portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@apache.org
Subject svn commit: r732386 [2/2] - in /portals/jetspeed-2/portal/trunk: components/jetspeed-security/src/main/java/JETSPEED-INF/ojb/ components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ components/jetspeed-security/src/main/java/org/a...
Date Wed, 07 Jan 2009 16:33:28 GMT
Added: portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityDomain.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityDomain.java?rev=732386&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityDomain.java
(added)
+++ portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityDomain.java
Wed Jan  7 08:33:26 2009
@@ -0,0 +1,64 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.security;
+
+
+/**
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ */
+public interface SecurityDomain
+{
+
+    public static final String SYSTEM_NAME = "[system]";
+    public static final String DEFAULT_NAME = "[default]";
+    
+    /**
+     * Unique domain id. The ids 0 (system) and 1 (default domain) are reserved.
+     * 
+     * @return the domain id
+     */
+    Long getDomainId();
+    
+    /**
+     * Unique string identifier for this domain. E.g. can be used from declarative references
+     * to this domain. 
+     * @return name
+     */
+    String getName();
+    
+    /**
+     * Returns the id of the domain which is the owner of this domain. This feature is used
+     * by remote domains, which can only be accessed in the context of a local domain: a
local
+     * domain is the owner of a remote domain.
+     * @return
+     */
+    Long getOwnerDomainId();
+    
+    /**
+     * Returns whether this domain constitutes a local (false) or remote (true) domain. Remote

+     * domains are accessed via the SSO component.
+     * @return remote
+     */
+    boolean isRemote();
+    
+    /**
+     * Returns whether this domain is enabled or not.
+     * @return enabled
+     */
+    boolean isEnabled();
+}

Propchange: portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityDomain.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityDomain.java
------------------------------------------------------------------------------
    svn:keywords = Id

Modified: portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityException.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityException.java?rev=732386&r1=732385&r2=732386&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityException.java
(original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/security/SecurityException.java
Wed Jan  7 08:33:26 2009
@@ -151,6 +151,15 @@
     public static final KeyedMessage ATTRIBUTES_ARE_READ_ONLY = new KeyedMessage("The principal
attributes are read only.");
 
     public static final KeyedMessage ATTRIBUTES_NOT_EXTENDABLE = new KeyedMessage("Adding
new principal attributes is not supported.");
+
+    public static final KeyedMessage SECURITY_DOMAIN_EXISTS = new KeyedMessage("The security
domain {0} already exists.");
+
+    public static final KeyedMessage SECURITY_DOMAIN_DOES_NOT_EXIST = new KeyedMessage("The
security domain {0} does not exist.");
+
+    public static final KeyedMessage SECURITY_DOMAIN_NOT_REMOVABLE = new KeyedMessage("The
security domain {0} could not be removed.");
+
+    public static final KeyedMessage DEFAULT_SECURITY_DOMAIN_DOES_NOT_EXIST = new KeyedMessage("The
default security domain does not exist.");
+
     /**
      * <p>Default Constructor.</p>
      */

Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml?rev=732386&r1=732385&r2=732386&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml
(original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml
Wed Jan  7 08:33:26 2009
@@ -47,14 +47,19 @@
         <column name="IS_REMOVABLE" required="true" type="BOOLEANINT"/>
         <column name="CREATION_DATE" required="true" type="TIMESTAMP"/>
         <column name="MODIFIED_DATE" required="true" type="TIMESTAMP"/>
+        <column name="DOMAIN_ID" required="true" type="INTEGER"/>
         <unique name="UIX_SECURITY_PRINCIPAL">
           <unique-column name="PRINCIPAL_TYPE" />
           <unique-column name="PRINCIPAL_NAME" />
-        </unique>        
+          <unique-column name="DOMAIN_ID" />
+        </unique>     
+        <foreign-key foreignTable="SECURITY_DOMAIN" name="FK_SECURITY_DOMAIN_1" onDelete="cascade">
+            <reference foreign="DOMAIN_ID" local="DOMAIN_ID"/>
+        </foreign-key>  
     </table>
 
    <!-- 
-      Create principal-security attributes for both Portlet API User Attributes and generic
principal preferences
+      Create1 principal-security attributes for both Portlet API User Attributes and generic
principal preferences
       Example 
     ATTR_ID = unique primary key
     PID = the primary key of the owning principal
@@ -147,82 +152,17 @@
             <reference foreign="PRINCIPAL_ID" local="PRINCIPAL_ID"/>
         </foreign-key>
     </table>
-	
 
-    <!--
-       Create SiteTable
-    -->
-    <table name="SSO_SITE">
-        <column name="SITE_ID" primaryKey="true" required="true" type="INTEGER"/>
-        <column name="NAME" required="true" size="254" type="VARCHAR"/>
-        <column name="URL" required="true" size="254" type="VARCHAR"/>
-        <column name="ALLOW_USER_SET" default="0" type="BOOLEANINT"/>
-        <column name="REQUIRES_CERTIFICATE" default="0" type="BOOLEANINT"/>
-        <column name="CHALLENGE_RESPONSE_AUTH" default="0" type="BOOLEANINT"/>
-        <column name="FORM_AUTH" default="0" type="BOOLEANINT"/>
-        <column name="FORM_USER_FIELD" required="false" size="128" type="VARCHAR"/>
-        <column name="FORM_PWD_FIELD" required="false" size="128" type="VARCHAR"/>
-        <column name="REALM" required="false" size="128" type="VARCHAR"/>
-        
-        <unique name="UIX_SITE_URL">
-          <unique-column name="URL" />
-        </unique>                
-    </table>
-    
-    <table name="SSO_COOKIE">
-        <column name="COOKIE_ID" primaryKey="true" required="true" type="INTEGER"/>
-        <column name="COOKIE" required="true" size="1024" type="VARCHAR"/> 
-        <column name="CREATE_DATE" required="true" type="TIMESTAMP"/>         
-    </table>
-	
-    <table name="SSO_SITE_TO_PRINCIPALS">
-    	<column name="SITE_ID" primaryKey="true" required="true" type="INTEGER"/>
-        <column name="PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
-         <foreign-key foreignTable="SSO_SITE" name="SSO_SITE_TO_PRINC_FK1" onDelete="cascade">
            
-            <reference foreign="SITE_ID" local="SITE_ID"/>
-        </foreign-key>
-       <foreign-key foreignTable="SECURITY_PRINCIPAL"  name="SSO_SITE_TO_PRINC_FK2" onDelete="cascade">
-            <reference foreign="PRINCIPAL_ID" local="PRINCIPAL_ID"/>
-        </foreign-key>
-    </table>
-    
-    <!--
-       Create Principals to Remote Principals association Table
-    -->
-    
-    <table name="SSO_PRINCIPAL_TO_REMOTE">
-    	<column name="PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
-        <column name="REMOTE_PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
-         <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SSO_PRINCIPAL_TO_REMOTE_1"
onDelete="cascade">
-            <reference foreign="PRINCIPAL_ID" local="PRINCIPAL_ID"/>
-        </foreign-key>
-       <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SSO_PRINCIPAL_TO_REMOTE_2"
onDelete="cascade">
-            <reference foreign="PRINCIPAL_ID" local="REMOTE_PRINCIPAL_ID"/>
-        </foreign-key>
-    </table>
-    
-    <table name="SSO_SITE_TO_REMOTE">
-    	<column name="SITE_ID" primaryKey="true" required="true" type="INTEGER"/>
-        <column name="PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
-           
-         <foreign-key foreignTable="SSO_SITE"  name="FK_SSO_SITE_TO_REMOTE_1" onDelete="cascade">
-            <reference foreign="SITE_ID" local="SITE_ID"/>
-        </foreign-key>
-       <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SSO_SITE_TO_REMOTE_2" onDelete="cascade">
-            <reference foreign="PRINCIPAL_ID" local="PRINCIPAL_ID"/>
-        </foreign-key>
+    <table name="SECURITY_DOMAIN">
+        <column name="DOMAIN_ID" primaryKey="true" type="INTEGER" autoIncrement="true"/>
+        <column name="DOMAIN_NAME" type="VARCHAR" size="30"/>
+        <column name="REMOTE" default="0" type="BOOLEANINT"/>
+        <column name="ENABLED" default="1" type="BOOLEANINT"/>
+        <column name="OWNER_DOMAIN_ID" type="INTEGER" required="false"/>
+        <unique name="UIX_DOMAIN_NAME">
+            <unique-column name="DOMAIN_NAME" />
+        </unique>           
     </table>
     
-    <table name="SSO_COOKIE_TO_REMOTE">
-    	<column name="COOKIE_ID" primaryKey="true" required="true" type="INTEGER"/>
-        <column name="REMOTE_PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
-           
-         <foreign-key foreignTable="SSO_COOKIE" name="FK_SSO_COOKIE_TO_REMOTE_1" onDelete="cascade">
-            <reference foreign="COOKIE_ID" local="COOKIE_ID"/>
-        </foreign-key>
-       <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SSO_COOKIE_TO_REMOTE_2"
onDelete="cascade">
-            <reference foreign="PRINCIPAL_ID" local="REMOTE_PRINCIPAL_ID"/>
-        </foreign-key>
-    </table>
          
 </database>

Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/security-spi.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/security-spi.xml?rev=732386&r1=732385&r2=732386&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/security-spi.xml
(original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/security-spi.xml
Wed Jan  7 08:33:26 2009
@@ -39,7 +39,10 @@
         org.apache.jetspeed.security.spi.JetspeedPrincipalAssociationStorageManager,
         org.apache.jetspeed.security.spi.JetspeedPrincipalStorageManager,
         org.apache.jetspeed.security.spi.UserPasswordCredentialAccessManager,
-        org.apache.jetspeed.security.spi.UserPasswordCredentialStorageManager
+        org.apache.jetspeed.security.spi.UserPasswordCredentialStorageManager,        
+        org.apache.jetspeed.security.spi.SecurityDomainStorageManager,        
+        org.apache.jetspeed.security.spi.SecurityDomainAccessManager,
+        org.apache.jetspeed.security.spi.JetspeedDomainPrincipalAccessManager
       </value>
     </property>
     <property name="target">
@@ -82,6 +85,18 @@
     <meta key="j2:alias" value="org.apache.jetspeed.security.spi.UserPasswordCredentialStorageManager"
/>
     <property name="targetBeanName" value="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager"
/>
   </bean>
+
+  <bean class="org.springframework.beans.factory.config.BeanReferenceFactoryBean">
+    <meta key="j2:cat" value="dbSecurity" />
+    <meta key="j2:alias" value="org.apache.jetspeed.security.spi.SecurityDomainStorageManager"
/>
+    <property name="targetBeanName" value="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager"
/>
+  </bean>
+  
+  <bean class="org.springframework.beans.factory.config.BeanReferenceFactoryBean">
+    <meta key="j2:cat" value="dbSecurity" />
+    <meta key="j2:alias" value="org.apache.jetspeed.security.spi.SecurityDomainAccessManager"
/>
+    <property name="targetBeanName" value="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager"
/>
+  </bean>
   
   <bean id="org.apache.jetspeed.security.spi.impl.UserPasswordCredentialManagerImpl"
     class="org.apache.jetspeed.security.spi.impl.UserPasswordCredentialManagerImpl">

Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/serializer.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/serializer.xml?rev=732386&r1=732385&r2=732386&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/serializer.xml
(original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/serializer.xml
Wed Jan  7 08:33:26 2009
@@ -17,6 +17,8 @@
           <constructor-arg index="3" ref="org.apache.jetspeed.security.UserManager" />
           <constructor-arg index="4" ref="org.apache.jetspeed.security.spi.CredentialPasswordEncoder"
/>
           <constructor-arg index="5" ref="org.apache.jetspeed.security.PermissionManager"
/>
+          <constructor-arg index="6" ref="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager"
/>
+          <constructor-arg index="7" ref="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager"
/>
         </bean>
         <bean class="org.apache.jetspeed.serializer.JetspeedProfilerSerializer">
           <constructor-arg index="0" ref="org.apache.jetspeed.profiler.Profiler" />

Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/seed/j2-seed.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/seed/j2-seed.xml?rev=732386&r1=732385&r2=732386&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/seed/j2-seed.xml
(original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/seed/j2-seed.xml
Wed Jan  7 08:33:26 2009
@@ -272,6 +272,21 @@
 			<mimeTypes>text/html</mimeTypes>
 		</Client>
 	</Clients>
+	<SecurityDomains>
+		<!-- NB: the system and default domains will be added automatically. Only specify custom
Security Domains here -->
+		<!--
+			example of a local domain : 
+			<SecurityDomain name="departmentA"/>
+			
+			example of a remote domain :
+			(the owner domain will be the "default" domain if no owner domain is specified)
+			<SecurityDomain name="nytimes" remote="true""/>
+			
+			non-default owner domain:
+			<SecurityDomain name="nytimes" remote="true" ownerDomain="departmentA"/>
+			
+		-->
+	</SecurityDomains>
 	<Roles>
 		<Role>admin</Role>
 		<Role>manager</Role>

Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/seed/min/j2-seed.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/seed/min/j2-seed.xml?rev=732386&r1=732385&r2=732386&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/seed/min/j2-seed.xml
(original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/seed/min/j2-seed.xml
Wed Jan  7 08:33:26 2009
@@ -272,6 +272,21 @@
 			<mimeTypes>text/html</mimeTypes>
 		</Client>
 	</Clients>
+	<SecurityDomains>
+		<!-- NB: the system and default domains will be added automatically. Only specify custom
Security Domains here -->
+		<!--
+			example of a local domain : 
+			<SecurityDomain name="departmentA"/>
+			
+			example of a remote domain :
+			(the owner domain will be the "default" domain if no owner domain is specified)
+			<SecurityDomain name="nytimes" remote="true""/>
+			
+			non-default owner domain:
+			<SecurityDomain name="nytimes" remote="true" ownerDomain="departmentA"/>
+			
+		-->
+	</SecurityDomains>
 	<Roles>
 		<Role>admin</Role>
 		<Role>guest</Role>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message