Menu
▾
▴
[Exist-commits] SF.net SVN: exist:[12619] trunk/eXist
|
From: <sha...@us...> - 2010-08-31 18:51:57
|
Revision: 12619
http://exist.svn.sourceforge.net/exist/?rev=12619&view=rev
Author: shabanovd
Date: 2010-08-31 18:51:49 +0000 (Tue, 31 Aug 2010)
Log Message:
-----------
[feature] LDAP & AD realms read-only authentication
Modified Paths:
--------------
trunk/eXist/extensions/security/activedirectory/src/org/exist/security/realm/activedirectory/ActiveDirectoryRealm.java
trunk/eXist/extensions/security/ldap/src/org/exist/security/realm/ldap/LDAPRealm.java
trunk/eXist/extensions/security/ldap/test/org/exist/security/realm/ldap/LDAPRealmTest.java
trunk/eXist/extensions/security/openid/src/org/exist/security/openid/servlet/AuthenticatorOpenId.java
trunk/eXist/src/org/exist/config/Configurator.java
trunk/eXist/src/org/exist/security/SecurityManager.java
Added Paths:
-----------
trunk/eXist/extensions/security/openid/src/org/exist/security/openid/AccountImpl.java
Removed Paths:
-------------
trunk/eXist/extensions/security/openid/src/org/exist/security/openid/UserImpl.java
Modified: trunk/eXist/extensions/security/activedirectory/src/org/exist/security/realm/activedirectory/ActiveDirectoryRealm.java
===================================================================
--- trunk/eXist/extensions/security/activedirectory/src/org/exist/security/realm/activedirectory/ActiveDirectoryRealm.java 2010-08-31 18:16:31 UTC (rev 12618)
+++ trunk/eXist/extensions/security/activedirectory/src/org/exist/security/realm/activedirectory/ActiveDirectoryRealm.java 2010-08-31 18:51:49 UTC (rev 12619)
@@ -30,8 +30,9 @@
import org.exist.config.annotation.*;
import org.exist.security.AuthenticationException;
import org.exist.security.Subject;
+import org.exist.security.internal.AbstractAccount;
import org.exist.security.internal.SecurityManagerImpl;
-import org.exist.security.internal.SubjectImpl;
+import org.exist.security.internal.SubjectAccreditedImpl;
import org.exist.security.internal.AccountImpl;
import org.exist.security.realm.ldap.LDAPRealm;
import org.exist.security.realm.ldap.LdapContextFactory;
@@ -70,7 +71,8 @@
*/
@Override
public String getId() {
- return "ActiveDirectory@" + ((ContextFactory) ensureContextFactory()).getDomain();
+ String domain = ((ContextFactory) ensureContextFactory()).getDomain();
+ return "ActiveDirectory@" + domain;
}
/*
@@ -123,7 +125,13 @@
}
try {
- return new SubjectImpl(new AccountImpl(this, username), null);
+ AbstractAccount account = (AbstractAccount) getAccount(username);
+ if (account == null) {
+ account = new AccountImpl(this, username);
+ //TODO: addAccount(account);
+ }
+
+ return new SubjectAccreditedImpl(account, ctxGC);
} catch (ConfigurationException e) {
throw new AuthenticationException(
AuthenticationException.UNNOWN_EXCEPTION,
Modified: trunk/eXist/extensions/security/ldap/src/org/exist/security/realm/ldap/LDAPRealm.java
===================================================================
--- trunk/eXist/extensions/security/ldap/src/org/exist/security/realm/ldap/LDAPRealm.java 2010-08-31 18:16:31 UTC (rev 12618)
+++ trunk/eXist/extensions/security/ldap/src/org/exist/security/realm/ldap/LDAPRealm.java 2010-08-31 18:51:49 UTC (rev 12619)
@@ -34,9 +34,10 @@
import org.exist.security.PermissionDeniedException;
import org.exist.security.Subject;
import org.exist.security.Account;
+import org.exist.security.internal.AbstractAccount;
import org.exist.security.internal.AbstractRealm;
import org.exist.security.internal.SecurityManagerImpl;
-import org.exist.security.internal.SubjectImpl;
+import org.exist.security.internal.SubjectAccreditedImpl;
import org.exist.security.internal.AccountImpl;
import org.exist.storage.DBBroker;
@@ -49,6 +50,8 @@
private final static Logger LOG = Logger.getLogger(LDAPRealm.class);
+ public static String ID = "LDAP";
+
protected LdapContextFactory ldapContextFactory = null;
public LDAPRealm(SecurityManagerImpl sm, Configuration config) {
@@ -71,20 +74,12 @@
@Override
public String getId() {
- // TODO Auto-generated method stub
- return null;
+ return ID;
}
@Override
- public boolean updateAccount(Account account) throws PermissionDeniedException, EXistException {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
public void startUp(DBBroker broker) throws EXistException {
- // TODO Auto-generated method stub
-
+ super.startUp(broker);
}
public Subject authenticate(String username, Object credentials) throws AuthenticationException {
@@ -99,9 +94,15 @@
} finally {
LdapUtils.closeContext(ctx);
}
+
+ try {
+ AbstractAccount account = (AbstractAccount) getAccount(username);
+ if (account == null) {
+ account = new AccountImpl(this, username);
+ //TODO: addAccount(account);
+ }
- try {
- return new SubjectImpl(new AccountImpl(this, username), null);
+ return new SubjectAccreditedImpl(account, ctx);
} catch (ConfigurationException e) {
throw new AuthenticationException(
AuthenticationException.UNNOWN_EXCEPTION,
@@ -127,25 +128,31 @@
}
@Override
+ public boolean updateAccount(Account account) throws PermissionDeniedException, EXistException {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
public boolean deleteAccount(Account account) throws PermissionDeniedException, EXistException {
// TODO Auto-generated method stub
return false;
}
@Override
- public Group addGroup(Group role) throws PermissionDeniedException, EXistException {
+ public Group addGroup(Group group) throws PermissionDeniedException, EXistException {
// TODO Auto-generated method stub
return null;
}
@Override
- public boolean updateGroup(Group role) throws PermissionDeniedException, EXistException {
+ public boolean updateGroup(Group group) throws PermissionDeniedException, EXistException {
// TODO Auto-generated method stub
return false;
}
@Override
- public boolean deleteGroup(Group role) throws PermissionDeniedException, EXistException {
+ public boolean deleteGroup(Group group) throws PermissionDeniedException, EXistException {
// TODO Auto-generated method stub
return false;
}
Modified: trunk/eXist/extensions/security/ldap/test/org/exist/security/realm/ldap/LDAPRealmTest.java
===================================================================
--- trunk/eXist/extensions/security/ldap/test/org/exist/security/realm/ldap/LDAPRealmTest.java 2010-08-31 18:16:31 UTC (rev 12618)
+++ trunk/eXist/extensions/security/ldap/test/org/exist/security/realm/ldap/LDAPRealmTest.java 2010-08-31 18:51:49 UTC (rev 12619)
@@ -43,9 +43,9 @@
private static String config =
"<LDAP>" +
- " <context " +
- " principalPattern='cn={0},dc=local' " +
- " url='ldap://localhost:389'/>" +
+ " <context>" +
+ " <principalPattern>cn={0},dc=local</principalPattern>" +
+ " <url>ldap://localhost:389</url>" +
"</LDAP>";
private static LDAPRealm realm;
Copied: trunk/eXist/extensions/security/openid/src/org/exist/security/openid/AccountImpl.java (from rev 12557, trunk/eXist/extensions/security/openid/src/org/exist/security/openid/UserImpl.java)
===================================================================
--- trunk/eXist/extensions/security/openid/src/org/exist/security/openid/AccountImpl.java (rev 0)
+++ trunk/eXist/extensions/security/openid/src/org/exist/security/openid/AccountImpl.java 2010-08-31 18:51:49 UTC (rev 12619)
@@ -0,0 +1,122 @@
+/*
+ * eXist Open Source Native XML Database
+ * Copyright (C) 2010 The eXist Project
+ * http://exist-db.org
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ * $Id$
+ */
+package org.exist.security.openid;
+
+import java.lang.Override;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.exist.config.ConfigurationException;
+import org.exist.security.UserAttributes;
+import org.exist.security.internal.AbstractAccount;
+import org.exist.security.internal.AbstractRealm;
+import org.exist.xmldb.XmldbURI;
+import org.openid4java.discovery.Identifier;
+
+/**
+ * @author <a href="mailto:sha...@gm...">Dmitriy Shabanov</a>
+ *
+ */
+public class AccountImpl extends AbstractAccount {
+
+ Identifier _identifier = null;
+
+ public AccountImpl(AbstractRealm realm, Identifier identifier) throws ConfigurationException {
+ super(realm, -1, identifier.getIdentifier());
+ _identifier = identifier;
+ }
+
+ @Override
+ public void setPassword(String passwd) {
+ }
+
+ @Override
+ public String getPassword() {
+ return null;
+ }
+
+ @Override
+ public XmldbURI getHome() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getDigestPassword() {
+ return null;
+ }
+
+ //TODO: find a place to construct 'full' name
+ public String getName_() {
+ String name = "";
+ if (attributes.containsKey(UserAttributes.FIRTSNAME))
+ name += attributes.get(UserAttributes.FIRTSNAME);
+
+ if (attributes.containsKey(UserAttributes.LASTNAME)) {
+ if (name != "") name += " ";
+ name += attributes.get(UserAttributes.LASTNAME);
+ }
+
+ if (name.equals(""))
+ name += attributes.get(UserAttributes.FULLNAME);
+
+ if (name.equals(""))
+ return _identifier.getIdentifier();
+
+ return name;
+ }
+
+ private Map<String, Object> attributes = new HashMap<String, Object>();
+
+ /**
+ * Add a named attribute.
+ *
+ * @param name
+ * @param value
+ */
+ @Override
+ public void setAttribute(String name, Object value) {
+ String id = UserAttributes.alias.get(name);
+ if (id == null)
+ attributes.put(name, value);
+ else
+ attributes.put(id, value);
+ }
+
+ /**
+ * Get the named attribute value.
+ *
+ * @param name The String that is the name of the attribute.
+ * @return The value associated with the name or null if no value is associated with the name.
+ */
+ @Override
+ public Object getAttribute(String name) {
+ String id = UserAttributes.alias.get(name);
+ if (id != null)
+ return attributes.get(id);
+
+ if (name.equalsIgnoreCase("id"))
+ return _identifier.getIdentifier();
+
+ return attributes.get(name);
+ }
+}
Deleted: trunk/eXist/extensions/security/openid/src/org/exist/security/openid/UserImpl.java
===================================================================
--- trunk/eXist/extensions/security/openid/src/org/exist/security/openid/UserImpl.java 2010-08-31 18:16:31 UTC (rev 12618)
+++ trunk/eXist/extensions/security/openid/src/org/exist/security/openid/UserImpl.java 2010-08-31 18:51:49 UTC (rev 12619)
@@ -1,127 +0,0 @@
-/*
- * eXist Open Source Native XML Database
- * Copyright (C) 2010 The eXist Project
- * http://exist-db.org
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- *
- * $Id$
- */
-package org.exist.security.openid;
-
-import java.lang.Override;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-import org.exist.config.Configuration;
-import org.exist.config.ConfigurationException;
-import org.exist.security.Group;
-import org.exist.security.UserAttributes;
-import org.exist.security.Account;
-import org.exist.security.internal.AbstractAccount;
-import org.exist.security.internal.AbstractRealm;
-import org.exist.security.realm.Realm;
-import org.exist.xmldb.XmldbURI;
-import org.openid4java.discovery.Identifier;
-
-/**
- * @author <a href="mailto:sha...@gm...">Dmitriy Shabanov</a>
- *
- */
-public class UserImpl extends AbstractAccount {
-
- Identifier _identifier = null;
-
- public UserImpl(AbstractRealm realm, Identifier identifier) throws ConfigurationException {
- super(realm, -1, identifier.getIdentifier());
- _identifier = identifier;
- }
-
- @Override
- public void setPassword(String passwd) {
- }
-
- @Override
- public String getPassword() {
- return null;
- }
-
- @Override
- public XmldbURI getHome() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getDigestPassword() {
- return null;
- }
-
- //TODO: find a place to construct 'full' name
- public String getName_() {
- String name = "";
- if (attributes.containsKey(UserAttributes.FIRTSNAME))
- name += attributes.get(UserAttributes.FIRTSNAME);
-
- if (attributes.containsKey(UserAttributes.LASTNAME)) {
- if (name != "") name += " ";
- name += attributes.get(UserAttributes.LASTNAME);
- }
-
- if (name.equals(""))
- name += attributes.get(UserAttributes.FULLNAME);
-
- if (name.equals(""))
- return _identifier.getIdentifier();
-
- return name;
- }
-
- private Map<String, Object> attributes = new HashMap<String, Object>();
-
- /**
- * Add a named attribute.
- *
- * @param name
- * @param value
- */
- @Override
- public void setAttribute(String name, Object value) {
- String id = UserAttributes.alias.get(name);
- if (id == null)
- attributes.put(name, value);
- else
- attributes.put(id, value);
- }
-
- /**
- * Get the named attribute value.
- *
- * @param name The String that is the name of the attribute.
- * @return The value associated with the name or null if no value is associated with the name.
- */
- @Override
- public Object getAttribute(String name) {
- String id = UserAttributes.alias.get(name);
- if (id != null)
- return attributes.get(id);
-
- if (name.equalsIgnoreCase("id"))
- return _identifier.getIdentifier();
-
- return attributes.get(name);
- }
-}
Modified: trunk/eXist/extensions/security/openid/src/org/exist/security/openid/servlet/AuthenticatorOpenId.java
===================================================================
--- trunk/eXist/extensions/security/openid/src/org/exist/security/openid/servlet/AuthenticatorOpenId.java 2010-08-31 18:16:31 UTC (rev 12618)
+++ trunk/eXist/extensions/security/openid/src/org/exist/security/openid/servlet/AuthenticatorOpenId.java 2010-08-31 18:51:49 UTC (rev 12619)
@@ -40,10 +40,11 @@
import org.exist.security.UserAttributes;
import org.exist.security.Account;
import org.exist.security.internal.AbstractRealm;
+import org.exist.security.internal.SubjectAccreditedImpl;
import org.exist.security.internal.SubjectImpl;
import org.exist.security.openid.OpenIDUtility;
import org.exist.security.openid.SessionAuthentication;
-import org.exist.security.openid.UserImpl;
+import org.exist.security.openid.AccountImpl;
import org.exist.xquery.util.HTTPUtils;
import org.openid4java.OpenIDException;
import org.openid4java.association.AssociationSessionType;
@@ -299,7 +300,7 @@
Identifier verified = verification.getVerifiedId();
if (verified != null) {
// success
- org.exist.security.Subject principal = new SubjectImpl(new UserImpl(openIDrealm, verified), null);
+ org.exist.security.Subject principal = new SubjectAccreditedImpl(new AccountImpl(openIDrealm, verified), verified);
AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
authSuccess.getExtensions();
Modified: trunk/eXist/src/org/exist/config/Configurator.java
===================================================================
--- trunk/eXist/src/org/exist/config/Configurator.java 2010-08-31 18:16:31 UTC (rev 12618)
+++ trunk/eXist/src/org/exist/config/Configurator.java 2010-08-31 18:51:49 UTC (rev 12619)
@@ -33,8 +33,6 @@
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.lang.reflect.ParameterizedType;
-import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
@@ -260,16 +258,6 @@
String typeName = field.getType().getName();
if (typeName.equals("java.util.List")) {
- System.out.print("Field: " + field.getName() + " - ");
- Type type = field.getGenericType();
- if (type instanceof ParameterizedType) {
- ParameterizedType pType = (ParameterizedType)type;
- System.out.print("Raw type: " + pType.getRawType() + " - ");
- System.out.println("Type args: " + pType.getActualTypeArguments()[0]);
- } else {
- System.out.println("Type: " + field.getType());
- }
-
if (!field.isAnnotationPresent(ConfigurationFieldAsElement.class)) {
LOG.warn("Wrong annotation for strucure: "+field.getName()+", list can't be configurated throw attribute.");
continue;
Modified: trunk/eXist/src/org/exist/security/SecurityManager.java
===================================================================
--- trunk/eXist/src/org/exist/security/SecurityManager.java 2010-08-31 18:16:31 UTC (rev 12618)
+++ trunk/eXist/src/org/exist/security/SecurityManager.java 2010-08-31 18:51:49 UTC (rev 12619)
@@ -49,6 +49,7 @@
public final static XmldbURI SECURITY_COLLETION_URI = XmldbURI.SYSTEM_COLLECTION_URI.append("security");
public final static XmldbURI CONFIG_FILE_URI = XmldbURI.create("config.xml");
+ public final static String SYSTEM = "SYSTEM";
public final static String DBA_GROUP = "dba";
public final static String DBA_USER = "admin";
public final static String GUEST_GROUP = "guest";
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|