Package org.apache.geronimo.tomcat.util

Examples of org.apache.geronimo.tomcat.util.SecurityHolder

170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
            Map principalRoleMap,
            ComponentPermissions componentPermissions,
            SubjectInfo defaultPrincipal,
            PermissionCollection checked) throws Exception {

        SecurityHolder securityHolder = new SecurityHolder();
        securityHolder.setSecurity(true);
        securityHolder.setPolicyContextID(POLICY_CONTEXT_ID);
//        securityHolder.setDefaultSubject(defaultPrincipal);
        securityHolder.setSecurityRealm(securityRealmName);
        CredentialStore credentialStore = null;
        return setUpSecureAppContext(roleDesignates,
                principalRoleMap,
                componentPermissions,
                null,
View Full Code Here
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
        if (enc != null) {
            interceptor = new ComponentContextBeforeAfter(interceptor, index++, enc);
        }

        //Set a PolicyContext BeforeAfter
        SecurityHolder securityHolder = ctx.getSecurityHolder();
        if (securityHolder != null) {

            // save the role designates for mapping servlets to their run-as roles
            runAsSource = securityHolder.getRunAsSource();
           
            if (securityHolder.getPolicyContextID() != null) {

                PolicyContext.setContextID(securityHolder.getPolicyContextID());

                /**
                 * Register our default subject with the ContextManager
                 */
                defaultSubject = securityHolder.getDefaultSubject();

                if (defaultSubject == null) {
                    defaultSubject = ContextManager.EMPTY;
                }

                interceptor = new PolicyContextBeforeAfter(interceptor, index++, index++, index++, securityHolder.getPolicyContextID(), defaultSubject);

            }
        }
       
        //Set a UserTransactionBeforeAfter
View Full Code Here
156
157
158
159
160
161
162
163
164
165
166
167
        PermissionCollection excludedPermissions = new Permissions();
        PermissionCollection uncheckedPermissions = new Permissions();
        ComponentPermissions componentPermissions = new ComponentPermissions(excludedPermissions, uncheckedPermissions, new HashMap());
        //Force a new realm name and ignore the application name
        SecurityHolder securityHolder = new SecurityHolder();
        securityHolder.setSecurityRealm(securityRealmName);
        CredentialStore credentialStore = null;
        setUpSecureAppContext(new HashMap(),
                new HashMap(),
                componentPermissions,
                realm,
View Full Code Here
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
            throw new IllegalArgumentException("Invalid virtual host '" + virtualServer + "'.  Do you have a matching Host entry in the plan?");
        }

        //Get the security-realm-name if there is one
        String securityRealmName = null;
        SecurityHolder secHolder = ctx.getSecurityHolder();
        if (secHolder != null)
            securityRealmName = secHolder.getSecurityRealm();

        //Did we declare a GBean at the context level?
        if (ctx.getRealm() != null) {
            Realm realm = ctx.getRealm();

            //Allow for the <security-realm-name> override from the
            //geronimo-web.xml file to be used if our Realm is a JAAS type
            if (securityRealmName != null) {
                if (realm instanceof JAASRealm) {
                    ((JAASRealm) realm).setAppName(securityRealmName);
                }
            }
            anotherCtxObj.setRealm(realm);
        } else {
            Realm realm = host.getRealm();
            //Check and see if we have a declared realm name and no match to a parent name
            if (securityRealmName != null) {
                String parentRealmName = null;
                if (realm instanceof JAASRealm) {
                    parentRealmName = ((JAASRealm) realm).getAppName();
                }

                //Do we have a match to a parent?
                if (!securityRealmName.equals(parentRealmName)) {
                    //No...we need to create a default adapter

                    //Is the context requiring JACC?
                    if (secHolder.isSecurity()) {
                        //JACC
                        realm = new TomcatGeronimoRealm();
                    } else {
                        //JAAS
                        realm = new TomcatJAASRealm();
View Full Code Here
144
145
146
147
148
149
150
151
152
153
154
155
        contextRealm.setAttribute("className", "org.apache.geronimo.tomcat.realm.TomcatJAASRealm");
        contextRealm.setAttribute("initParams", initParams);
        start(contextRealm);

        //Force a new realm name and ignore the application name
        SecurityHolder securityHolder = new SecurityHolder();
        securityHolder.setSecurityRealm(REALM_NAME);

        GBeanData app = new GBeanData(webModuleName, TomcatWebAppContext.GBEAN_INFO);
        app.setAttribute("webAppRoot", new File("target/var/catalina/webapps/war3/").toURI());
        app.setAttribute("webClassPath", new URI[]{});
        app.setAttribute("securityHolder", securityHolder);
View Full Code Here
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
        jaccBeanData.setAttribute("contextIdToPermissionsMap", contextIDToPermissionsMap);
        jaccBeanData.setAttribute("principalRoleMap", principalRoleMap);
        jaccBeanData.setAttribute("roleDesignates", roleDesignates);
        start(jaccBeanData);

        SecurityHolder securityHolder = new SecurityHolder();
        securityHolder.setChecked(checked);
        securityHolder.setExcluded(componentPermissions.getExcludedPermissions());
        securityHolder.setPolicyContextID(POLICY_CONTEXT_ID);
        securityHolder.setDefaultPrincipal(defaultPrincipal);
        securityHolder.setSecurityRealm("Geronimo");
        GBeanData app = new GBeanData(webModuleName, TomcatWebAppContext.GBEAN_INFO);
        app.setAttribute("classLoader", cl);
        app.setAttribute("webAppRoot", new File("target/var/catalina/webapps/war3/").toURI());
        app.setAttribute("webClassPath", new URI[]{});
        app.setAttribute("contextPriorityClassLoader", Boolean.FALSE);
View Full Code Here
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
            webModuleData.setAttribute("webServices", webServices);

            if (tomcatWebApp.isSetSecurityRealmName()) {

                SecurityHolder securityHolder = new SecurityHolder();
                securityHolder.setSecurityRealm(tomcatWebApp.getSecurityRealmName().trim());

                /**
                 * TODO - go back to commented version when possible.
                 */
                String policyContextID = webModuleName.getCanonicalName().replaceAll("[, :]", "_");
                securityHolder.setPolicyContextID(policyContextID);

                ComponentPermissions componentPermissions = buildSpecSecurityConfig(webApp, securityRoles, rolePermissions);
                securityHolder.setExcluded(componentPermissions.getExcludedPermissions());
                PermissionCollection checkedPermissions = new Permissions();
                for (Iterator iterator = rolePermissions.values().iterator(); iterator.hasNext();) {
                    PermissionCollection permissionsForRole = (PermissionCollection) iterator.next();
                    for (Enumeration iterator2 = permissionsForRole.elements(); iterator2.hasMoreElements();) {
                        Permission permission = (Permission) iterator2.nextElement();
                        checkedPermissions.add(permission);
                    }
                }
                securityHolder.setChecked(checkedPermissions);
                earContext.addSecurityContext(policyContextID, componentPermissions);
                if (tomcatWebApp.isSetSecurity()) {
                    SecurityConfiguration securityConfiguration = SecurityBuilder.buildSecurityConfiguration(tomcatWebApp.getSecurity());
                    earContext.setSecurityConfiguration(securityConfiguration);
                }
                DefaultPrincipal defaultPrincipal = earContext.getSecurityConfiguration().getDefaultPrincipal();
                securityHolder.setDefaultPrincipal(defaultPrincipal);
                if (defaultPrincipal != null) {
                    securityHolder.setSecurity(true);
                }

                webModuleData.setAttribute("securityHolder", securityHolder);
                webModuleData.setReferencePattern("RoleDesignateSource", earContext.getJaccManagerName());
            }
View Full Code Here
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
            if (tomcatWebApp.isSetSecurityRealmName()) {
                if (earContext.getSecurityConfiguration() == null) {
                    throw new DeploymentException("You have specified a <security-realm-name> for the webapp " + moduleName + " but no <security> configuration (role mapping) is supplied in the Geronimo plan for the web application (or the Geronimo plan for the EAR if the web app is in an EAR)");
                }

                SecurityHolder securityHolder = new SecurityHolder();
                securityHolder.setSecurityRealm(tomcatWebApp.getSecurityRealmName().trim());

                webModuleData.setReferencePattern("RunAsSource", earContext.getJaccManagerName());

                /**
                 * TODO - go back to commented version when possible.
                 */
                String policyContextID = moduleName.toString().replaceAll("[, :]", "_");
                securityHolder.setPolicyContextID(policyContextID);

                ComponentPermissions componentPermissions = buildSpecSecurityConfig(webApp, securityRoles, rolePermissions);
                earContext.addSecurityContext(policyContextID, componentPermissions);
                //TODO WTF is this for?
                securityHolder.setSecurity(true);

                webModuleData.setAttribute("securityHolder", securityHolder);
            }

            //listeners added directly to the StandardContext will get loaded by the tomcat classloader, not the app classloader!
View Full Code Here
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
        if (enc != null) {
            interceptor = new ComponentContextBeforeAfter(interceptor, index++, enc);
        }

        //Set a PolicyContext BeforeAfter
        SecurityHolder securityHolder = ctx.getSecurityHolder();
        if (securityHolder != null) {

            // save the role designates for mapping servlets to their run-as roles
            runAsSource = securityHolder.getRunAsSource();
           
            if (securityHolder.getPolicyContextID() != null) {

                PolicyContext.setContextID(securityHolder.getPolicyContextID());

                /**
                 * Register our default subject with the ContextManager
                 */
                defaultSubject = securityHolder.getDefaultSubject();

                if (defaultSubject == null) {
                    defaultSubject = ContextManager.EMPTY;
                }

                interceptor = new PolicyContextBeforeAfter(interceptor, index++, index++, index++, securityHolder.getPolicyContextID(), defaultSubject);

            }
        }
       
        //Set a UserTransactionBeforeAfter
View Full Code Here
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
            if (tomcatWebApp.isSetSecurityRealmName()) {
                if (earContext.getSecurityConfiguration() == null) {
                    throw new DeploymentException("You have specified a <security-realm-name> for the webapp " + moduleName + " but no <security> configuration (role mapping) is supplied in the Geronimo plan for the web application (or the Geronimo plan for the EAR if the web app is in an EAR)");
                }

                SecurityHolder securityHolder = new SecurityHolder();
                securityHolder.setSecurityRealm(tomcatWebApp.getSecurityRealmName().trim());

                webModuleData.setReferencePattern("RunAsSource", earContext.getJaccManagerName());

                /**
                 * TODO - go back to commented version when possible.
                 */
                String policyContextID = moduleName.toString().replaceAll("[, :]", "_");
                securityHolder.setPolicyContextID(policyContextID);

                ComponentPermissions componentPermissions = buildSpecSecurityConfig(webApp, securityRoles, rolePermissions);
                earContext.addSecurityContext(policyContextID, componentPermissions);
                //TODO WTF is this for?
                securityHolder.setSecurity(true);

                webModuleData.setAttribute("securityHolder", securityHolder);
            }

            //listeners added directly to the StandardContext will get loaded by the tomcat classloader, not the app classloader!
View Full Code Here
TOP

Related Classes of org.apache.geronimo.tomcat.util.SecurityHolder

  • org.apache.geronimo.tomcat.AbstractWebModuleTest
  • org.apache.geronimo.tomcat.deployment.TomcatModuleBuilder
  • org.apache.geronimo.tomcat.GeronimoStandardContext
  • org.apache.geronimo.tomcat.JAASSecurityTest
  • org.apache.geronimo.tomcat.JACCSecurityTest
  • org.apache.geronimo.tomcat.TomcatContainer
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.