portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r702093 - in /portals/jetspeed-2/portal/branches/security-refactoring: components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/ components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/ components/jetspeed-portal/...
Date Mon, 06 Oct 2008 11:05:54 GMT
Author: ate
Date: Mon Oct  6 04:05:52 2008
New Revision: 702093

URL: http://svn.apache.org/viewvc?rev=702093&view=rev
Log:
Promoting SecurityHelper to a shared (common) SubjectHelper as (now) it only provides Subject evaluation methods anymore. 

Added:
    portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java   (contents, props changed)
      - copied, changed from r700900, portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java
Removed:
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java
Modified:
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java Mon Oct  6 04:05:52 2008
@@ -30,7 +30,7 @@
 import org.apache.jetspeed.om.page.Page;
 import org.apache.jetspeed.page.document.NodeException;
 import org.apache.jetspeed.security.Role;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 
 
@@ -55,7 +55,7 @@
     public static void createUserHomePagesFromRoles(PageManager pageManager, Subject subject)
     throws NodeException
     {
-        Principal principal = SecurityHelper.getBestPrincipal(subject, User.class); 
+        Principal principal = SubjectHelper.getBestPrincipal(subject, User.class); 
         if (principal == null)
         {
             String errorMessage = "Could not create user home for null principal";
@@ -82,7 +82,7 @@
             // for each role for a user, deep copy the folder contents for that role 
             // into the user's home
             // TODO: this algorithm could actually merge pages on dups
-            Iterator roles = SecurityHelper.getPrincipals(subject, Role.class).iterator();
+            Iterator roles = SubjectHelper.getPrincipals(subject, Role.class).iterator();
             while (roles.hasNext())
             {                            
                 Role role = (Role)roles.next();

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java Mon Oct  6 04:05:52 2008
@@ -51,7 +51,7 @@
 import org.apache.jetspeed.pipeline.valve.SecurityValve;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.request.RequestContextComponent;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.UserSubjectPrincipal;
 import org.apache.jetspeed.services.JetspeedPortletServices;
 import org.apache.jetspeed.services.PortletServices;
@@ -390,7 +390,7 @@
             // as for instance WAS 6.0.2 has a bug invoking this method with a wrong classLoader (not the one for the WebApp)
             return;
         }        
-        Principal subjectUserPrincipal = SecurityHelper.getPrincipal(subject, UserSubjectPrincipal.class);
+        Principal subjectUserPrincipal = SubjectHelper.getPrincipal(subject, UserSubjectPrincipal.class);
         PortalStatistics statistics = (PortalStatistics)engine.getComponentManager().getComponent("PortalStatistics");
         long sessionLength = System.currentTimeMillis() - se.getSession().getCreationTime();
         String ipAddress = (String)se.getSession().getAttribute(SecurityValve.IP_ADDRESS);

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java Mon Oct  6 04:05:52 2008
@@ -33,7 +33,7 @@
 import org.apache.jetspeed.container.session.PortalSessionsManager;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 import org.apache.jetspeed.statistics.PortalStatistics;
@@ -234,7 +234,7 @@
     			{
     				for (User user : userManager.getUsers(""))
         			{
-        				Principal userPrincipal = SecurityHelper.getPrincipal(userManager.getSubject(user), User.class);
+        				Principal userPrincipal = SubjectHelper.getPrincipal(userManager.getSubject(user), User.class);
         				if(userPrincipal != null)
         				{
         					// Check if this users is already added as online user

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java Mon Oct  6 04:05:52 2008
@@ -28,7 +28,7 @@
 import org.apache.jetspeed.page.PageManager;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.Role;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.impl.TransientRole;
 
@@ -72,7 +72,7 @@
             count++;                        
         }
         Set principals = new HashSet();
-        principals.add(SecurityHelper.getBestPrincipal(currentSubject, User.class));
+        principals.add(SubjectHelper.getBestPrincipal(currentSubject, User.class));
         principals.add(new TransientRole(combo.toString()));
         Subject subject = 
             new Subject(true, principals, new HashSet(), new HashSet());

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java Mon Oct  6 04:05:52 2008
@@ -35,7 +35,7 @@
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.SecurityAttribute;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 import org.apache.jetspeed.util.JetspeedLocale;
@@ -105,7 +105,7 @@
             Subject subject = request.getSubject();
             if (null != subject)
             {
-                Principal userPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+                Principal userPrincipal = SubjectHelper.getPrincipal(subject, User.class);
                 if (null != userPrincipal)
                 {
                     log.debug("Got user principal: " + userPrincipal.getName());

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java Mon Oct  6 04:05:52 2008
@@ -43,7 +43,7 @@
 import org.apache.jetspeed.security.JetspeedSubjectFactory;
 import org.apache.jetspeed.security.PrincipalsSet;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 
@@ -142,7 +142,7 @@
                 Subject subject = (Subject)request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
                 if (subject != null)
                 {
-                    Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+                    Principal principal = SubjectHelper.getPrincipal(subject, User.class);
                     if (principal != null && principal.getName().equals(this.guest))
                     {                        
                     }

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java Mon Oct  6 04:05:52 2008
@@ -17,15 +17,13 @@
 package org.apache.jetspeed.login.filter;
 
 import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
 
 import javax.security.auth.Subject;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequestWrapper;
 
 import org.apache.jetspeed.security.Role;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 
 public class PortalRequestWrapper extends HttpServletRequestWrapper
 {
@@ -46,15 +44,7 @@
         {
             return false;
         }
-        List roles = SecurityHelper.getPrincipals(subject, Role.class);
-        Iterator ir = roles.iterator();
-        while (ir.hasNext())
-        {
-            Role role = (Role)ir.next();
-            if (roleName.equals(role.getName()))
-                return true;
-        }
-        return false;
+        return SubjectHelper.getPrincipal(subject, Role.class, roleName) != null;
     }
     
     public void setUserPrincipal(Principal userPrincipal)

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java Mon Oct  6 04:05:52 2008
@@ -42,7 +42,7 @@
 import org.apache.jetspeed.profiler.Profiler;
 import org.apache.jetspeed.profiler.ProfilerException;
 import org.apache.jetspeed.request.RequestContext;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 
 /**
@@ -154,7 +154,7 @@
             {
                 throw new ProfilerException("Missing subject for request: " + request.getPath());
             }            
-            Principal principal = SecurityHelper.getBestPrincipal(subject, User.class);
+            Principal principal = SubjectHelper.getBestPrincipal(subject, User.class);
             if (principal == null)
             {
                 throw new ProfilerException("Missing principal for request: " + request.getPath());

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java Mon Oct  6 04:05:52 2008
@@ -48,7 +48,7 @@
 import org.apache.jetspeed.profiler.ProfileLocator;
 import org.apache.jetspeed.profiler.Profiler;
 import org.apache.jetspeed.profiler.impl.ProfilerValveImpl;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.userinfo.UserInfoManager;
 import org.apache.pluto.om.common.Language;
@@ -381,7 +381,7 @@
 
     public Principal getUserPrincipal()
     {
-        return SecurityHelper.getBestPrincipal(getSubject(), User.class);
+        return SubjectHelper.getBestPrincipal(getSubject(), User.class);
     }
     
     /**

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java Mon Oct  6 04:05:52 2008
@@ -30,7 +30,7 @@
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.PasswordCredential;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserCredential;
 import org.apache.jetspeed.security.UserManager;
@@ -115,7 +115,7 @@
                                 }
                                 else
                                 {
-                                    UserCredential userCredential = SecurityHelper.getUserCredential(um.getSubject(user));
+                                    UserCredential userCredential = SubjectHelper.getUserCredential(um.getSubject(user));
                                     if ( userCredential == null || !userCredential.isEnabled() )
                                     {
                                         request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_DISABLED);

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java Mon Oct  6 04:05:52 2008
@@ -30,7 +30,7 @@
 import org.apache.jetspeed.profiler.ProfileLocator;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.PasswordCredential;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.UserCredential;
 
 /**
@@ -90,7 +90,7 @@
             if ( request.getRequest().getUserPrincipal() != null )
             {
                 Subject subject = request.getSubject();
-                UserCredential userCredential = SecurityHelper.getUserCredential(subject);
+                UserCredential userCredential = SubjectHelper.getUserCredential(subject);
                 Integer passwordDaysValid = null;
                 
                 // check for an existing password credential

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java Mon Oct  6 04:05:52 2008
@@ -28,7 +28,7 @@
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.JetspeedSubjectFactory;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 import org.apache.jetspeed.security.UserSubjectPrincipal;
@@ -93,7 +93,7 @@
         Subject subject = getSubjectFromSession(request);
         if (subject != null)
         {
-            Principal subjectUserPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+            Principal subjectUserPrincipal = SubjectHelper.getPrincipal(subject, User.class);
             if ((subjectUserPrincipal == null) || !subjectUserPrincipal.getName().equals(userPrincipal.getName()))
             {
                 subject = null;

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java Mon Oct  6 04:05:52 2008
@@ -27,7 +27,7 @@
 import org.apache.jetspeed.pipeline.PipelineException;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 import org.apache.jetspeed.security.impl.AbstractSecurityValve;
@@ -112,7 +112,7 @@
         Subject subject = getSubjectFromSession(context);
         if (subject != null)
         {
-            return SecurityHelper.getPrincipal(subject, User.class);
+            return SubjectHelper.getPrincipal(subject, User.class);
         } 
         // otherwise return anonymous principal
         
@@ -140,7 +140,7 @@
         // check whether principal name stored in session subject equals the remote user name passed by the web container
         if (subject != null)
         {
-            Principal subjectUserPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+            Principal subjectUserPrincipal = SubjectHelper.getPrincipal(subject, User.class);
             if ((subjectUserPrincipal == null) || !subjectUserPrincipal.getName().equals(userName))
             {
                 subject = null;

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java Mon Oct  6 04:05:52 2008
@@ -37,7 +37,7 @@
 import org.apache.jetspeed.login.filter.PortalRequestWrapper;
 import org.apache.jetspeed.security.AuthenticationProvider;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 
@@ -72,7 +72,7 @@
 				Subject subject = (Subject) request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
 				if (subject != null)
 				{
-					Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+					Principal principal = SubjectHelper.getPrincipal(subject, User.class);
 					if (principal != null)
 					{
 						if (principal.getName().equals(username))
@@ -142,7 +142,7 @@
 					catch (SecurityException sex)
 					{
 					}
-					Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+					Principal principal = SubjectHelper.getPrincipal(subject, User.class);
 					sRequest = wrapperRequest(request, subject, principal);
 					request.getSession().removeAttribute(LoginConstants.ERRORCODE);
 					HttpSession session = request.getSession(true);
@@ -159,7 +159,7 @@
 				Subject subject = (Subject) request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
 				if (subject != null)
 				{
-					Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+					Principal principal = SubjectHelper.getPrincipal(subject, User.class);
 					ShibbolethConfiguration config = (ShibbolethConfiguration) Jetspeed.getComponentManager().getComponent(
 							"org.apache.jetspeed.security.shibboleth.ShibbolethConfiguration");
 					if (principal != null && principal.getName().equals(config.getGuestUser()))

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java Mon Oct  6 04:05:52 2008
@@ -33,7 +33,7 @@
 import org.apache.jetspeed.om.common.portlet.MutablePortletApplication;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 import org.apache.jetspeed.userinfo.UserInfoManager;
@@ -202,7 +202,7 @@
         Subject subject = context.getSubject();
         if (null != subject)
         {
-            Principal userPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+            Principal userPrincipal = SubjectHelper.getPrincipal(subject, User.class);
             if (null != userPrincipal)
             {
                 log.debug("Got user principal: " + userPrincipal.getName());

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java Mon Oct  6 04:05:52 2008
@@ -28,7 +28,7 @@
 import org.apache.jetspeed.om.common.UserAttributeRef;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 import org.apache.jetspeed.userinfo.UserAttributeRetrievalException;
@@ -69,7 +69,7 @@
     {
 
         Map<String,String> userAttributeMap = new HashMap<String,String>();
-        Principal userPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+        Principal userPrincipal = SubjectHelper.getPrincipal(subject, User.class);
         if (null != userPrincipal)
         {
             log.debug("Got user principal: " + userPrincipal.getName());

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java Mon Oct  6 04:05:52 2008
@@ -47,7 +47,7 @@
 import org.apache.jetspeed.request.RequestContextComponent;
 import org.apache.jetspeed.security.JSSubject;
 import org.apache.jetspeed.security.JetspeedSubjectFactory;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.impl.UserImpl;
 import org.apache.jetspeed.test.JetspeedTestCase;
 import org.apache.jetspeed.testhelpers.SpringEngineHelper;

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml Mon Oct  6 04:05:52 2008
@@ -47,6 +47,11 @@
         </dependency>
         <dependency>
             <groupId>${pom.groupId}</groupId>
+            <artifactId>jetspeed-commons</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>${pom.groupId}</groupId>
             <artifactId>jetspeed-locator</artifactId>
         </dependency>
         <dependency>
@@ -64,11 +69,6 @@
 
         <!-- Test Dependencies -->
         <dependency>
-            <groupId>${pom.groupId}</groupId>
-            <artifactId>jetspeed-commons</artifactId>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
             <groupId>javax.transaction</groupId>
             <artifactId>jta</artifactId>
             <scope>test</scope>

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java Mon Oct  6 04:05:52 2008
@@ -39,7 +39,7 @@
 import org.apache.jetspeed.profiler.rules.impl.AbstractProfilingRule;
 import org.apache.jetspeed.profiler.rules.impl.PrincipalRuleImpl;
 import org.apache.jetspeed.request.RequestContext;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.UserSubjectPrincipal;
 import org.apache.jetspeed.security.impl.UserImpl;
 import org.apache.ojb.broker.query.Criteria;
@@ -203,7 +203,7 @@
         }
         // get the UserPrincipal, finding the first UserPrincipal, or
         // find the first principal if no UserPrincipal isn't available
-        Principal principal = SecurityHelper.getBestPrincipal(subject,
+        Principal principal = SubjectHelper.getBestPrincipal(subject,
                 UserSubjectPrincipal.class);
         if (principal == null)
         {

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java Mon Oct  6 04:05:52 2008
@@ -24,7 +24,7 @@
 import org.apache.jetspeed.profiler.rules.RuleCriterion;
 import org.apache.jetspeed.profiler.rules.RuleCriterionResolver;
 import org.apache.jetspeed.request.RequestContext;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 
 /**
  * Standard Jetspeed-1 style resolver for criterion.
@@ -75,7 +75,7 @@
     protected String resolvePrincipals(RequestContext context, RuleCriterion criterion, Subject subject, Class classe)
     {
         StringBuffer result = new StringBuffer();
-        Iterator principals = SecurityHelper.getPrincipals(subject, classe).iterator();
+        Iterator principals = SubjectHelper.getPrincipals(subject, classe).iterator();
         int count = 0;
         while (principals.hasNext())
         {
@@ -97,7 +97,7 @@
     protected String combinePrincipals(RequestContext context, RuleCriterion criterion, Subject subject, Class classe)
     {
         StringBuffer result = new StringBuffer();
-        Iterator principals = SecurityHelper.getPrincipals(subject, classe).iterator();
+        Iterator principals = SubjectHelper.getPrincipals(subject, classe).iterator();
         int count = 0;
         while (principals.hasNext())
         {

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java Mon Oct  6 04:05:52 2008
@@ -25,7 +25,7 @@
 import org.apache.jetspeed.profiler.rules.RuleCriterion;
 import org.apache.jetspeed.profiler.rules.RuleCriterionResolver;
 import org.apache.jetspeed.request.RequestContext;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 
 /**
@@ -63,7 +63,7 @@
             return null;
         }
             
-        Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+        Principal principal = SubjectHelper.getPrincipal(subject, User.class);
         if (principal != null)
         {
             return principal.getName();              

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java Mon Oct  6 04:05:52 2008
@@ -21,9 +21,6 @@
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.Map;
-import java.util.Set;
-
-import javax.security.auth.Subject;
 
 import org.apache.commons.logging.Log;
 import org.apache.jetspeed.profiler.Profiler;
@@ -31,11 +28,9 @@
 import org.apache.jetspeed.profiler.rules.PrincipalRule;
 import org.apache.jetspeed.profiler.rules.ProfilingRule;
 import org.apache.jetspeed.profiler.rules.RuleCriterion;
-import org.apache.jetspeed.security.SecurityHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 import org.apache.jetspeed.serializer.objects.JSPrincipalRule;
-import org.apache.jetspeed.serializer.objects.JSPrincipalRules;
 import org.apache.jetspeed.serializer.objects.JSProfilingRule;
 import org.apache.jetspeed.serializer.objects.JSProfilingRules;
 import org.apache.jetspeed.serializer.objects.JSRuleCriterion;

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java Mon Oct  6 04:05:52 2008
@@ -24,12 +24,12 @@
 import java.security.Policy;
 import java.security.Principal;
 import java.security.ProtectionDomain;
+import java.util.Enumeration;
 import java.util.List;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.security.PermissionManager;
-import org.apache.jetspeed.security.SecurityHelper;
 import org.apache.jetspeed.security.SecurityPolicies;
 
 /**
@@ -200,7 +200,7 @@
                     log.debug("Checking policy: " + currPolicy.getClass().getName());
                 }
                 PermissionCollection currPerms = currPolicy.getPermissions(codeSource);
-                SecurityHelper.addPermissions(otherPerms, currPerms);
+                addPermissions(otherPerms, currPerms);
             }
         }
 
@@ -208,4 +208,36 @@
         return otherPerms;
     }
 
+    /**
+     * <p>
+     * Adds a collection of permsToAdd to a collection of existing permissions.
+     * </p>
+     * 
+     * @param perms The existing permissions.
+     * @param permsToAdd The permissions to add.
+     */
+    private static void addPermissions(PermissionCollection perms, PermissionCollection permsToAdd)
+    {
+        int permsAdded = 0;
+        if (null != permsToAdd)
+        {
+            Enumeration<Permission> permsToAddEnum = permsToAdd.elements();
+            while (permsToAddEnum.hasMoreElements())
+            {
+                permsAdded++;
+                Permission currPerm = permsToAddEnum.nextElement();
+                perms.add(currPerm);
+                if (log.isDebugEnabled())
+                {
+                    log.debug("Adding the permission: [class, " + currPerm.getClass().getName() + "], " + "[name, "
+                            + currPerm.getName() + "], " + "[actions, " + currPerm.getActions() + "]");
+                }
+            }
+        }
+        if ((permsAdded == 0) && log.isDebugEnabled())
+        {
+            log.debug("No permissions to add...");
+        }
+    }
+    
 }

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java Mon Oct  6 04:05:52 2008
@@ -28,7 +28,7 @@
 import org.apache.jetspeed.security.AuthenticatedUser;
 import org.apache.jetspeed.security.AuthenticationProvider;
 import org.apache.jetspeed.security.Role;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
 import org.apache.jetspeed.security.UserSubjectPrincipal;
@@ -107,12 +107,12 @@
     protected void commitSubject(Subject containerSubject, Subject jetspeedSubject, AuthenticatedUser user)
     {
         // add user specific portal user name and roles
-        Principal userSubjectPrincipal = SecurityHelper.getPrincipal(jetspeedSubject, UserSubjectPrincipal.class);
+        Principal userSubjectPrincipal = SubjectHelper.getPrincipal(jetspeedSubject, UserSubjectPrincipal.class);
         subject.getPrincipals().add(userSubjectPrincipal);
         boolean hasPortalUserRole = false;
         JBossGroup roles = new JBossGroup("Roles");
         
-        for (Principal role : SecurityHelper.getPrincipals(jetspeedSubject, Role.class))
+        for (Principal role : SubjectHelper.getPrincipals(jetspeedSubject, Role.class))
         {
             roles.addMember(role);
             if (role.getName().equals(portalUserRole))

Copied: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java (from r700900, portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java)
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java?p2=portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java&p1=portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java&r1=700900&r2=702093&rev=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java Mon Oct  6 04:05:52 2008
@@ -16,10 +16,7 @@
  */
 package org.apache.jetspeed.security;
 
-import java.security.Permission;
-import java.security.PermissionCollection;
 import java.security.Principal;
-import java.util.Enumeration;
 import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
@@ -27,21 +24,16 @@
 
 import javax.security.auth.Subject;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
 /**
  * <p>
- * Security helper.
+ * Subject helper.
  * </p>
  * 
  * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
  * @version $Id$
  */
-public class SecurityHelper
+public class SubjectHelper
 {
-    private static final Log log = LogFactory.getLog(SecurityHelper.class);
-
     /**
      * <p>
      * Given a subject, finds the first principal of the given classe for that subject. If a
@@ -52,16 +44,16 @@
      * @param classe A class or interface derived from java.security.InternalPrincipal.
      * @return The first principal matching a principal classe parameter.
      */
-    public static Principal getPrincipal(Subject subject, Class classe)
+    public static Principal getPrincipal(Subject subject, Class<? extends Principal> classe)
     {
         Principal principal = null;
-        Set principalList = subject.getPrincipals();
+        Set<Principal> principalList = subject.getPrincipals();
         if (principalList != null)
         { 
-        	Iterator principals = subject.getPrincipals().iterator();
+        	Iterator<Principal> principals = subject.getPrincipals().iterator();
 	        while (principals.hasNext())
 	        {
-	            Principal p = (Principal) principals.next();
+	            Principal p = principals.next();
 	            if (classe.isInstance(p))
 	            {
 	                principal = p;
@@ -83,14 +75,14 @@
      * @param classe A class or interface derived from java.security.InternalPrincipal.
      * @return The first principal matching a principal classe parameter.
      */
-    public static Principal getBestPrincipal(Subject subject, Class classe)
+    public static Principal getBestPrincipal(Subject subject, Class<? extends Principal> classe)
     {
 
         Principal principal = null;
-        Iterator principals = subject.getPrincipals().iterator();
+        Iterator<Principal> principals = subject.getPrincipals().iterator();
         while (principals.hasNext())
         {
-            Principal p = (Principal) principals.next();
+            Principal p = principals.next();
             if (classe.isInstance(p))
             {
                 principal = p;
@@ -116,7 +108,7 @@
      * @param classe The class of Principal
      * @return The principal.
      */
-    public static Principal getBestPrincipal(Principal[] principals, Class classe)
+    public static Principal getBestPrincipal(Principal[] principals, Class<? extends Principal> classe)
     {
 
         Principal principal = null;
@@ -149,7 +141,7 @@
      * @param classe A class or interface derived from java.security.InternalPrincipal.
      * @return A List of all principals of type Principal matching a principal classe parameter.
      */
-    public static List<Principal> getPrincipals(Subject subject, Class classe)
+    public static List<Principal> getPrincipals(Subject subject, Class<? extends Principal> classe)
     {
         List<Principal> result = new LinkedList<Principal>();
         Iterator<Principal> principals = subject.getPrincipals().iterator();
@@ -163,24 +155,25 @@
         }
         return result;
     }
-
+    
     /**
      * <p>
-     * Given a subject, find the (first) UserCredential from the private credentials
+     * Given a subject, finds a specific principal by name of the given classe for that subject.
      * </p>
      * 
-     * @param subject The subject
-     * @return the UserCredential or null if not found.
+     * @param subject The subject supplying the principals.
+     * @param classe A class or interface derived from java.security.InternalPrincipal.
+     * @param name the name of the principal to look for
      */
-    public static UserCredential getUserCredential(Subject subject)
+    public static Principal getPrincipal(Subject subject, Class<? extends Principal> classe, String name)
     {
-        Iterator iter = subject.getPrivateCredentials().iterator();
-        while (iter.hasNext())
+        Iterator<Principal> principals = subject.getPrincipals().iterator();
+        while (principals.hasNext())
         {
-            Object o = iter.next();
-            if (o instanceof UserCredential)
+            Principal p = principals.next();
+            if (classe.isInstance(p) && p.getName().equals(name))
             {
-                return (UserCredential) o;
+                return p;
             }
         }
         return null;
@@ -188,33 +181,23 @@
 
     /**
      * <p>
-     * Adds a collection of permsToAdd to a collection of existing permissions.
+     * Given a subject, find the (first) UserCredential from the private credentials
      * </p>
      * 
-     * @param perms The existing permissions.
-     * @param permsToAdd The permissions to add.
+     * @param subject The subject
+     * @return the UserCredential or null if not found.
      */
-    public static void addPermissions(PermissionCollection perms, PermissionCollection permsToAdd)
+    public static UserCredential getUserCredential(Subject subject)
     {
-        int permsAdded = 0;
-        if (null != permsToAdd)
+        Iterator<Object> iter = subject.getPrivateCredentials().iterator();
+        while (iter.hasNext())
         {
-            Enumeration<Permission> permsToAddEnum = permsToAdd.elements();
-            while (permsToAddEnum.hasMoreElements())
+            Object o = iter.next();
+            if (o instanceof UserCredential)
             {
-                permsAdded++;
-                Permission currPerm = permsToAddEnum.nextElement();
-                perms.add(currPerm);
-                if (log.isDebugEnabled())
-                {
-                    log.debug("Adding the permission: [class, " + currPerm.getClass().getName() + "], " + "[name, "
-                            + currPerm.getName() + "], " + "[actions, " + currPerm.getActions() + "]");
-                }
+                return (UserCredential) o;
             }
         }
-        if ((permsAdded == 0) && log.isDebugEnabled())
-        {
-            log.debug("No permissions to add...");
-        }
+        return null;
     }
 }

Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java
------------------------------------------------------------------------------
    cvs2svn:cvs-rev = 1.6

Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message