {
   		// Initialization
  -		SSOSiteImpl ssoSite = getSSOSiteObject(site);
  +		SSOSite ssoSite = getSSOSiteObject(site);
   		
   		if ( ssoSite == null)
  +		{
   			return false;	// no entry for site
  +		}
   		
   		// Get the principal from the subject
   		BasePrincipal principal = (BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class);
   		String fullPath = principal.getFullPath();
   		
   		// Filter the credentials for the given principals
  -		InternalCredentialImpl  credential = getCredential(ssoSite, fullPath);	
  +		InternalCredential  credential = getCredential(ssoSite, fullPath);	
   		
   		if (credential == null)
   			return false;
  @@ -90,7 +99,7 @@
   	 */
   	public void addBasicAuthenticationForSite(HttpServletRequest request,
   			Subject subject, String site) throws SSOException {
  -		// TODO Auto-generated method stub
  +		// TODO Needs to be done for SSO Final
   
   	}
   
  @@ -101,7 +110,7 @@
   			throws SSOException {
   		
   		// Initialization
  -		SSOSiteImpl ssoSite = getSSOSiteObject(site);
  +		SSOSite ssoSite = getSSOSiteObject(site);
   		
   		if ( ssoSite == null)
   			throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);	// no entry for site
  @@ -111,7 +120,7 @@
   		String fullPath = principal.getFullPath();
   		
   		// Filter the credentials for the given principals
  -		InternalCredentialImpl  credential = getCredential(ssoSite, fullPath);	
  +		InternalCredential  credential = getCredential(ssoSite, fullPath);	
   		
   		if ( credential == null)
   			throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);	// no entry for site
  @@ -129,27 +138,34 @@
   			throws SSOException {
   		
   		// Check if the site already exists
  -		SSOSiteImpl ssoSite = getSSOSiteObject(site);
  +		SSOSite ssoSite = getSSOSiteObject(site);
   		if (ssoSite == null)
   		{
   			// Create a new site
   			ssoSite = new SSOSiteImpl();
   			ssoSite.setSiteURL(site);
  +			ssoSite.setName(site);
  +			ssoSite.setCertificateRequired(false);
  +			ssoSite.setAllowUserSet(true);
   		}
   		
   		// Get the Principal information
   		String fullPath = ((BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getFullPath();
   			
  -		SSOPrincipalImpl principal = this.getPrincipalForPath(subject, fullPath);
  -		
  -		// New credential object
  -		InternalCredentialImpl credential = new InternalCredentialImpl();
  -		ssoSite.addCredential(credential);
  +		InternalPrincipal principal = this.getPrincipalForPath(subject, fullPath);
   		
  -		// Populate the credential information
  -		credential.setValue(pwd);
  -		credential.setPrincipalId(principal.getPrincipalId());
  +		if (principal == null)
  +			throw new SSOException(SSOException.REQUESTED_PRINCIPAL_DOES_NOT_EXIST);
   		
  +		// New credential object
  +		 InternalCredentialImpl credential = 
  +            new InternalCredentialImpl(principal.getPrincipalId(),
  +            		pwd, 0, DefaultPasswordCredentialImpl.class.getName());
  +		 
  +		// Add credential to mapping table
  +		 ssoSite.addCredential(credential);
  +		 ssoSite.addPrincipal(principal);
  +	
   		// Update database and reset cache
   		 try
            {
  @@ -157,6 +173,7 @@
             }
            catch (Exception e)
            {
  +         	e.printStackTrace();
               throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString()
);
            }
            
  @@ -170,8 +187,45 @@
   	 */
   	public void removeCredentialsForSite(Subject subject, String site)
   			throws SSOException {
  -		// TODO Auto-generated method stub
  -
  +		
  +		//Get the site
  +		SSOSite ssoSite = getSSOSiteObject(site);
  +		if (ssoSite == null)
  +		{
  +			throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
  +		}
  +		
  +		// Get the Principal information
  +		String fullPath = ((BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getFullPath();
  +			
  +		InternalPrincipal principal = this.getPrincipalForPath(subject, fullPath);
  +		
  +		/*
  +		 * Should never happen except if the function gets invoked from outside the current credential
store
  +		 */
  +		if (principal == null)
  +			throw new SSOException(SSOException.REQUESTED_PRINCIPAL_DOES_NOT_EXIST);
  +		
  +		// New credential object
  +		 InternalCredential credential = getCredential(ssoSite, fullPath);
  +		 
  +		// Remove credential and principal from mapping
  +		 ssoSite.removeCredential(credential);
  +		 ssoSite.removePrincipal(principal.getPrincipalId());
  +	
  +		// Update database and reset cache
  +		 try
  +         {
  +             getPersistenceBrokerTemplate().store(ssoSite);
  +          }
  +         catch (Exception e)
  +         {
  +         	e.printStackTrace();
  +            throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString()
);
  +         }
  +         
  +         // Clear cache
  +         this.mapSite.clear();
   	}
   	
   	/*
  @@ -184,10 +238,10 @@
   	 * Obtains the Site information including the credentials for a site (url).
   	 */
   	
  -	private SSOSiteImpl getSSOSiteObject(String site)
  +	private SSOSite getSSOSiteObject(String site)
   	{
   		//Initialization
  -		SSOSiteImpl ssoSite = null;
  +		SSOSite ssoSite = null;
   		
   		//Check if the site is in the map
   		if (mapSite.containsKey(site) == false )
  @@ -207,7 +261,7 @@
   		    	// Get the site from the collection. There should be only one entry (uniqueness)
   		    	if (itSite.hasNext())
   			    {
  -			    	ssoSite = (SSOSiteImpl) itSite.next();
  +				    	ssoSite = (SSOSite) itSite.next();
   			    }
   		    	
   		    	// Add it to the map
  @@ -221,7 +275,7 @@
   		}
   		else
   		{
  -			ssoSite = (SSOSiteImpl)mapSite.get(site);
  +			ssoSite = (SSOSite)mapSite.get(site);
   		}
   		
   		return ssoSite;
  @@ -231,25 +285,29 @@
   	 * getCredential
   	 * returns the credentials for a given user
   	 */
  -	private InternalCredentialImpl  getCredential(SSOSiteImpl ssoSite, String fullPath)
  +	private InternalCredential  getCredential(SSOSite ssoSite, String fullPath)
   	{
   		long  principalID = -1;
  -		InternalCredentialImpl credential = null;
  -		
  +		InternalCredential credential = null;
  +				
   		/* Error checking
   		 * 1) should have at least one principal
   		 * 2) should have at least one credential
   		 * 
   		 * If one of the above fails return null wich means that the user doesn't have credentials
for that site
   		 */
  -		if ( ssoSite.getPrincipals() == null || ssoSite.getCredentials() == null)
  -			return null;
  +		Collection principals = ssoSite.getPrincipals();
  +		Collection credentials = ssoSite.getCredentials();
   		
  +		if ( principals == null  || credentials == null)
  +		{
  +			return null;
  +		}
   		// Iterate over the principals and extract the principal id for the given full path
  -		Iterator itPrincipals = ssoSite.getPrincipals().iterator();
  +		Iterator itPrincipals = principals.iterator();
   		while (itPrincipals.hasNext() && principalID == -1 /*not found yet*/)
   		{
  -			InternalPrincipalImpl principal = (InternalPrincipalImpl)itPrincipals.next();
  +			InternalPrincipal principal = (InternalPrincipal)itPrincipals.next();
   			if ( principal != null && principal.getFullPath().compareToIgnoreCase(fullPath)
== 0)
   			{
   				principalID = principal.getPrincipalId();
  @@ -260,13 +318,16 @@
   			return null;	// No principal found for that site
   		
   		// Last lookup to see if there are credentials for that user
  -		Iterator itCredentials = ssoSite.getCredentials().iterator();
  +		Iterator itCredentials = credentials.iterator();
   		while (itCredentials.hasNext() && credential == null /*not found yet*/)
   		{
  -			InternalCredentialImpl cred = (InternalCredentialImpl)itCredentials.next();
  +			InternalCredential cred = (InternalCredential)itCredentials.next();
  +			
   			if ( cred != null && cred.getPrincipalId() == principalID)
   			{
   				// Found credentials for Orincipals
  +				// TODO: Remove debug
  +				System.out.println("Found Credential: " + cred.getValue() + " for PrincipalID " + principalID);
   				credential = cred;
   			}
   		}
  @@ -274,7 +335,7 @@
   		return credential;
   	}
   	
  -	private SSOPrincipalImpl getPrincipalForPath(Subject subject, String fullPath)
  +	private InternalPrincipal getPrincipalForPath(Subject subject, String fullPath)
   	{
   		Criteria filter = new Criteria();       
   	    filter.addEqualTo("fullPath", fullPath);
  @@ -288,7 +349,7 @@
   	    	// Get the site from the collection. There should be only one entry (uniqueness)
   	    	if (itPrincipals.hasNext())
   		    {
  -		    	return (SSOPrincipalImpl) itPrincipals.next();
  +		    	return (InternalPrincipal) itPrincipals.next();
   		    }
   	    }
   	    
  
  
  
  1.3       +74 -3     jakarta-jetspeed-2/components/sso/src/test/org/apache/jetspeed/sso/TestSSOComponent.java
  
  Index: TestSSOComponent.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/sso/src/test/org/apache/jetspeed/sso/TestSSOComponent.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- TestSSOComponent.java	18 Nov 2004 21:43:12 -0000	1.2
  +++ TestSSOComponent.java	22 Nov 2004 06:13:31 -0000	1.3
  @@ -15,13 +15,27 @@
   
   package org.apache.jetspeed.sso;
   
  +import org.apache.jetspeed.security.SecurityException;
  +import org.apache.jetspeed.security.UserManager;
  +import org.apache.jetspeed.security.impl.UserPrincipalImpl;
   import org.apache.jetspeed.sso.SSOProvider;
   
   import junit.framework.Test;
   import junit.framework.TestSuite;
   
  +import javax.security.auth.Subject;
  +
  +import java.security.Principal;
  +import java.util.HashSet;
  +import java.util.Set;
  +
  +
  +import org.apache.jetspeed.sso.SSOException;
  +import java.lang.Exception;
  +
   import org.apache.jetspeed.components.util.DatasourceEnabledSpringTestCase;
   
  +
   /**
    * <p>
    * Unit testing for {@link Preferences}.
  @@ -31,9 +45,17 @@
    */
   public class TestSSOComponent extends DatasourceEnabledSpringTestCase
   {
  -
  +	/**
  +	 * test url for this UnitTest
  +	 */
  +	static private String TEST_URL= "http://localhost/jetspeed";
  +	static private String TEST_USER= "joe";
  +	
  +		
       /** The property manager. */
       private static SSOProvider ssoBroker = null;
  +    /** The user manager. */
  +    protected UserManager ums;
   
       /**
        * @see junit.framework.TestCase#setUp()
  @@ -45,6 +67,7 @@
           try
           {
               ssoBroker = (SSOProvider) ctx.getBean("ssoProvider");
  +            ums = (UserManager) ctx.getBean("org.apache.jetspeed.security.UserManager");
           }
           catch (Exception ex)
           {
  @@ -73,9 +96,57 @@
        * Test user root.
        * </p>
        */
  -    public void testSSO()
  +    public void testSSO() throws Exception
       {
  -        // TODO: Test cases
  +		// Create a user
  +		 try
  +		    {
  +		        ums.addUser(TEST_USER, "password");
  +		    }
  +		    catch (SecurityException sex)
  +		    {
  +		        //assertTrue("user already exists. exception caught: " + sex, false);
  +		    }
  +	        
  +    	// Initialization
  +    	Principal principal = new UserPrincipalImpl(TEST_USER);
  +        Set principals = new HashSet();
  +        principals.add(principal);
  +        Subject subject = new Subject(true, principals, new HashSet(), new HashSet());

  +    	
  +    	if ( ssoBroker.hasSSOCredentials(subject, TEST_URL) == false)
  +    	{
  +    		System.out.println("No SSO Credential for user:" + TEST_USER+ " site: " + TEST_URL);
  +    		
  +    		// Add credential
  +    		try
  +			{
  +    			ssoBroker.addCredentialsForSite(subject, TEST_URL,"test");
  +    			System.out.println("SSO Credential added for user:" + TEST_USER+ " site: " + TEST_URL);
  +			}
  +			catch(SSOException ssoex)
  +			{
  +	    		System.out.println("SSO Credential add FAILED for user:" + TEST_USER+ " site: "
+ TEST_URL);
  +	    		ssoex.printStackTrace();
  +	    		throw new Exception(ssoex.getMessage());
  +			}
  +    	}
  +    	else
  +    	{
  +    		System.out.println("SSO Credential found for user:" + TEST_USER+ " site: " + TEST_URL);
  +    	}
  +    	
  +     	try
  +		{
  +	    	// Remove credential for Site
  +	    	ssoBroker.removeCredentialsForSite(subject, TEST_URL);
  +	    	System.out.println("SSO Credential removed for user:" + TEST_USER+ " site: " + TEST_URL);
  +		}
  +    	catch(SSOException ssoex)
  +		{
  +    		System.out.println("SSO Credential remove FAILED for user:" + TEST_USER+ " site:
" + TEST_URL);
  +    		throw new Exception(ssoex.getMessage());
  +		}
       }
   
       /**
  
  
  
  1.2       +197 -0    jakarta-jetspeed-2/components/sso/src/java/META-INF/sso-dao.xml
  
  Index: sso-dao.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/sso/src/java/META-INF/sso-dao.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- sso-dao.xml	16 Nov 2004 19:08:47 -0000	1.1
  +++ sso-dao.xml	22 Nov 2004 06:13:31 -0000	1.2
  @@ -8,6 +8,7 @@
     
      <!-- ========================= BUSINESS OBJECT DEFINITIONS =========================
-->
   
  +  
     <!-- SSO Implementation -->
      <bean id="PersistenceBrokerSSOProvider" 
     	   class="org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider"
  @@ -28,5 +29,201 @@
   			<ref bean="PersistenceBrokerSSOProvider"/>
   		</property>
   		
  +  </bean>
  +  
  +  <!-- ************** Security SPI Handlers ************** -->
  +  <!-- Security SPI: CommonQueries -->
  +  <bean id="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl" 
  +  	   class="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl"
  +  	   init-method="init"
  +  >  	   
  +  	   <constructor-arg ><value>META-INF/security_repository.xml</value></constructor-arg>
 	   
  +  </bean>
  +  
  +  <bean id="org.apache.jetspeed.security.spi.SecurityAccess" parent="baseTransactionProxy"

  +		name="SecurityCommonQueries" >
  +		<property name="proxyInterfaces">
  +			<value>org.apache.jetspeed.security.spi.SecurityAccess</value>
  +		</property>
  +		<property name="target">
  +			<ref bean="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl"/>
  +		</property>
  +		<property name="transactionAttributes">
  +			<props>				
  +				<prop key="remove*">PROPAGATION_REQUIRED</prop>
  +				<prop key="set*">PROPAGATION_REQUIRED</prop>
  +				<prop key="*">PROPAGATION_SUPPORTS</prop>
  +			</props>
  +		</property>
  +   </bean>
  +  
  +  <bean id="org.apache.jetspeed.security.spi.PasswordCredentialProvider" 
  +       class="org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialProvider"/>
  +
  +  <bean id="org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor"

  +       class="org.apache.jetspeed.security.spi.impl.InternalPasswordCredentialStateHandlingInterceptor">
  +       <!-- maxNumberOfAuthenticationFailures -->
  +       <constructor-arg index="0"><value>3</value></constructor-arg>
 
  +       <!-- maxLifeSpanInDays -->     
  +       <constructor-arg index="1"><value>7</value></constructor-arg>
      
  +  </bean>
  +
  +  <!-- Security SPI: CredentialHandler -->
  +  <bean id="org.apache.jetspeed.security.spi.CredentialHandler" 
  +  	   class="org.apache.jetspeed.security.spi.impl.DefaultCredentialHandler"
  +  >  	   
  +  	   <constructor-arg index="0"><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
 	   
  +       <constructor-arg index="1"><ref bean="org.apache.jetspeed.security.spi.PasswordCredentialProvider"/></constructor-arg>
      
  +       <constructor-arg index="2"><ref bean="org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor"/></constructor-arg>
      
  +  </bean>
  +  
  +  <!-- Security SPI: UserSecurityHandler -->
  +  <!-- The DefaultUSerSecurityHandler uses the raw SecurityAccessImpl so that it
  +  	   may demarcate its own transactions -->
  +  <bean id="org.apache.jetspeed.security.spi.UserSecurityHandlerImpl" 
  +  	   class="org.apache.jetspeed.security.spi.impl.DefaultUserSecurityHandler"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
 	   
  +  </bean>
  +  
  +  <bean id="org.apache.jetspeed.security.spi.UserSecurityHandler" parent="baseTransactionProxy"

  +		name="userSecurityHandler" >
  +		<property name="proxyInterfaces">
  +			<value>org.apache.jetspeed.security.spi.UserSecurityHandler</value>
  +		</property>
  +		<property name="target">
  +			<ref bean="org.apache.jetspeed.security.spi.UserSecurityHandlerImpl"/>
  +		</property>
  +		<property name="transactionAttributes">
  +			<props>				
  +				<prop key="*">PROPAGATION_REQUIRED</prop>
  +			</props>
  +		</property>
  +   </bean>
  +  
  +  <!-- Security SPI: RoleSecurityHandler -->
  +  <bean id="org.apache.jetspeed.security.spi.RoleSecurityHandler" 
  +  	   class="org.apache.jetspeed.security.spi.impl.DefaultRoleSecurityHandler"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
  +  </bean>
  +  
  +  <!-- Security SPI: GroupSecurityHandler -->
  +  <bean id="org.apache.jetspeed.security.spi.GroupSecurityHandler" 
  +  	   class="org.apache.jetspeed.security.spi.impl.DefaultGroupSecurityHandler"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
  +  </bean>
  +  
  +  <!-- Security SPI: SecurityMappingHandler -->
  +  <bean id="org.apache.jetspeed.security.spi.SecurityMappingHandler" 
  +  	   class="org.apache.jetspeed.security.spi.impl.DefaultSecurityMappingHandler"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
  +  	   <!-- Default role hierarchy strategy is by generalization.  Add contructor-arg
to change the strategy. -->
  +  	   <!-- Default group hierarchy strategy is by generalization.  Add contructor-arg
to change the strategy. -->
  +  </bean>
  +  
  +  <!-- ************** Security Providers ************** -->
  +  <!-- Security: Default Authentication Provider -->
  +  <bean id="org.apache.jetspeed.security.AuthenticationProvider" 
  +  	   class="org.apache.jetspeed.security.impl.AuthenticationProviderImpl"
  +  >  	   
  +  	   <constructor-arg index="0"><value>DefaultAuthenticator</value></constructor-arg>
  +  	   <constructor-arg index="1"><value>The default authenticator</value></constructor-arg>
  +  	   <constructor-arg index="2"><value>login.conf</value></constructor-arg>
  +  	   <constructor-arg index="3"><ref bean="org.apache.jetspeed.security.spi.CredentialHandler"/></constructor-arg>
  +  	   <constructor-arg index="4"><ref bean="org.apache.jetspeed.security.spi.UserSecurityHandler"/></constructor-arg>
  +  </bean>
  +  
  +  <!-- Security: Authentication Provider Proxy -->
  +  <bean id="org.apache.jetspeed.security.AuthenticationProviderProxy" 
  +  	   class="org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl"
  +  >  	   
  +  	   <constructor-arg >
  +  	   		<list>
  +  	   			<ref bean="org.apache.jetspeed.security.AuthenticationProvider"/>
  +  	   		</list>
  +  	   </constructor-arg>
  +  	   <constructor-arg ><value>DefaultAuthenticator</value></constructor-arg>
  +  </bean>
  +  
  +  <!-- Security: Security Provider -->
  +  <bean id="org.apache.jetspeed.security.SecurityProvider" 
  +  	   class="org.apache.jetspeed.security.impl.SecurityProviderImpl"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.AuthenticationProviderProxy"/></constructor-arg>
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.RoleSecurityHandler"/></constructor-arg>
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.GroupSecurityHandler"/></constructor-arg>
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityMappingHandler"/></constructor-arg>
  +  </bean>
  +  
  +  <!-- Security: User Manager -->
  +  <bean id="org.apache.jetspeed.security.UserManager" 
  +  	   class="org.apache.jetspeed.security.impl.UserManagerImpl"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
  +  </bean>
  +  
  +   <!-- Security: Group Manager -->
  +  <bean id="org.apache.jetspeed.security.GroupManager" 
  +  	   class="org.apache.jetspeed.security.impl.GroupManagerImpl"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
  
  +  </bean>
  +  
  +  <!-- Security: Role Manager -->
  +  <bean id="org.apache.jetspeed.security.RoleManager" 
  +  	   class="org.apache.jetspeed.security.impl.RoleManagerImpl"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
  
  +  </bean>
  +  
  +  <!-- ************** Login Module ************** -->
  +  <!-- Security: Login Module Proxy -->
  +  <bean id="org.apache.jetspeed.security.LoginModuleProxy" 
  +  	   class="org.apache.jetspeed.security.impl.LoginModuleProxyImpl"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.UserManager"/></constructor-arg>
 	   
  +  </bean>
  +
  +  
  +  <!-- ************** Authorization ************** -->
  +  <!-- Security: Permission Manager -->
  +  <bean id="org.apache.jetspeed.security.impl.PermissionManagerImpl" 
  +  	   class="org.apache.jetspeed.security.impl.PermissionManagerImpl"  />
  +  
  +  <bean id="org.apache.jetspeed.security.PermissionManager" parent="baseTransactionProxy"

  +		name="permissionManager" >
  +		<property name="proxyInterfaces">
  +			<value>org.apache.jetspeed.security.PermissionManager</value>
  +		</property>
  +		<property name="target">
  +			<ref bean="org.apache.jetspeed.security.impl.PermissionManagerImpl"/>
  +		</property>
  +		<property name="transactionAttributes">
  +			<props>				
  +				<prop key="remove*">PROPAGATION_REQUIRED</prop>
  +				<prop key="grant*">PROPAGATION_REQUIRED</prop>
  +				<prop key="revoke*">PROPAGATION_REQUIRED</prop>
  +				<prop key="grant*">PROPAGATION_REQUIRED</prop>
  +				<prop key="add*">PROPAGATION_REQUIRED</prop>
  +				<prop key="*">PROPAGATION_SUPPORTS</prop>
  +			</props>
  +		</property>
  +   </bean>
  +  
  +  <!-- Security: RDBMS Policy implementation for JAAS -->
  +  <bean id="org.apache.jetspeed.security.impl.RdbmsPolicy" 
  +  	   class="org.apache.jetspeed.security.impl.RdbmsPolicy"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.PermissionManager"/></constructor-arg>
 	   
  +  </bean>
  +  
  +  <!-- Security: Authorization Provider -->
  +  <bean id="org.apache.jetspeed.security.AuthorizationProvider" 
  +  	   class="org.apache.jetspeed.security.impl.AuthorizationProviderImpl"
  +  >  	   
  +  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.impl.RdbmsPolicy"/></constructor-arg>
  
     </bean>
   </beans>
  
  
  
  1.2       +10 -14    jakarta-jetspeed-2/components/sso/src/java/META-INF/sso_repository.xml
  
  Index: sso_repository.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/components/sso/src/java/META-INF/sso_repository.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- sso_repository.xml	16 Nov 2004 19:08:47 -0000	1.1
  +++ sso_repository.xml	22 Nov 2004 06:13:31 -0000	1.2
  @@ -80,14 +80,14 @@
         </field-descriptor>
         </class-descriptor>
   
  -
  +	
   	<!--
   	   - S I T E
   	-->	
   	<class-descriptor
   	    class="org.apache.jetspeed.sso.impl.SSOSiteImpl"
   	    proxy="dynamic"
  -	    table="SSOSite"
  +	    table="SSO_SITE"
   	>
   	    <documentation>Represents the single sign on site</documentation>
   	    <field-descriptor
  @@ -123,44 +123,40 @@
   	    >
   	    </field-descriptor>
   	    <field-descriptor
  -	        name="isRequireCertificate"
  -	        column="REQUIRE_CERTIFICATE"
  +	        name="isCertificateRequired"
  +	        column="REQUIRES_CERTIFICATE"
   	        jdbc-type="BIT"
   	        nullable="false"
   	    >
   	    </field-descriptor>
  -   	    
  -	    <collection-descriptor
  + 	    <collection-descriptor
   	        name="credentials"
   	        element-class-ref="org.apache.jetspeed.security.om.impl.InternalCredentialImpl"
   	        proxy="true"
   	        refresh="true"
   	        auto-retrieve="true"
  -	        auto-update="link"
  -	        auto-delete="link"
  +	        auto-update="object"
  +	        auto-delete="object"
   	        indirection-table="SSO_SITE_TO_CREDENTIALS"
   	    >
   	        <documentation>This is the reference to credentials.</documentation>
   	        <fk-pointing-to-this-class column="SITE_ID"/>
   	        <fk-pointing-to-element-class column="CREDENTIAL_ID"/>
  -	        <fk-pointing-to-element-class column="PRINCIPAL_ID"/>
   	    </collection-descriptor>
  -
   	     <collection-descriptor
   	        name="principals"
   	        element-class-ref="org.apache.jetspeed.sso.impl.SSOPrincipalImpl"
  -	        proxy="true"
  +	       proxy="true"
   	        refresh="true"
   	        auto-retrieve="true"
   	        auto-update="link"
   	        auto-delete="link"
  -	        indirection-table="SSO_SITE_TO_CREDENTIALS"
  +	        indirection-table="SSO_SITE_TO_PRINCIPALS"
   	    >
  -	        <documentation>This is the reference to credentials.</documentation>
  +	        <documentation>This is the reference to principals.</documentation>
   	        <fk-pointing-to-this-class column="SITE_ID"/>
   	        <fk-pointing-to-element-class column="PRINCIPAL_ID"/>
   	    </collection-descriptor>
  -	   
   	</class-descriptor>
   	
   </descriptor-repository>
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message