portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r470544 [4/4] - in /portals/jetspeed-2/trunk/components/serializer: ./ src/java/org/apache/jetspeed/serializer/ src/java/org/apache/jetspeed/serializer/objects/ test/assembly/ test/assembly/boot/
Date Thu, 02 Nov 2006 22:07:24 GMT
Added: portals/jetspeed-2/trunk/components/serializer/test/assembly/security-managers.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/serializer/test/assembly/security-managers.xml?view=auto&rev=470544
==============================================================================
--- portals/jetspeed-2/trunk/components/serializer/test/assembly/security-managers.xml (added)
+++ portals/jetspeed-2/trunk/components/serializer/test/assembly/security-managers.xml Thu
Nov  2 14:07:22 2006
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+  
+  <!-- Security: User Manager -->
+  <bean id="org.apache.jetspeed.security.UserManager" 
+  	   class="org.apache.jetspeed.security.impl.UserManagerImpl"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
+  </bean>
+  
+   <!-- Security: Group Manager -->
+  <bean id="org.apache.jetspeed.security.GroupManager" 
+  	   class="org.apache.jetspeed.security.impl.GroupManagerImpl"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
  
+  </bean>
+  
+  <!-- Security: Role Manager -->
+  <bean id="org.apache.jetspeed.security.RoleManager" 
+  	   class="org.apache.jetspeed.security.impl.RoleManagerImpl"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
  
+  </bean>
+  
+  <!-- Security: Permission Manager -->
+  <bean id="org.apache.jetspeed.security.impl.PermissionManagerImpl" 
+  	   class="org.apache.jetspeed.security.impl.PermissionManagerImpl"  />
+  
+  <bean id="org.apache.jetspeed.security.PermissionManager" parent="baseTransactionProxy"

+		name="permissionManager" >
+		<property name="proxyInterfaces">
+			<value>org.apache.jetspeed.security.PermissionManager</value>
+		</property>
+		<property name="target">
+			<ref bean="org.apache.jetspeed.security.impl.PermissionManagerImpl"/>
+		</property>
+		<property name="transactionAttributes">
+			<props>				
+				<prop key="remove*">PROPAGATION_REQUIRED</prop>
+				<prop key="grant*">PROPAGATION_REQUIRED</prop>
+				<prop key="revoke*">PROPAGATION_REQUIRED</prop>
+				<prop key="grant*">PROPAGATION_REQUIRED</prop>
+				<prop key="add*">PROPAGATION_REQUIRED</prop>
+				<prop key="update*">PROPAGATION_REQUIRED</prop>
+				<prop key="*">PROPAGATION_SUPPORTS</prop>
+			</props>
+		</property>
+   </bean>
+
+</beans>

Added: portals/jetspeed-2/trunk/components/serializer/test/assembly/security-providers.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/serializer/test/assembly/security-providers.xml?view=auto&rev=470544
==============================================================================
--- portals/jetspeed-2/trunk/components/serializer/test/assembly/security-providers.xml (added)
+++ portals/jetspeed-2/trunk/components/serializer/test/assembly/security-providers.xml Thu
Nov  2 14:07:22 2006
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Security Providers ************** -->
+  <!-- Security: Default Authentication Provider -->
+  <bean id="org.apache.jetspeed.security.AuthenticationProvider" 
+  	   class="org.apache.jetspeed.security.impl.AuthenticationProviderImpl"
+  >  	   
+  	   <constructor-arg index="0"><value>DefaultAuthenticator</value></constructor-arg>
+  	   <constructor-arg index="1"><value>The default authenticator</value></constructor-arg>
+  	   <constructor-arg index="2"><value>login.conf</value></constructor-arg>
+  	   <constructor-arg index="3"><ref bean="org.apache.jetspeed.security.spi.CredentialHandler"/></constructor-arg>
+  	   <constructor-arg index="4"><ref bean="org.apache.jetspeed.security.spi.UserSecurityHandler"/></constructor-arg>
+  </bean>
+  
+  <!-- Security: Authentication Provider Proxy -->
+  <bean id="org.apache.jetspeed.security.AuthenticationProviderProxy" 
+  	   class="org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl"
+  >  	   
+  	   <constructor-arg >
+  	   		<list>
+  	   			<ref bean="org.apache.jetspeed.security.AuthenticationProvider"/>
+  	   		</list>
+  	   </constructor-arg>
+  	   <constructor-arg ><value>DefaultAuthenticator</value></constructor-arg>
+  </bean>
+  
+  <!-- Security: Security Provider -->
+  <bean id="org.apache.jetspeed.security.SecurityProvider" 
+  	   class="org.apache.jetspeed.security.impl.SecurityProviderImpl"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.AuthenticationProviderProxy"/></constructor-arg>
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.RoleSecurityHandler"/></constructor-arg>
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.GroupSecurityHandler"/></constructor-arg>
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityMappingHandler"/></constructor-arg>
+  </bean>
+  
+  <!-- Security: Authorization Provider -->
+  <bean id="org.apache.jetspeed.security.AuthorizationProvider" 
+  	   class="org.apache.jetspeed.security.impl.AuthorizationProviderImpl"
+  >  	   
+  	   <constructor-arg index="0"><ref bean="org.apache.jetspeed.security.impl.RdbmsPolicy"/></constructor-arg>
+  	   <!-- Does not use the default policy as a default behavior -->
+  	   <constructor-arg index="1"><value>false</value></constructor-arg>
  
+  </bean>
+
+</beans>

Added: portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi-atn.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi-atn.xml?view=auto&rev=470544
==============================================================================
--- portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi-atn.xml (added)
+++ portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi-atn.xml Thu
Nov  2 14:07:22 2006
@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Security SPI Handlers ************** -->
+
+  <!-- require a non-empty password -->
+  <bean id="org.apache.jetspeed.security.spi.CredentialPasswordValidator" 
+       class="org.apache.jetspeed.security.spi.impl.DefaultCredentialPasswordValidator"/>
+
+  <!-- MessageDigest encode passwords using SHA-1 -->
+  <bean id="org.apache.jetspeed.security.spi.CredentialPasswordEncoder" 
+       class="org.apache.jetspeed.security.spi.impl.MessageDigestCredentialPasswordEncoder">
+       <constructor-arg index="0"><value>SHA-1</value></constructor-arg>
      
+  </bean>       
+
+  <bean id="org.apache.jetspeed.security.spi.PasswordCredentialProvider" 
+       class="org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialProvider">
+       <constructor-arg index="0"><ref bean="org.apache.jetspeed.security.spi.CredentialPasswordValidator"/></constructor-arg>
      
+       <constructor-arg index="1"><ref bean="org.apache.jetspeed.security.spi.CredentialPasswordEncoder"/></constructor-arg>
      
+  </bean>       
+
+  <!-- A Two-way encoding password service which also implements CredentialPasswordEncoder
+         this Service can be used instead of for example the default provided MessageDigestCredentialPasswordEncoder
+  <bean id="org.apache.jetspeed.security.PasswordEncodingService"
+        name="org.apache.jetspeed.security.spi.CredentialPasswordEncoder"
+        class="org.apache.jetspeed.security.spi.impl.PBEPasswordService">
+    <constructor-arg index="0">
+      <!- secret PBE key password ->
+      <value>********</value>
+    </constructor-arg>       
+  </bean>       
+-->
+
+ <!-- A Two-way encoding password service which also implements CredentialPasswordEncoder
+       Furthermore, this extension of the PBEPasswordService supports lazy upgrading from
an old CredentialPasswordEncoder
+       like the default provided MessageDigestCredentialPasswordEncoder
+  ->
+  <bean id="org.apache.jetspeed.security.PasswordEncodingService"
+        name="org.apache.jetspeed.security.spi.CredentialPasswordEncoder"
+        class="org.apache.jetspeed.security.spi.impl.AlgorithmUpgradePBEPasswordService">
+    <constructor-arg index="0">
+      <!- secret PBE key password ->
+      <value>********</value>
+    </constructor-arg>
+    <constructor-arg index="1">
+      <!- old MessageDigestCredentialPasswordEncoder to be upgrading from, using SHA-1
->
+      <bean class="org.apache.jetspeed.security.spi.impl.MessageDigestCredentialPasswordEncoder">
+       <constructor-arg index="0"><value>SHA-1</value></constructor-arg>
      
+      </bean>       
+    </constructor-arg>
+    <constructor-arg index="2">
+      <!- startPBEPasswordEncodingService: date before which old encoded passwords need
to be recoded (on authentication)
+           (SimpleDateFormat) format: yyyy-MM-dd HH:mm:ss
+      ->
+      <value>2006-07-02 15:00:00</value>
+    </constructor-arg>
+  </bean>
+-->
+
+  <!-- allow multiple InternalPasswordCredentialInterceptors to be used for DefaultCredentialHandler
--> 
+  <bean id="org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor"
+       class="org.apache.jetspeed.security.spi.impl.InternalPasswordCredentialInterceptorsProxy">
+       <constructor-arg index="0">
+         <list>
+           <!-- enforce an invalid preset password value in the persisent store is required
to be changed -->
+           <bean class="org.apache.jetspeed.security.spi.impl.ValidatePasswordOnLoadInterceptor"/>
+
+           <!-- ensure preset cleartext passwords in the persistent store  will be encoded
on first use -->
+           <bean class="org.apache.jetspeed.security.spi.impl.EncodePasswordOnFirstLoadInterceptor"/>
+         </list>
+       </constructor-arg>
+  </bean>
+
+  <!-- Security SPI: CredentialHandler -->
+  <bean id="org.apache.jetspeed.security.spi.CredentialHandler" 
+       class="org.apache.jetspeed.security.spi.impl.DefaultCredentialHandler"
+  >       
+       <constructor-arg index="0"><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
      
+       <constructor-arg index="1"><ref bean="org.apache.jetspeed.security.spi.PasswordCredentialProvider"/></constructor-arg>
      
+       <constructor-arg index="2"><ref bean="org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor"/></constructor-arg>
      
+  </bean>
+  
+  <!-- Security SPI: UserSecurityHandler -->
+  <!-- The DefaultUSerSecurityHandler uses the raw SecurityAccessImpl so that it
+  	   may demarcate its own transactions -->
+  <bean id="org.apache.jetspeed.security.spi.UserSecurityHandlerImpl" 
+  	   class="org.apache.jetspeed.security.spi.impl.DefaultUserSecurityHandler"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
 	   
+  </bean>
+  
+  <bean id="org.apache.jetspeed.security.spi.UserSecurityHandler" parent="baseTransactionProxy"

+		name="userSecurityHandler" >
+		<property name="proxyInterfaces">
+			<value>org.apache.jetspeed.security.spi.UserSecurityHandler</value>
+		</property>
+		<property name="target">
+			<ref bean="org.apache.jetspeed.security.spi.UserSecurityHandlerImpl"/>
+		</property>
+		<property name="transactionAttributes">
+			<props>				
+				<prop key="*">PROPAGATION_REQUIRED</prop>
+			</props>
+		</property>
+   </bean>
+
+</beans>

Added: portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi-atz.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi-atz.xml?view=auto&rev=470544
==============================================================================
--- portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi-atz.xml (added)
+++ portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi-atz.xml Thu
Nov  2 14:07:22 2006
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Security SPI Handlers ************** -->  
+  <!-- Security SPI: RoleSecurityHandler -->
+  <bean id="org.apache.jetspeed.security.spi.RoleSecurityHandler" 
+  	   class="org.apache.jetspeed.security.spi.impl.DefaultRoleSecurityHandler"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
+  </bean>
+  
+  <!-- Security SPI: GroupSecurityHandler -->
+  <bean id="org.apache.jetspeed.security.spi.GroupSecurityHandler" 
+  	   class="org.apache.jetspeed.security.spi.impl.DefaultGroupSecurityHandler"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
+  </bean>
+  
+  <!-- Security SPI: SecurityMappingHandler -->
+  <bean id="org.apache.jetspeed.security.spi.SecurityMappingHandler" 
+  	   class="org.apache.jetspeed.security.spi.impl.DefaultSecurityMappingHandler"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
+  	   <!-- Default role hierarchy strategy is by generalization.  Add contructor-arg to
change the strategy. -->
+  	   <!-- Default group hierarchy strategy is by generalization.  Add contructor-arg
to change the strategy. -->
+  </bean>
+</beans>

Added: portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi.xml?view=auto&rev=470544
==============================================================================
--- portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi.xml (added)
+++ portals/jetspeed-2/trunk/components/serializer/test/assembly/security-spi.xml Thu Nov
 2 14:07:22 2006
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Security SPI Handlers ************** -->
+  <!-- Security SPI: CommonQueries -->
+  <bean id="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl" 
+  	   class="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl"
+  	   init-method="init"
+  >  	   
+  	   <constructor-arg ><value>JETSPEED-INF/ojb/security_repository.xml</value></constructor-arg>
 	   
+  </bean>
+  
+  <bean id="org.apache.jetspeed.security.spi.SecurityAccess" parent="baseTransactionProxy"

+		name="SecurityCommonQueries" >
+		<property name="proxyInterfaces">
+			<value>org.apache.jetspeed.security.spi.SecurityAccess</value>
+		</property>
+		<property name="target">
+			<ref bean="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl"/>
+		</property>
+		<property name="transactionAttributes">
+			<props>				
+				<prop key="remove*">PROPAGATION_REQUIRED</prop>
+				<prop key="set*">PROPAGATION_REQUIRED</prop>
+				<prop key="*">PROPAGATION_SUPPORTS</prop>
+			</props>
+		</property>
+   </bean>
+
+</beans>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message