Menu
▾
▴
tolven-cvs-commit — Tolven CVS Commit
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(141) |
Sep
(184) |
Oct
(159) |
Nov
(77) |
Dec
(114) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(212) |
Feb
(302) |
Mar
(323) |
Apr
(360) |
May
(302) |
Jun
(392) |
Jul
(299) |
Aug
(858) |
Sep
(499) |
Oct
(489) |
Nov
(324) |
Dec
(438) |
| 2008 |
Jan
(449) |
Feb
(388) |
Mar
(811) |
Apr
(583) |
May
(949) |
Jun
(1431) |
Jul
(943) |
Aug
(527) |
Sep
(576) |
Oct
(440) |
Nov
(1046) |
Dec
(658) |
| 2009 |
Jan
(259) |
Feb
(192) |
Mar
(495) |
Apr
(2322) |
May
(2023) |
Jun
(1387) |
Jul
(722) |
Aug
(771) |
Sep
(167) |
Oct
(142) |
Nov
(384) |
Dec
(884) |
| 2010 |
Jan
(344) |
Feb
(82) |
Mar
(248) |
Apr
(341) |
May
(389) |
Jun
(289) |
Jul
(19) |
Aug
(478) |
Sep
(274) |
Oct
(431) |
Nov
(322) |
Dec
(207) |
| 2011 |
Jan
(125) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Joseph I. <jos...@us...> - 2007-02-04 07:26:24
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv28051/src/org/tolven/web/security Added Files: SecurityFilter.java Log Message: Added SecurityFilter for review. It has not been activated, but will take on all the responsiblity for post login processing of users, as well has access to both the createAccount and selectAccout pages. --- NEW FILE: SecurityFilter.java --- /* * Copyright (C) 2006 Tolven Inc * * This library is free software; you can redistribute it and/or modify it under the terms of * the GNU Lesser General Public License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU Lesser General Public License for more details. * * Contact: in...@to... */ package org.tolven.web.security; import java.io.IOException; import java.security.GeneralSecurityException; import java.security.Principal; import java.security.acl.Group; import java.util.Date; import java.util.Set; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.security.auth.Subject; import javax.security.jacc.PolicyContext; import javax.security.jacc.PolicyContextException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import javax.xml.bind.JAXBException; import org.tolven.core.ActivationLocal; import org.tolven.core.InvitationLocal; import org.tolven.core.bean.InvitationException; import org.tolven.core.entity.AccountUser; import org.tolven.core.entity.Status; import org.tolven.core.entity.TolvenUser; import org.tolven.security.LoginLocal; import org.tolven.security.key.PrivateKeyRing; import org.tolven.security.key.UserPrivateKey; import org.tolven.security.key.UserPublicKey; import org.tolven.web.TolvenContext; import org.tolven.web.TopAction; /** * The original post-login code, which was located in the class TopAction (author John Churin), has been copied to this * location in order to use filters to provide greater flexibility in controlling access to accounts after login * * @author Joseph Isaac */ public class SecurityFilter implements Filter { private ActivationLocal activation; private LoginLocal loginBean; private InvitationLocal invitationBean; private TolvenContext tolvenContext; public void init(FilterConfig config) throws ServletException { try { InitialContext ctx = new InitialContext(); activation = (ActivationLocal) ctx.lookup("tolven/ActivationBean/local"); loginBean = (LoginLocal) ctx.lookup("tolven/LoginBean/local"); invitationBean = (InvitationLocal) ctx.lookup("tolven/InvitationBean/local"); //TODO: This needs to be done once per deployment and thus may need to be moved if (tolvenContext == null) { tolvenContext = new TolvenContext(); tolvenContext.initialize(); } } catch (NamingException e) { throw new ServletException(e); } } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { try { HttpServletRequest request = (HttpServletRequest) servletRequest; Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); if (subject != null) { System.out.println(getClass() + ": Subject=" + subject); Principal principal = null; Object obj = null; for (java.util.Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) { obj = iter.next(); if (obj instanceof Principal && !(obj instanceof Group)) { principal = (Principal) obj; break; } } if (principal == null) { System.out.println(getClass() + ": NO FILTER REDIRECT TO NOWHERE"); ((HttpServletResponse) servletResponse).sendRedirect("nowhere.jsf"); return; } String principalName = principal.getName(); // PHASE ONE: User Authentication HttpSession session = request.getSession(false); TopAction top = (TopAction) session.getAttribute("top"); if (top == null) { System.out.println(getClass() + ": NO TOP REDIRECT TO NOWHERE"); ((HttpServletResponse) servletResponse).sendRedirect("nowhere.jsf"); return; } TolvenUser user = top.getUser(); boolean justLoggedIn = user == null; if (justLoggedIn) { user = activation.loginUser(principalName, (Date) request.getAttribute("tolvenNow")); top.setUser(user); } if ((user == null || Status.NEW_LOGIN.value().equalsIgnoreCase(user.getStatus())) && request.getParameter("invitationId") != null) { // Since we have no user yet, we'll try executing an activation invitation (if it works) long invitationId = Long.parseLong(request.getParameter("invitationId")); Date now = (Date) request.getAttribute("tolvenNow"); if (!loginBean.activate(principalName, invitationId, now)) { System.out.println(getClass() + ": COULD NOT ACTIVATE INVITATION REDIRECT TO NOWHERE"); ((HttpServletResponse) servletResponse).sendRedirect("nowhere.jsf"); return; } // try TolvenUser again user = activation.loginUser(principalName, now); if (user == null) { System.out.println(getClass() + ": COULD NOT COMPLETE ACTIVATION REDIRECT TO NOWHERE"); ((HttpServletResponse) servletResponse).sendRedirect("nowhere.jsf"); return; } else { top.setUser(user); } invitationBean.executeInvitation(invitationId, now); } if (user == null) { System.out.println(getClass() + ": USER IS NULL REDIRECT TO NOWHERE"); ((HttpServletResponse) servletResponse).sendRedirect("nowhere.jsf"); return; } if (!user.hasUserPrivateKey()) { addKeysToUser(user, subject); } // PHASE TWO: Account Authentication Set<PrivateKeyRing> privateCredentials = subject.getPrivateCredentials(PrivateKeyRing.class); if (privateCredentials.isEmpty()) { System.out.println(getClass() + ": NO PRIVATE KEY RING REDIRECT TO NOWHERE"); ((HttpServletResponse) servletResponse).sendRedirect("nowhere.jsf"); return; } PrivateKeyRing privateKeyRing = (PrivateKeyRing) privateCredentials.iterator().next(); String accountUserIdString = request.getParameter("accountUserId"); if (accountUserIdString != null && accountUserIdString.trim().length() > 0) { // User has selected an account home page AccountUser accountUser = activation.findAccountUser(Long.parseLong(accountUserIdString.trim())); if (accountUser == null) { System.out.println(getClass() + ": NO ACCOUNTUSER REDIRECT TO NOWHERE"); ((HttpServletResponse) servletResponse).sendRedirect("nowhere.jsf"); return; } // SAFETY CHECK HERE - Don't trust the accountUserId alone, it must match user. if (accountUser.getUser().getId() != user.getId()) { System.out.println(getClass() + ": ACCOUNTUSER DOES NOT BELONG TO USER REDIRECT TO NOWHERE"); ((HttpServletResponse) servletResponse).sendRedirect("nowhere.jsf"); return; } // Give TolvenUser the AccountPrivateKey for the selected account privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); top.setAccountUser(accountUser); ((HttpServletResponse) servletResponse).sendRedirect(accountUser.getAccount().getAccountType().getHomePage()); return; } // Take away the user's AccountPrivateKey for the current account if one exists privateKeyRing.setAccountPrivateKey(null); if(justLoggedIn) { // Allow through...No password is required } else { // sendRedirect to password page } } } catch (PolicyContextException ex) { ex.printStackTrace(); throw new ServletException(ex); } catch (NamingException ex) { ex.printStackTrace(); throw new ServletException(ex); } catch (InvitationException ex) { ex.printStackTrace(); throw new ServletException(ex); } catch (JAXBException ex) { ex.printStackTrace(); throw new ServletException(ex); } catch (GeneralSecurityException ex) { ex.printStackTrace(); throw new ServletException(ex); } chain.doFilter(servletRequest, servletResponse); } /** * Add Keys from the Subject to what should be a new TolvenUser who is logging in * @throws PolicyContextException * @throws GeneralSecurityException */ private void addKeysToUser(TolvenUser aTolvenUser, Subject subject) throws GeneralSecurityException { Set<PrivateKeyRing> privateCredentials = subject.getPrivateCredentials(PrivateKeyRing.class); if (privateCredentials.isEmpty()) throw new GeneralSecurityException(getClass() + ": No PrivateKeyRing found for " + aTolvenUser.getLdapUID()); UserPrivateKey userPrivateKey = privateCredentials.iterator().next().getUserPrivateKey(); if (userPrivateKey == null) throw new GeneralSecurityException(getClass() + ": No UserPrivateKey found for " + aTolvenUser.getLdapUID()); Set<UserPublicKey> publicCredentials = subject.getPublicCredentials(UserPublicKey.class); if (publicCredentials.isEmpty()) throw new GeneralSecurityException(getClass() + ": No UserPublicKey found for " + aTolvenUser.getLdapUID()); if (!aTolvenUser.hasUserPrivateKey()) { aTolvenUser.setUserPrivateKey(userPrivateKey); aTolvenUser.setUserPublicKey(publicCredentials.iterator().next()); } } public void destroy() { } } |
|
From: Joseph I. <jos...@us...> - 2007-02-04 06:23:54
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2383/src/org/tolven/web Modified Files: TopAction.java Log Message: Shifted the postLogin code to set its accountUser information from one method. Index: TopAction.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/TopAction.java,v retrieving revision 1.33 retrieving revision 1.34 diff -C2 -d -r1.33 -r1.34 *** TopAction.java 23 Jan 2007 09:12:42 -0000 1.33 --- TopAction.java 4 Feb 2007 06:23:53 -0000 1.34 *************** *** 213,224 **** return "dispatch"; } if ("true".equalsIgnoreCase(System.getProperty("tolven.security.keys.activate"))) updatePrivateKeyRing(); ! accountUserId = accountUser.getId(); ! // Save the account Id - we'll need it in subsequent requests ! accountId = accountUser.getAccount().getId(); ! setAccountTitle( accountUser.getAccount().getTitle()); ! setAccountTimeZone( accountUser.getAccount().getTimeZone()); ! accountType = accountUser.getAccount().getAccountType().getKnownType(); // Ensure that this user has a menu structure setup menuLocal.createDefaultMenuStructure( accountUser.getAccount() ); --- 213,230 ---- return "dispatch"; } + setAccountUser(accountUser); if ("true".equalsIgnoreCase(System.getProperty("tolven.security.keys.activate"))) updatePrivateKeyRing(); ! setPostLoginAction(accountUser.getAccount().getAccountType().getHomePage()); ! return "dispatch"; ! } ! ! public void setAccountUser(AccountUser accountUser) throws PolicyContextException, GeneralSecurityException { ! accountUserId = accountUser.getId(); ! // Save the account Id - we'll need it in subsequent requests ! accountId = accountUser.getAccount().getId(); ! setAccountTitle( accountUser.getAccount().getTitle()); ! setAccountTimeZone( accountUser.getAccount().getTimeZone()); ! accountType = accountUser.getAccount().getAccountType().getKnownType(); // Ensure that this user has a menu structure setup menuLocal.createDefaultMenuStructure( accountUser.getAccount() ); *************** *** 229,237 **** accountAdmin = accountUser.isAccountPermission(); - setPostLoginAction(accountUser.getAccount().getAccountType().getHomePage()); - return "dispatch"; } - public Properties getProperties( ) { return System.getProperties(); --- 235,240 ---- |
|
From: Joseph I. <jos...@us...> - 2007-02-03 23:00:35
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv15394/src/org/tolven/security/key Modified Files: PrivateKeyRing.java Log Message: Added method to check for AccountPrivateKey Index: PrivateKeyRing.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key/PrivateKeyRing.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** PrivateKeyRing.java 15 Jan 2007 10:15:08 -0000 1.1 --- PrivateKeyRing.java 3 Feb 2007 23:00:26 -0000 1.2 *************** *** 26,30 **** public PrivateKeyRing(UserPrivateKey aUserPrivateKey) { ! this.userPrivateKey = aUserPrivateKey; } --- 26,30 ---- public PrivateKeyRing(UserPrivateKey aUserPrivateKey) { ! userPrivateKey = aUserPrivateKey; } *************** *** 38,42 **** public void setAccountPrivateKey(AccountPrivateKey anAccountPrivateKey) { ! this.accountPrivateKey = anAccountPrivateKey; } --- 38,46 ---- public void setAccountPrivateKey(AccountPrivateKey anAccountPrivateKey) { ! accountPrivateKey = anAccountPrivateKey; ! } ! ! public boolean hasAccountPrivateKey() { ! return accountPrivateKey != null; } |
|
From: John C. <jc...@us...> - 2007-02-03 19:06:06
|
Update of /cvsroot/tolven/tolvenWEB/web/five In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv12137/web/five Modified Files: personal.xhtml Log Message: Add update button, not rendered Index: personal.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/five/personal.xhtml,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** personal.xhtml 20 Jan 2007 19:25:51 -0000 1.3 --- personal.xhtml 3 Feb 2007 19:05:59 -0000 1.4 *************** *** 43,47 **** </h:panelGrid> <h:outputText value="#{menu.ccr.patientActor.actorObjectID}"/> ! </ui:composition> </body> --- 43,53 ---- </h:panelGrid> <h:outputText value="#{menu.ccr.patientActor.actorObjectID}"/> ! <h:form id="persDetail" onsubmit="return ajaxSubmit2(this);"> ! <h:panelGrid columns="2"> ! <h:outputText value="First name:"/> ! <h:inputText value="#{menu.givenName}"/> ! </h:panelGrid> ! <h:commandButton id="docDetailSubmit" action="#{menu.submitPersonal}" value="Submit"/> ! </h:form> </ui:composition> </body> |
|
From: John C. <jc...@us...> - 2007-02-03 19:04:52
|
Update of /cvsroot/tolven/tolvenWEB/web/five In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv11690/web/five Modified Files: patients.xhtml Log Message: Add new patient button - not rendered Index: patients.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/five/patients.xhtml,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** patients.xhtml 29 Nov 2006 01:35:33 -0000 1.14 --- patients.xhtml 3 Feb 2007 19:04:48 -0000 1.15 *************** *** 10,13 **** --- 10,15 ---- <body> <ui:composition> + <div id="#{menu.element}-pane"> + <script language="JavaScript" type="text/javascript"> // <![CDATA[ *************** *** 78,84 **** </table> </div> ! <h:outputLink value="../wizard/newPatient.jsf" rendered="#{false}"> ! <h:outputText value="Add new patient"/> ! </h:outputLink> </ui:composition> </body> --- 80,88 ---- </table> </div> ! <h:form id="patGen" onsubmit="return ajaxSubmit2(this);" rendered="false"> ! <h:outputText value="-"/> ! <h:commandButton id="patGenAction" action="#{menu.createPatient}" value="Add New Patient"/> ! </h:form> ! </div> </ui:composition> </body> |
|
From: John C. <jc...@us...> - 2007-02-03 18:51:13
|
Update of /cvsroot/tolven/tolvenEJB In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv6164 Modified Files: build.xml Log Message: Add manifest classpath for rules Index: build.xml =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/build.xml,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** build.xml 31 Jan 2007 06:30:33 -0000 1.15 --- build.xml 3 Feb 2007 18:51:12 -0000 1.16 *************** *** 74,78 **** <manifest> <attribute name="Class-Path" ! value="./lib/commons-lang-2.1.jar ./lib/commons-math-1.1.jar ./lib/jaxb-api.jar ./lib/jaxb-impl.jar ./lib/jaxb1-impl.jar ./lib/jsr173_1.0_api.jar"/> </manifest> <zipfileset dir="${httpcore.location}/lib"> --- 74,78 ---- <manifest> <attribute name="Class-Path" ! value="./lib/antlr-2.7.6.jar ./lib/antlr-3.0ea8.jar ./lib/commons-jci-core-1.0-406301.jar ./lib/commons-jci-eclipse-3.2.0.666.jar ./lib/core-3.2.0.666.jar ./lib/stringtemplate-2.3b6.jar ./lib/drools-compiler-3.0.5.jar ./lib/drools-core-3.0.5.jar ./lib/jsr173_1.0_api.jar ./lib/commons-lang-2.1.jar ./lib/commons-math-1.1.jar ./lib/jaxb-api.jar ./lib/jaxb-impl.jar ./lib/jaxb1-impl.jar ./lib/jsr173_1.0_api.jar"/> </manifest> <zipfileset dir="${httpcore.location}/lib"> *************** *** 105,109 **** <fileset dir="${jboss-rules.location}" > <include name="*.jar"/> - <include name="lib/*.jar"/> </fileset> </copy> --- 105,108 ---- |
|
From: John C. <jc...@us...> - 2007-02-03 18:48:16
|
Update of /cvsroot/tolven/tolven/lib/jaxb/lib In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv4032/lib/jaxb/lib Modified Files: jaxb1-impl.jar jaxb-impl.jar jaxb-api.jar jaxb-xjc.jar Log Message: JAXB 2.1 Index: jaxb-impl.jar =================================================================== RCS file: /cvsroot/tolven/tolven/lib/jaxb/lib/jaxb-impl.jar,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 Binary files /tmp/cvsaKJeGc and /tmp/cvsJX4VXp differ Index: jaxb1-impl.jar =================================================================== RCS file: /cvsroot/tolven/tolven/lib/jaxb/lib/jaxb1-impl.jar,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 Binary files /tmp/cvsKNcikj and /tmp/cvsjLOuMw differ Index: jaxb-xjc.jar =================================================================== RCS file: /cvsroot/tolven/tolven/lib/jaxb/lib/jaxb-xjc.jar,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 Binary files /tmp/cvsmev2lp and /tmp/cvsbGOzgD differ Index: jaxb-api.jar =================================================================== RCS file: /cvsroot/tolven/tolven/lib/jaxb/lib/jaxb-api.jar,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 Binary files /tmp/cvs5LBHzD and /tmp/cvs4tH0KR differ |
|
From: John C. <jc...@us...> - 2007-01-31 06:30:42
|
Update of /cvsroot/tolven/tolvenEJB In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv8175 Modified Files: build.xml Log Message: Add rule path to resources included in tolvenEJB.jar Index: build.xml =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/build.xml,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** build.xml 16 Jan 2007 06:14:26 -0000 1.14 --- build.xml 31 Jan 2007 06:30:33 -0000 1.15 *************** *** 36,40 **** <pathelement location="${junit.location}/junit.jar"/> </path> ! <target name="init"> <mkdir dir="${tolvenEJB.location}/build/bin"/> --- 36,45 ---- <pathelement location="${junit.location}/junit.jar"/> </path> ! <taskdef name="xjc" classname="com.sun.tools.xjc.XJCTask"> ! <classpath> ! <fileset dir="${jaxb.location}/lib" includes="*.jar" /> ! <fileset dir="${jaf.location}" includes="*.jar" /> ! </classpath> ! </taskdef> <target name="init"> <mkdir dir="${tolvenEJB.location}/build/bin"/> *************** *** 77,80 **** --- 82,86 ---- <zipfileset dir="${tolvenEJB.location}/conf" prefix="META-INF"/> <zipfileset dir="${tolvenEJB.location}/resources/gen"/> + <zipfileset dir="${tolvenEJB.location}/resources/rules"/> </jar> <copy toDir="${tolvenEJB.location}/build" overwrite="true" preservelastmodified="true"> *************** *** 116,118 **** --- 122,129 ---- source="1.5" sourcepath="${tolvenEJB.location}/src" splitindex="true" use="true" version="true"/> </target> + <target name="gen_trim" description="Generate trim java from XSD"> + <xjc schema="${tolvenEJB.location}/resources/xsd/trim4.xsd" package="org.tolven.trim" + destdir="${tolvenEJB.location}/src" extension="true"> + </xjc> + </target> </project> |
|
From: John C. <jc...@us...> - 2007-01-31 06:22:24
|
Update of /cvsroot/tolven/tolvenEJB/resources/rules In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv4398/resources/rules Log Message: Directory /cvsroot/tolven/tolvenEJB/resources/rules added to the repository |
|
From: John C. <jc...@us...> - 2007-01-31 06:22:24
|
Update of /cvsroot/tolven/tolvenEJB/resources/rules In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv4738/resources/rules Added Files: Sample.drl Log Message: Sample rules for testing --- NEW FILE: Sample.drl --- package org.tolven.rules import org.tolven.rules.DroolsTest; import org.tolven.rules.DroolsTest.Parent; import org.tolven.rules.DroolsTest.Child; import org.tolven.rules.DroolsTest.Account; import org.tolven.doc.entity.DocBase; import java.util.*; import org.tolven.ccr.*; global Account account; global DroolsTest control; /** * When a CCR document is processed, we first explode the document to include each of the types of elements * provided at the top level and at one level down in the body section. For example, each * ResultType is asserted but not the Tests contained within a result. Other rules will further decompose * such components. * In several cases, we need to create a simple wrapper since the classes used in CCR don't always * contain type information. For example, StructuredProductType does not independently identify * the purpose of the object (Medication, immunization, MedicalEquipment, etc). The wrapper works quite * well for rules which can then just select on the class itself rather than having to dig into the object * looking for types codes, etc (if such codes even existed). */ rule "ccr" when $ccr : ContinuityOfCareRecord($version : version == "V1.0") then System.out.println( "Found ccr version: " + $version + " Id: " + $ccr.getCCRDocumentObjectID()); assert( new PatientType( $ccr )); if ($ccr.getBody()!=null) { ContinuityOfCareRecord.Body body = $ccr.getBody(); if (body.getAlerts()!=null) { for (AlertType alert : body.getAlerts().getAlert()) assert( alert ); } if (body.getEncounters()!=null) { for (EncounterType encounter : body.getEncounters().getEncounter()) assert( encounter ); } if (body.getFamilyHistory()!=null) { for (FamilyHistoryType famHX : body.getFamilyHistory().getFamilyProblemHistory()) assert( famHX ); } if (body.getFunctionalStatus()!=null) { for (FunctionType functionalStatus : body.getFunctionalStatus().getFunction()) assert( functionalStatus ); } if (body.getHealthCareProviders()!=null) { for (ActorReferenceType provider : body.getHealthCareProviders().getProvider()) assert( new ProviderType($ccr, provider) ); } if (body.getImmunizations()!=null) { for (StructuredProductType imm : body.getImmunizations().getImmunization()) assert( new ImmunizationType(imm) ); } if (body.getMedicalEquipment()!=null) { for (StructuredProductType equip : body.getMedicalEquipment().getEquipment()) assert( new MedicalEquipmentType(equip) ); } if (body.getMedications()!=null) { for (StructuredProductType med : body.getMedications().getMedication()) assert( new MedicationType(med) ); } if (body.getPayers()!=null) { for (InsuranceType payer : body.getPayers().getPayer()) assert( payer ); } if (body.getPlanOfCare()!=null) { for (PlanType plan : body.getPlanOfCare().getPlan()) assert( plan ); } if (body.getProblems()!=null) { for (ProblemType problem : body.getProblems().getProblem()) assert( problem ); } if (body.getProcedures()!=null) { for (ProcedureType procedure : body.getProcedures().getProcedure()) assert( procedure ); } if (body.getResults()!=null) { for (ResultType result : body.getResults().getResult()) assert( result ); } if (body.getSocialHistory()!=null) { for (SocialHistoryType socialHistory : body.getSocialHistory().getSocialHistoryElement()) assert( socialHistory ); } if (body.getSupport()!=null) { for (ActorReferenceType support : body.getSupport().getSupportProvider()) assert( new SupportProviderType( $ccr, support) ); } if (body.getVitalSigns()!=null) { for (ResultType vs : body.getVitalSigns().getResult()) assert( new VitalSignType( vs) ); } } end rule "ccr patient" when $patient : PatientType() then System.out.println( "Found CCR patient actor: " + $patient.getActor().getPerson().getName().getCurrentName().getFamilyString() ); end rule "ccr alert" when $alert : AlertType( ) then System.out.println( "Found CCR alert: " + $alert.getDescriptionText() ); end rule "ccr problem" when $problem : ProblemType( ) then System.out.println( "Found CCR problem: " + $problem.getDescriptionText() ); end rule "ccr result" when $result : ResultType( ) then System.out.println( "Found CCR result: " + $result.getDescriptionText() ); System.out.println(control.marshalResult( $result)); // Assert the individual tests for (TestType test : $result.getTest()) { assert( test ); } end rule "ccr result - test" when $test : TestType( ) then System.out.println( "Found CCR test: " + $test.getDescriptionText() ); end rule "Parent List" when $p : Parent( $n : name, $c : children ) then System.out.println( "Parent: " + $n + " with " + $c.size() + " children - asserting Children" ); Iterator i = $c.iterator(); while ( i.hasNext() ) assert( i.next() ); end rule "Kid List1" when $p : Parent( $pn : name == "Parent 1") $c : Child( parent==$p, $cn : name ) then System.out.println( "[1]Child: " + $cn + " of parent: " + $pn ); end rule "Kid List2" when // $p : Parent( $pn : name == "Parent 1") $c : Child( pp : parent -> (pp.getName()=="Parent 1"), $cn : name ) then System.out.println( "[2]Child: " + $cn + " of parent: " + pp.getName() ); end rule "Simple equility test" when $string: String() then System.out.println( $string ); end |
|
From: John C. <jc...@us...> - 2007-01-29 06:26:03
|
Update of /cvsroot/tolven/tolvenClient/src/org/tolven/client In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv22147/src/org/tolven/client Modified Files: Test1.java Log Message: Added some more features Index: Test1.java =================================================================== RCS file: /cvsroot/tolven/tolvenClient/src/org/tolven/client/Test1.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** Test1.java 28 Jan 2007 05:51:57 -0000 1.1 --- Test1.java 29 Jan 2007 06:26:02 -0000 1.2 *************** *** 2,8 **** --- 2,10 ---- import java.io.IOException; + import java.security.GeneralSecurityException; import javax.naming.InitialContext; import javax.naming.NamingException; + import javax.security.auth.Subject; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; *************** *** 11,16 **** import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.LoginContext; ! import javax.security.auth.login.LoginException; ! import javax.servlet.http.HttpSession; import org.tolven.core.AccountDAORemote; --- 13,17 ---- import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.LoginContext; ! import javax.security.jacc.PolicyContextException; import org.tolven.core.AccountDAORemote; *************** *** 18,59 **** import org.tolven.core.entity.Account; import org.tolven.core.entity.AccountType; import org.tolven.core.entity.TolvenUser; import org.tolven.doc.DocumentRemote; import org.tolven.doc.entity.DocBase; public class Test1 { public static final long accountId = 11800; public static final long accountTypeId = 100; public static final String uid = "cal"; /** * @param args * @throws NamingException ! * @throws LoginException */ ! public static void main(String[] args) throws NamingException, LoginException { ! ! class UsernamePasswordHandler implements CallbackHandler { ! ! public UsernamePasswordHandler() { ! } ! ! public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { ! int len = callbacks.length; ! Callback cb; ! for(int i=0; i<len; i++) { ! cb = callbacks[i]; ! if(cb instanceof NameCallback) { ! NameCallback ncb = (NameCallback)cb; ! ncb.setName("cal"); ! } ! else if (cb instanceof PasswordCallback) { ! PasswordCallback pcb = (PasswordCallback)cb; ! pcb.setPassword("cal".toCharArray()); ! } else { ! throw new UnsupportedCallbackException(cb, "Unknown callback request"); ! } ! } ! } ! }; InitialContext ctx = new InitialContext(); --- 19,84 ---- import org.tolven.core.entity.Account; import org.tolven.core.entity.AccountType; + import org.tolven.core.entity.AccountUser; import org.tolven.core.entity.TolvenUser; import org.tolven.doc.DocumentRemote; import org.tolven.doc.entity.DocBase; + import org.tolven.security.LoginRemote; + import org.tolven.security.key.PrivateKeyRing; + import org.tolven.security.key.UserKeyRing; + import org.tolven.security.key.UserPrivateKey; public class Test1 { + // Change these for your implementation public static final long accountId = 11800; public static final long accountTypeId = 100; public static final String uid = "cal"; + public static final String password = "cal"; + + static protected void setupPrivateKeyRing(AccountUser accountUser, Subject subject, UserKeyRing userKeyRing) throws PolicyContextException, GeneralSecurityException, IOException { + UserPrivateKey userPrivateKey = null; + userPrivateKey = userKeyRing.getUserPrivateKey(); + userPrivateKey.unlockPrivateKey("cal".toCharArray()); + PrivateKeyRing privateKeyRing = new PrivateKeyRing(userPrivateKey); + subject.getPrivateCredentials().add(privateKeyRing); + privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); + } + + static class UsernamePasswordHandler implements CallbackHandler { + String username; + char[] password; + + public UsernamePasswordHandler(String username, char[] password) { + this.username = username; + this.password = password; + } + + public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { + int len = callbacks.length; + Callback cb; + for(int i=0; i<len; i++) { + cb = callbacks[i]; + if(cb instanceof NameCallback) { + NameCallback ncb = (NameCallback)cb; + ncb.setName(username); + } + else if (cb instanceof PasswordCallback) { + PasswordCallback pcb = (PasswordCallback)cb; + pcb.setPassword(password); + } else { + throw new UnsupportedCallbackException(cb, "Unknown callback request"); + } + } + } + }; + /** + * Simple test calling Tolven via J2EE remote * @param args * @throws NamingException ! * @throws GeneralSecurityException ! * @throws PolicyContextException ! * @throws IOException */ ! public static void main(String[] args) throws NamingException, PolicyContextException, GeneralSecurityException, IOException { InitialContext ctx = new InitialContext(); *************** *** 63,96 **** AccountDAORemote accountBean = (AccountDAORemote) ctx.lookup("tolven/AccountDAOBean/remote"); ActivationRemote activationBean = (ActivationRemote) ctx.lookup("tolven/ActivationBean/remote"); // Un protected at this point long docCount = docBean.countDocuments(accountId); System.out.println("Account " + accountId + " has " + docCount + " doucments"); ! // This is unprotected (and works) System.out.println("Attempting to get AccountType: " + accountTypeId); AccountType accountType = accountBean.findAccountType( accountTypeId); System.out.println("AccountType " + accountType.getId() + " Known Type: " + accountType.getKnownType()); ! // This is unprotected (and works) System.out.println("Attempting to get Account: " + accountId); Account account = accountBean.findAccount( accountId); System.out.println("Account: " + account.getId() + " Title: " + account.getTitle()); // Login now System.out.println("Attempting to log in"); System.setProperty("java.security.auth.login.config", "tolven.auth"); ! UsernamePasswordHandler handler = new UsernamePasswordHandler(); LoginContext lc = new LoginContext("tolvenLDAP", handler); lc.login(); // ActivationBean is in the tolvenLDAP security domain so unless we present credentials, we're not // getting in. System.out.println("Attempting to get TolvenUser: " + uid); TolvenUser user = activationBean.findUser( uid ); System.out.println("User " + user.getId() + " Last login: " + user.getLastLogin()); ! // This is unprotected ! DocBase doc = docBean.findDocument(50320); ! System.out.println("Doc " + doc.getId() + " Status: " + doc.getStatus()); lc.logout(); --- 88,146 ---- AccountDAORemote accountBean = (AccountDAORemote) ctx.lookup("tolven/AccountDAOBean/remote"); ActivationRemote activationBean = (ActivationRemote) ctx.lookup("tolven/ActivationBean/remote"); + LoginRemote loginBean = (LoginRemote) ctx.lookup("tolven/LoginBean/remote"); + // System.setProperty("tolven.security.keys.activate", "true"); // Un protected at this point long docCount = docBean.countDocuments(accountId); System.out.println("Account " + accountId + " has " + docCount + " doucments"); ! // Find accountType ! // This is unprotected (no login required) ! // Benign - no need to protect System.out.println("Attempting to get AccountType: " + accountTypeId); AccountType accountType = accountBean.findAccountType( accountTypeId); System.out.println("AccountType " + accountType.getId() + " Known Type: " + accountType.getKnownType()); ! // Get an account ! // This is unprotected (no login required) ! // Should require a user to login System.out.println("Attempting to get Account: " + accountId); Account account = accountBean.findAccount( accountId); System.out.println("Account: " + account.getId() + " Title: " + account.getTitle()); + + // Get accountUser + // This is unprotected (no login required) + System.out.println("Attempting to get AccountUser for user: " + uid + " Account: "+ accountId); + AccountUser accountUser = accountBean.findAccountUser( uid, accountId); + System.out.println("Get AccountUser id: " + accountUser.getId()); + + // This is unprotected + DocBase doc = docBean.findDocument(50320); + System.out.println("Doc " + doc.getId() + " Status: " + doc.getStatus()); // Login now System.out.println("Attempting to log in"); System.setProperty("java.security.auth.login.config", "tolven.auth"); ! UsernamePasswordHandler handler = new UsernamePasswordHandler(uid, password.toCharArray()); LoginContext lc = new LoginContext("tolvenLDAP", handler); lc.login(); + // This isn't actually used because we've commented the decryption below. + if ("true".equalsIgnoreCase(System.getProperty("tolven.security.keys.activate"))) { + setupPrivateKeyRing( accountUser, lc.getSubject(), loginBean.findUserKeyRing(uid) ); + } + System.out.println("User logged in as:" + lc.getSubject().getPrincipals()); + + // This is protected and only works if the user is logged in. // ActivationBean is in the tolvenLDAP security domain so unless we present credentials, we're not // getting in. + // But this does not limit the users which this user can access! So it's really empty security right now. System.out.println("Attempting to get TolvenUser: " + uid); TolvenUser user = activationBean.findUser( uid ); System.out.println("User " + user.getId() + " Last login: " + user.getLastLogin()); ! // // This is protected and requires a key to decrypt. ! // // We can't actually perform this without a hack in DocBase. ! // String content = new String(doc.getDecryptedContent( lc.getSubject())); ! // System.out.println("Doc contents: " + content.substring(0,150)); lc.logout(); |
|
From: John C. <jc...@us...> - 2007-01-29 01:56:55
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/bean In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv7686/src/org/tolven/security/bean Modified Files: LoginBean.java Log Message: Add remote interface to LoginBean Index: LoginBean.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/bean/LoginBean.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** LoginBean.java 20 Jan 2007 19:23:16 -0000 1.3 --- LoginBean.java 29 Jan 2007 01:56:54 -0000 1.4 *************** *** 9,12 **** --- 9,13 ---- import javax.ejb.EJBContext; import javax.ejb.Local; + import javax.ejb.Remote; import javax.ejb.Stateless; import javax.naming.NamingException; *************** *** 27,35 **** import org.tolven.security.LDAPLocal; import org.tolven.security.LoginLocal; import org.tolven.security.TolvenPerson; import org.tolven.security.key.UserKeyRing; @Stateless ! @Local(LoginLocal.class) ! public class LoginBean implements LoginLocal { @PersistenceContext private EntityManager em; --- 28,38 ---- import org.tolven.security.LDAPLocal; import org.tolven.security.LoginLocal; + import org.tolven.security.LoginRemote; import org.tolven.security.TolvenPerson; import org.tolven.security.key.UserKeyRing; @Stateless ! @Local(LoginLocal.class) ! @Remote(LoginRemote.class) ! public class LoginBean implements LoginLocal, LoginRemote { @PersistenceContext private EntityManager em; |
|
From: John C. <jc...@us...> - 2007-01-29 01:56:55
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv7686/src/org/tolven/security Added Files: LoginRemote.java Log Message: Add remote interface to LoginBean --- NEW FILE: LoginRemote.java --- package org.tolven.security; import org.tolven.security.key.UserKeyRing; public interface LoginRemote { /** * Find a UserKeyPair for aPrincipal * @param aPrincipal * @return */ public UserKeyRing findUserKeyRing(String aPrincipal); } |
|
From: John C. <jc...@us...> - 2007-01-29 01:55:41
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv7262/src/org/tolven/core Modified Files: AccountDAORemote.java AccountDAOLocal.java Log Message: Add findAccountUser method (given username and account, return AccountUser or null) Index: AccountDAORemote.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/AccountDAORemote.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** AccountDAORemote.java 28 Jan 2007 06:03:55 -0000 1.1 --- AccountDAORemote.java 29 Jan 2007 01:55:37 -0000 1.2 *************** *** 3,6 **** --- 3,7 ---- import org.tolven.core.entity.Account; import org.tolven.core.entity.AccountType; + import org.tolven.core.entity.AccountUser; public interface AccountDAORemote { *************** *** 18,20 **** --- 19,27 ---- */ public AccountType findAccountType( long id ); + + /** + * Find an accountUser given the username and account id. + */ + public AccountUser findAccountUser( String username, long accountId); + } Index: AccountDAOLocal.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/AccountDAOLocal.java,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** AccountDAOLocal.java 20 Jan 2007 19:23:17 -0000 1.12 --- AccountDAOLocal.java 29 Jan 2007 01:55:37 -0000 1.13 *************** *** 62,72 **** ! /** ! * @see ActivationBean */ public AccountUser addAccountUser(Account account, TolvenUser user, Date now, boolean accountPermission ); /** ! * @see ActivationBean */ public AccountUser inviteAccountUser(Account account, AccountUser accountUser, TolvenUser invidtedUser, UserPrivateKey anInviterPrivateKey, Date now, boolean accountPermission ); --- 62,77 ---- ! /** ! * Find an accountUser given the username and account id. ! */ ! public AccountUser findAccountUser( String username, long accountId); ! ! /** ! * @see AccountDAOBean */ public AccountUser addAccountUser(Account account, TolvenUser user, Date now, boolean accountPermission ); /** ! * @see AccountDAOBean */ public AccountUser inviteAccountUser(Account account, AccountUser accountUser, TolvenUser invidtedUser, UserPrivateKey anInviterPrivateKey, Date now, boolean accountPermission ); |
|
From: John C. <jc...@us...> - 2007-01-29 01:55:41
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv7262/src/org/tolven/core/bean Modified Files: AccountDAOBean.java Log Message: Add findAccountUser method (given username and account, return AccountUser or null) Index: AccountDAOBean.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/AccountDAOBean.java,v retrieving revision 1.24 retrieving revision 1.25 diff -C2 -d -r1.24 -r1.25 *** AccountDAOBean.java 28 Jan 2007 06:52:29 -0000 1.24 --- AccountDAOBean.java 29 Jan 2007 01:55:40 -0000 1.25 *************** *** 157,161 **** } } ! /** * Associate a user with an account --- 157,185 ---- } } ! /** ! * Find an accountUser given the username and account id. ! */ ! public AccountUser findAccountUser( String username, long accountId) { ! // Example of using tradional-style SQL joins ! Query q = em.createQuery("SELECT au FROM AccountUser au, TolvenUser u, Account a " + ! "WHERE au.account = a " + ! "AND a.id = :accountId " + ! "AND au.user = u " + ! "AND u.ldapUID = :username " + ! "AND u.status = 'active' " + ! "AND au.status = 'active' "); ! q.setParameter("accountId", accountId); ! q.setParameter("username", username); ! List<AccountUser> rslt = q.getResultList(); ! AccountUser au = null; ! if (rslt.size()==1) { ! au = rslt.get(0); ! // Touch the releated objects so they are for sure in memory (in case of lazy fetch) ! au.getAccount().getId(); ! au.getUser().getId(); ! } ! return au; ! } ! /** * Associate a user with an account |
|
From: John C. <jc...@us...> - 2007-01-28 06:53:52
|
Update of /cvsroot/tolven/tolven/jboss-config In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv19140/jboss-config Modified Files: login-config.xml Log Message: Move KeyLoginModule to EJB Index: login-config.xml =================================================================== RCS file: /cvsroot/tolven/tolven/jboss-config/login-config.xml,v retrieving revision 1.16 retrieving revision 1.17 diff -C2 -d -r1.16 -r1.17 *** login-config.xml 20 Jan 2007 04:48:24 -0000 1.16 --- login-config.xml 28 Jan 2007 06:53:51 -0000 1.17 *************** *** 93,97 **** <module-option name="roleAttributeIsDN">false </module-option> </login-module> ! <login-module code="org.tolven.web.security.auth.KeyLoginModule" flag="required"> </login-module> --- 93,97 ---- <module-option name="roleAttributeIsDN">false </module-option> </login-module> ! <login-module code="org.tolven.security.auth.KeyLoginModule" flag="required"> </login-module> |
|
From: John C. <jc...@us...> - 2007-01-28 06:52:35
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/auth In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv18714/src/org/tolven/web/security/auth Removed Files: KeyLoginModule.java Log Message: Add serializable to support remote client, move KeyLoginModule to EJB --- KeyLoginModule.java DELETED --- |
|
From: John C. <jc...@us...> - 2007-01-28 06:52:32
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv18670/src/org/tolven/doc/entity Modified Files: DocXML.java Log Message: Add serializable to support remote client, move KeyLoginModule to EJB Index: DocXML.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity/DocXML.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** DocXML.java 20 Jan 2007 19:23:17 -0000 1.4 --- DocXML.java 28 Jan 2007 06:52:29 -0000 1.5 *************** *** 15,18 **** --- 15,19 ---- import java.io.IOException; + import java.io.Serializable; import java.io.StringReader; import java.io.StringWriter; *************** *** 34,38 **** @Entity @DiscriminatorValue("XML") ! public class DocXML extends DocBase { /** --- 35,39 ---- @Entity @DiscriminatorValue("XML") ! public class DocXML extends DocBase implements Serializable{ /** *************** *** 41,46 **** private static final long serialVersionUID = 2L; ! @Transient ! private Object binding; @Column(name="XML_NS") --- 42,47 ---- private static final long serialVersionUID = 2L; ! // @Transient ! // private Object binding; @Column(name="XML_NS") *************** *** 78,87 **** } ! /** ! * Used for unit testing only ! */ ! public void resetBinding( ) { ! binding = null; ! } public String getXmlName() { --- 79,88 ---- } ! // /** ! // * Used for unit testing only ! // */ ! // public void resetBinding( ) { ! // binding = null; ! // } public String getXmlName() { |
|
From: John C. <jc...@us...> - 2007-01-28 06:52:32
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core/entity In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv18670/src/org/tolven/core/entity Modified Files: AccountUser.java Log Message: Add serializable to support remote client, move KeyLoginModule to EJB Index: AccountUser.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/entity/AccountUser.java,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** AccountUser.java 16 Jan 2007 06:22:24 -0000 1.9 --- AccountUser.java 28 Jan 2007 06:52:29 -0000 1.10 *************** *** 57,65 **** private boolean defaultAccount; ! /** ! * References the document authorizing the current state of this setting. ! */ ! @ManyToOne ! private DocBase authority; @Temporal(TemporalType.TIMESTAMP) --- 57,65 ---- private boolean defaultAccount; ! // /** ! // * References the document authorizing the current state of this setting. ! // */ ! // @ManyToOne ! // private DocBase authority; @Temporal(TemporalType.TIMESTAMP) *************** *** 160,174 **** return new Long( getId()).hashCode(); } ! /** ! * This indicates the document, and thus the user, authorizing the assignment of this user to this account. This ! * information is visible to all AccountAdministrators and cannot be erased or hidden from their view. ! */ ! public DocBase getAuthority() { ! return authority; ! } ! ! public void setAuthority(DocBase authority) { ! this.authority = authority; ! } /** --- 160,174 ---- return new Long( getId()).hashCode(); } ! // /** ! // * This indicates the document, and thus the user, authorizing the assignment of this user to this account. This ! // * information is visible to all AccountAdministrators and cannot be erased or hidden from their view. ! // */ ! // public DocBase getAuthority() { ! // return authority; ! // } ! // ! // public void setAuthority(DocBase authority) { ! // this.authority = authority; ! // } /** |
|
From: John C. <jc...@us...> - 2007-01-28 06:52:32
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/bean In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv18670/src/org/tolven/doc/bean Modified Files: DocumentBean.java Log Message: Add serializable to support remote client, move KeyLoginModule to EJB Index: DocumentBean.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/bean/DocumentBean.java,v retrieving revision 1.19 retrieving revision 1.20 diff -C2 -d -r1.19 -r1.20 *** DocumentBean.java 27 Jan 2007 19:07:05 -0000 1.19 --- DocumentBean.java 28 Jan 2007 06:52:29 -0000 1.20 *************** *** 38,41 **** --- 38,42 ---- import org.tolven.admin.AdministrativeDetail; import org.tolven.admin.Details; + import org.tolven.ccr.ContinuityOfCareRecord; import org.tolven.core.TolvenPropertiesLocal; import org.tolven.core.entity.Account; *************** *** 99,103 **** String oid = System.getProperty("tolven.repository.oid"); doc.setMediaType("text/xml"); ! doc.createCCR(oid); return doc; } --- 100,110 ---- String oid = System.getProperty("tolven.repository.oid"); doc.setMediaType("text/xml"); ! doc.setXmlNS("urn:astm-org:CCR"); ! doc.setXmlName("ContinuityOfCareRecord"); ! // ContinuityOfCareRecord newCCR = new ContinuityOfCareRecord(); ! // newCCR.setCCRDocumentObjectID(oid + "."+ Long.toString(doc.getId()) ); ! // // We're done with the graph, marshall to XML ! // newCCR.setVersion("V1.0"); ! em.persist(doc); return doc; } |
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv18670/src/org/tolven/security/key Modified Files: AccountPrivateKey.java UserPublicKey.java TolvenEncryptedPrivateKey.java AccountPublicKey.java UserPrivateKey.java Log Message: Add serializable to support remote client, move KeyLoginModule to EJB Index: UserPrivateKey.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key/UserPrivateKey.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** UserPrivateKey.java 2 Jan 2007 04:29:26 -0000 1.3 --- UserPrivateKey.java 28 Jan 2007 06:52:29 -0000 1.4 *************** *** 46,50 **** public class UserPrivateKey extends TolvenEncryptedPrivateKey implements Serializable { ! private static final String NOT_INITIALIZED = "UserPrivateKey not initialized"; private static final String INITIALIZED = "UserPrivateKey already initialized"; private static final String KEY_LOCKED = "UserPrivateKey is locked"; --- 46,51 ---- public class UserPrivateKey extends TolvenEncryptedPrivateKey implements Serializable { ! private static final long serialVersionUID = 1L; ! private static final String NOT_INITIALIZED = "UserPrivateKey not initialized"; private static final String INITIALIZED = "UserPrivateKey already initialized"; private static final String KEY_LOCKED = "UserPrivateKey is locked"; Index: UserPublicKey.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key/UserPublicKey.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** UserPublicKey.java 1 Jan 2007 10:04:21 -0000 1.1 --- UserPublicKey.java 28 Jan 2007 06:52:29 -0000 1.2 *************** *** 14,17 **** --- 14,19 ---- package org.tolven.security.key; + import java.io.Serializable; + import javax.persistence.Embeddable; *************** *** 23,29 **** */ @Embeddable ! public class UserPublicKey extends TolvenPublicKey { ! protected static final String NOT_INITIALIZED = "UserPublicKey not initialized"; /** --- 25,32 ---- */ @Embeddable ! public class UserPublicKey extends TolvenPublicKey implements Serializable{ ! private static final long serialVersionUID = 1L; ! protected static final String NOT_INITIALIZED = "UserPublicKey not initialized"; /** Index: AccountPublicKey.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key/AccountPublicKey.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** AccountPublicKey.java 1 Jan 2007 10:04:21 -0000 1.1 --- AccountPublicKey.java 28 Jan 2007 06:52:29 -0000 1.2 *************** *** 14,17 **** --- 14,19 ---- package org.tolven.security.key; + import java.io.Serializable; + import javax.persistence.Embeddable; *************** *** 23,29 **** */ @Embeddable ! public class AccountPublicKey extends TolvenPublicKey { ! protected static final String NOT_INITIALIZED = "AccountPublicKey not initialized"; /** --- 25,33 ---- */ @Embeddable ! public class AccountPublicKey extends TolvenPublicKey implements Serializable { ! private static final long serialVersionUID = 1L; ! ! protected static final String NOT_INITIALIZED = "AccountPublicKey not initialized"; /** Index: TolvenEncryptedPrivateKey.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key/TolvenEncryptedPrivateKey.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** TolvenEncryptedPrivateKey.java 2 Jan 2007 04:29:26 -0000 1.2 --- TolvenEncryptedPrivateKey.java 28 Jan 2007 06:52:29 -0000 1.3 *************** *** 16,19 **** --- 16,21 ---- import javax.crypto.EncryptedPrivateKeyInfo; import java.io.IOException; + import java.io.Serializable; + import javax.persistence.*; *************** *** 25,29 **** */ @MappedSuperclass ! public abstract class TolvenEncryptedPrivateKey { @Lob --- 27,31 ---- */ @MappedSuperclass ! public abstract class TolvenEncryptedPrivateKey implements Serializable { @Lob Index: AccountPrivateKey.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/security/key/AccountPrivateKey.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** AccountPrivateKey.java 2 Jan 2007 04:29:26 -0000 1.3 --- AccountPrivateKey.java 28 Jan 2007 06:52:29 -0000 1.4 *************** *** 41,45 **** public class AccountPrivateKey extends TolvenEncryptedPrivateKey implements Serializable { ! private static final String NOT_INITIALIZED = "AccountPrivateKey not initialized"; private static final String INITIALIZED = "AccountPrivateKey already initialized"; public static final String ACCOUNT_PRIVATE_KEY_ALGORITHM_PROP = "tolven.security.account.privateKeyAlgorithm"; --- 41,46 ---- public class AccountPrivateKey extends TolvenEncryptedPrivateKey implements Serializable { ! private static final long serialVersionUID = 1L; ! private static final String NOT_INITIALIZED = "AccountPrivateKey not initialized"; private static final String INITIALIZED = "AccountPrivateKey already initialized"; public static final String ACCOUNT_PRIVATE_KEY_ALGORITHM_PROP = "tolven.security.account.privateKeyAlgorithm"; |
|
From: John C. <jc...@us...> - 2007-01-28 06:52:32
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/security/auth In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv18670/src/org/tolven/security/auth Added Files: KeyLoginModule.java Log Message: Add serializable to support remote client, move KeyLoginModule to EJB --- NEW FILE: KeyLoginModule.java --- /* * Copyright (C) 2006 Tolven Inc * * This library is free software; you can redistribute it and/or modify it under the terms of * the GNU Lesser General Public License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU Lesser General Public License for more details. * * Contact: in...@to... */ package org.tolven.security.auth; import java.io.IOException; import java.security.Principal; import java.security.PublicKey; import java.security.acl.Group; import java.util.Arrays; import java.util.Enumeration; import java.util.Iterator; import java.util.Map; import javax.naming.InitialContext; import javax.security.auth.Subject; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; import org.tolven.core.ActivationLocal; import org.tolven.security.LoginLocal; import org.tolven.security.TolvenPrincipal; import org.tolven.security.acl.TolvenGroup; import org.tolven.security.key.PrivateKeyRing; import org.tolven.security.key.UserKeyRing; import org.tolven.security.key.UserPrivateKey; import org.tolven.security.key.UserPublicKey; /** * This LoginModule does not verify username/password directly and MUST be proceeded by a LoginModule which does. * However, it is responsible for adding credentials to a Subject, and while adding a UserPrivateKey, it will attempt * unlock the UserPrivateKey with the provided password. If the password is not correct, then the login will fail. * The UserPrivateKey is placed in a PrivateKeyRing, and it is the PrivateKeyRing which is added to the privateCredentials * of the Subject. * * @author Joseph Isaac * */ public class KeyLoginModule implements LoginModule { private Subject subject = null; private CallbackHandler callbackHandler = null; private String principalName; private char[] password; public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> arg2, Map<String, ?> arg3) { System.out.println(getClass() + "initialize()"); this.subject = subject; this.callbackHandler = callbackHandler; } public boolean login() throws LoginException { System.out.println(getClass() + " begin login"); if (callbackHandler == null) throw new LoginException("No CallbackHandler"); NameCallback nc = new NameCallback("User name: "); PasswordCallback pc = new PasswordCallback("Password: ", false); Callback[] callbacks = { nc, pc }; try { callbackHandler.handle(callbacks); principalName = nc.getName(); if (principalName == null) throw new LoginException("null principalName not permitted"); char[] tmpPassword = pc.getPassword(); if (tmpPassword == null) throw new LoginException("null password not permitted"); password = new char[tmpPassword.length]; System.arraycopy(tmpPassword, 0, password, 0, tmpPassword.length); pc.clearPassword(); } catch (IOException e) { LoginException le = new LoginException("Failed to get principalName/password"); le.initCause(e); throw le; } catch (UnsupportedCallbackException e) { LoginException le = new LoginException("CallbackHandler does not support: " + e.getCallback()); le.initCause(e); throw le; } return true; } public boolean commit() throws LoginException { System.out.println(getClass() + ": begin commit"); try { // TolvenPrncipal: Ensure there is only one Group called Roles Group group = null; for (Iterator iter = subject.getPrincipals(Group.class).iterator(); iter.hasNext();) { group = (Group) iter.next(); if ("Roles".equalsIgnoreCase(group.getName())) break; group = null; } if (group == null) { } else { } if (group == null) group = new TolvenGroup("Roles"); // TODO: Currently we do not distinguish by role. When roles are supported in LDAP this code can be removed boolean allRolesExists = false; Principal groupName = null; for (Enumeration e = group.members(); e.hasMoreElements();) { groupName = (Principal) e.nextElement(); if ("*".equalsIgnoreCase(groupName.getName())) { allRolesExists = true; break; } } if (!allRolesExists) group.addMember(new TolvenPrincipal("*")); if ("true".equalsIgnoreCase(System.getProperty("tolven.security.keys.activate"))) { // Obtain the UserKeyPair if it exists InitialContext ictx = new InitialContext(); LoginLocal activation = (LoginLocal) ictx.lookup("tolven/LoginBean/local"); if (activation == null) throw new LoginException(getClass() + ": Could not locate the LoginLocal"); UserPrivateKey userPrivateKey = null; UserPublicKey userPublicKey = null; UserKeyRing userKeyRing = activation.findUserKeyRing(principalName); if (userKeyRing == null || userKeyRing.getUserPrivateKey() == null) { // Create the keys System.out.println("Create new keys for " + principalName); userPrivateKey = UserPrivateKey.getInstance(); PublicKey publicKey = userPrivateKey.init(password); userPublicKey = UserPublicKey.getInstance(); userPublicKey.init(publicKey); } else { userPrivateKey = userKeyRing.getUserPrivateKey(); userPublicKey = userKeyRing.getUserPublicKey(); } userPrivateKey.unlockPrivateKey(password); // Populate the Subject System.out.println(getClass() + ": Adding UserPrivateKey to Subject " + principalName); // UserPrivateKey: Ensure there is only one PrivateKeyRing in a Subject by removing any that might be there for (Iterator iter = subject.getPrivateCredentials(PrivateKeyRing.class).iterator(); iter.hasNext();) { iter.next(); iter.remove(); } subject.getPrivateCredentials().add(new PrivateKeyRing(userPrivateKey)); System.out.println(getClass() + ": Adding getUserPublicKey to Subject " + principalName); // UserPublicKey: Ensure there is only one UserPublicKey in a Subject by removing any that might be there for (Iterator iter = subject.getPublicCredentials(UserPublicKey.class).iterator(); iter.hasNext();) { iter.next(); iter.remove(); } subject.getPublicCredentials().add(userPublicKey); } System.out.println(getClass() + ": completing login for " + principalName); } catch (Exception ex) { ex.printStackTrace(); throw new LoginException(ex.getMessage()); } return true; } public boolean abort() throws LoginException { removeAllCredentials(); return true; } public boolean logout() throws LoginException { removeAllCredentials(); return true; } private void removeAllCredentials() throws LoginException { callbackHandler = null; principalName = null; Arrays.fill(password, '0'); password = null; try { // Remove PrivateKeyRing if (subject != null) { for (Iterator iter = subject.getPrivateCredentials(PrivateKeyRing.class).iterator(); iter.hasNext();) { iter.next(); iter.remove(); } // Remove all UserPublicKey for (Iterator iter = subject.getPrivateCredentials(UserPublicKey.class).iterator(); iter.hasNext();) { iter.next(); iter.remove(); } } } catch (Exception ex) { ex.printStackTrace(); throw new LoginException(ex.getMessage()); } finally { subject = null; } } } |
|
From: John C. <jc...@us...> - 2007-01-28 06:52:32
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv18670/src/org/tolven/core/bean Modified Files: AccountDAOBean.java ActivationBean.java Log Message: Add serializable to support remote client, move KeyLoginModule to EJB Index: AccountDAOBean.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/AccountDAOBean.java,v retrieving revision 1.23 retrieving revision 1.24 diff -C2 -d -r1.23 -r1.24 *** AccountDAOBean.java 23 Jan 2007 09:12:46 -0000 1.23 --- AccountDAOBean.java 28 Jan 2007 06:52:29 -0000 1.24 *************** *** 26,29 **** --- 26,30 ---- import org.tolven.core.AccountDAOLocal; + import org.tolven.core.AccountDAORemote; import org.tolven.core.SponsoredUser; import org.tolven.core.entity.Account; *************** *** 44,48 **** @Stateless() @Local(AccountDAOLocal.class) ! public class AccountDAOBean implements org.tolven.core.AccountDAOLocal { @PersistenceContext private EntityManager em; --- 45,50 ---- @Stateless() @Local(AccountDAOLocal.class) ! @Remote(AccountDAORemote.class) ! public class AccountDAOBean implements AccountDAOLocal, AccountDAORemote { @PersistenceContext private EntityManager em; Index: ActivationBean.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/core/bean/ActivationBean.java,v retrieving revision 1.30 retrieving revision 1.31 diff -C2 -d -r1.30 -r1.31 *** ActivationBean.java 23 Jan 2007 09:12:46 -0000 1.30 --- ActivationBean.java 28 Jan 2007 06:52:29 -0000 1.31 *************** *** 23,26 **** --- 23,27 ---- import javax.ejb.EJBContext; import javax.ejb.Local; + import javax.ejb.Remote; import javax.ejb.Stateless; import javax.naming.NamingException; *************** *** 36,39 **** --- 37,41 ---- import org.jboss.annotation.security.SecurityDomain; import org.tolven.core.ActivationLocal; + import org.tolven.core.ActivationRemote; import org.tolven.core.entity.Account; import org.tolven.core.entity.AccountUser; *************** *** 55,60 **** @Stateless @Local(ActivationLocal.class) @SecurityDomain("tolvenLDAP") ! public class ActivationBean implements ActivationLocal { @PersistenceContext private EntityManager em; --- 57,63 ---- @Stateless @Local(ActivationLocal.class) + @Remote(ActivationRemote.class) @SecurityDomain("tolvenLDAP") ! public class ActivationBean implements ActivationLocal, ActivationRemote { @PersistenceContext private EntityManager em; |
|
From: John C. <jc...@us...> - 2007-01-28 06:05:52
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv31304/src/org/tolven/doc/entity Modified Files: DocCCR.java Log Message: Add serializable, remove unused method. Index: DocCCR.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/entity/DocCCR.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** DocCCR.java 20 Jan 2007 19:23:17 -0000 1.5 --- DocCCR.java 28 Jan 2007 06:05:51 -0000 1.6 *************** *** 15,18 **** --- 15,19 ---- import java.io.IOException; + import java.io.Serializable; import java.util.ArrayList; import java.util.HashMap; *************** *** 33,37 **** @Entity @DiscriminatorValue("CCR") ! public class DocCCR extends DocXML { /** --- 34,38 ---- @Entity @DiscriminatorValue("CCR") ! public class DocCCR extends DocXML implements Serializable{ /** *************** *** 43,48 **** private int uniqueIDSeq; ! @Transient ! private ContinuityOfCareRecord newCCR; public DocCCR() { --- 44,49 ---- private int uniqueIDSeq; ! // @Transient ! // private ContinuityOfCareRecord newCCR; public DocCCR() { *************** *** 50,75 **** } ! /** ! * The constructor for this class is not sufficient to create a CCR document. This method ! * actually create the document. ! * This method does the things needed to initialize a new CCR document. Creating a unique ID for the CCR document is ! * a bit of a catch 22 since we want to base it on the PK id of this document. We take care of this by persisting ! * immediately after the CCR document is created (although it still could be rollled back) but before this method is called. this yields us a valid Id to ! * use in order to identify this object. ! * We're not going to marshall this graph until we're all done and ready to persist the document. ! * So in the meantime, we remember the ! * graph in a a transient variable. We'll add the ID and marshall to XML when persisting. ! * @throws CCRException ! * @throws CCRException ! */ ! public void createCCR( String OID ) throws CCRException { ! checkEditable(); ! newCCR = new ContinuityOfCareRecord(); ! newCCR.setCCRDocumentObjectID(OID + "."+ Long.toString(getId()) ); ! // We're done with the graph, marshall to XML ! setXmlNS("urn:astm-org:CCR"); ! setXmlName("ContinuityOfCareRecord"); ! newCCR.setVersion("V1.0"); ! } public void checkEditable() throws CCRException { --- 51,76 ---- } ! // /** ! // * The constructor for this class is not sufficient to create a CCR document. This method ! // * actually create the document. ! // * This method does the things needed to initialize a new CCR document. Creating a unique ID for the CCR document is ! // * a bit of a catch 22 since we want to base it on the PK id of this document. We take care of this by persisting ! // * immediately after the CCR document is created (although it still could be rollled back) but before this method is called. this yields us a valid Id to ! // * use in order to identify this object. ! // * We're not going to marshall this graph until we're all done and ready to persist the document. ! // * So in the meantime, we remember the ! // * graph in a a transient variable. We'll add the ID and marshall to XML when persisting. ! // * @throws CCRException ! // * @throws CCRException ! // */ ! // public void createCCR( String OID ) throws CCRException { ! // checkEditable(); ! // newCCR = new ContinuityOfCareRecord(); ! // newCCR.setCCRDocumentObjectID(OID + "."+ Long.toString(getId()) ); ! // // We're done with the graph, marshall to XML ! // setXmlNS("urn:astm-org:CCR"); ! // setXmlName("ContinuityOfCareRecord"); ! // newCCR.setVersion("V1.0"); ! // } public void checkEditable() throws CCRException { |
|
From: John C. <jc...@us...> - 2007-01-28 06:03:56
|
Update of /cvsroot/tolven/tolvenEJB/src/org/tolven/doc In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv30436/src/org/tolven/doc Modified Files: DocumentRemote.java Log Message: Add remote interfaces to some existing session beans. Index: DocumentRemote.java =================================================================== RCS file: /cvsroot/tolven/tolvenEJB/src/org/tolven/doc/DocumentRemote.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** DocumentRemote.java 27 Jan 2007 19:07:05 -0000 1.1 --- DocumentRemote.java 28 Jan 2007 06:03:55 -0000 1.2 *************** *** 11,14 **** public DocBase findDocument( long docId ); ! // public DocBase findDocument( long docId, long AccountId ); } --- 11,16 ---- public DocBase findDocument( long docId ); ! public long countDocuments( long accountId ); ! ! // public DocBase findDocument( long docId, long AccountId ); } |
3 messages has been excluded from this view by a project administrator.
