Permalink
Browse files

Including role access control

  • Loading branch information...
1 parent 51c6dd1 commit b59fba88fecc7b25d8d16b03ff6c312e208a446a @abstractj committed May 3, 2012
View
@@ -129,7 +129,7 @@ AuthenticatorInterceptor:
@Inject
private Authenticator authenticator;
- AuthenticatorData data = new AuthenticatorData(credential, password, domain);
+ AuthenticatorData data = new AuthenticatorData(identity, password, domain);
authenticator.validate(data);
#### Scenario
@@ -21,4 +21,5 @@
public Object getPassword();
public String getUsername();
+ public String getRole();
}
@@ -21,6 +21,7 @@
private String username;
private Object password;
+ private String role;
public AuthInfoImpl(String username, Object password) {
this.username = username;
@@ -36,4 +37,9 @@ public Object getPassword() {
public String getUsername() {
return username;
}
+
+ @Override
+ public String getRole() {
+ return role;
+ }
}
@@ -22,5 +22,6 @@
public interface Identity extends Serializable {
public AuthInfo getAuthInfo();
- public void login(AuthInfo info);
+ public RoleManager login(AuthInfo info);
+
}
@@ -17,20 +17,34 @@
package org.jboss.aerogear.security.idm.auth;
+import org.jboss.aerogear.security.idm.persistence.UserRegistry;
+
import javax.enterprise.context.SessionScoped;
+import javax.inject.Inject;
@SessionScoped
public class IdentityImpl implements Identity {
private AuthInfo authInfo;
+ @Inject
+ private UserRegistry userRegistry;
+
@Override
public AuthInfo getAuthInfo() {
return authInfo;
}
@Override
- public void login(AuthInfo authInfo) {
- this.authInfo = authInfo;
+ public RoleManager login(AuthInfo authInfo) {
+
+ Object user = userRegistry.findBy(authInfo.getUsername());
+
+ if (user != null) {
+ this.authInfo = authInfo;
+ return new RoleManagerImpl(authInfo);
+ }
+
+ return null;
}
}
@@ -0,0 +1,22 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.jboss.aerogear.security.idm.auth;
+
+public interface RoleManager {
+ boolean hasRole();
+}
@@ -0,0 +1,42 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.jboss.aerogear.security.idm.auth;
+
+import org.jboss.aerogear.security.idm.persistence.RoleRegistry;
+
+import javax.enterprise.context.SessionScoped;
+import javax.inject.Inject;
+
+@SessionScoped
+public class RoleManagerImpl implements RoleManager {
+
+ private AuthInfo authInfo;
+
+ @Inject
+ private RoleRegistry roleRegistry;
+ //TODO finish it
+
+ public RoleManagerImpl(AuthInfo authInfo) {
+ this.authInfo = authInfo;
+ }
+
+ @Override
+ public boolean hasRole() {
+ return false;
+ }
+}
@@ -35,14 +35,14 @@
private static final long serialVersionUID = -7094673146532371976L;
@Inject
- private Credential credential;
+ private Identity identity;
@AroundInvoke
public Object filterDeniedInvocations(InvocationContext invocationContext) throws Exception {
log.info("=================================== Intercepting ===================================");
- if (credential.getAuthInfo() != null) {
+ if (identity.getAuthInfo() != null) {
log.info("======= Logged =======");
} else {
log.info("======= Not logged =======");
@@ -17,22 +17,22 @@
package org.jboss.aerogear.security.idm.event;
-import org.jboss.aerogear.security.idm.auth.Credential;
+import org.jboss.aerogear.security.idm.auth.Identity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class LogoutEvent {
private static final Logger log = LoggerFactory.getLogger(LogoutEvent.class);
- private Credential credential;
+ private Identity identity;
- public LogoutEvent(Credential credential) {
+ public LogoutEvent(Identity identity) {
log.info("======================== Login event ========================");
- this.credential = credential;
+ this.identity = identity;
}
- public Credential getCredential() {
- return credential;
+ public Identity getIdentity() {
+ return identity;
}
}
@@ -18,7 +18,7 @@
package org.jboss.aerogear.security.idm.handler;
import org.jboss.aerogear.security.idm.auth.AuthInfo;
-import org.jboss.aerogear.security.idm.auth.Credential;
+import org.jboss.aerogear.security.idm.auth.Identity;
import org.jboss.aerogear.security.idm.event.LoginEvent;
import org.jboss.aerogear.security.idm.event.LogoutEvent;
import org.jboss.aerogear.security.idm.persistence.UserRegistry;
@@ -35,22 +35,15 @@
private static final Logger log = LoggerFactory.getLogger(AuthenticationHandlerImpl.class);
@Inject
- private UserRegistry userRegistry;
-
- @Inject
- private Credential credential;
+ private Identity identity;
private Object user;
public void listenToLogin(@Observes LoginEvent loginEvent) {
- //TODO authenticate users and check for authorization details
- log.info("============ LoginEvent: " + loginEvent.getAuthInfo()
- + " ============");
AuthInfo authInfo = loginEvent.getAuthInfo();
- user = userRegistry.findBy(authInfo.getUsername());
- if (user != null) {
- credential.login(authInfo);
+ if (!identity.login(authInfo).hasRole()) {
+ identity.login(authInfo);
}
}
@@ -17,17 +17,16 @@
package org.jboss.aerogear.security.integration;
-import org.jboss.aerogear.security.idm.auth.AuthInfo;
-import org.jboss.aerogear.security.idm.auth.AuthInfoImpl;
-import org.jboss.aerogear.security.idm.auth.Credential;
+import org.jboss.aerogear.security.idm.auth.*;
import org.jboss.aerogear.security.idm.persistence.RoleRegistry;
+import org.jboss.aerogear.security.idm.persistence.UserRegistry;
import org.jboss.aerogear.security.integration.fixture.idm.RoleRegistryImpl;
+import org.jboss.aerogear.security.integration.fixture.idm.UserRegistryImpl;
import org.jboss.aerogear.security.integration.fixture.idm.entity.Role;
import org.jboss.aerogear.security.integration.fixture.idm.entity.User;
import org.jboss.aerogear.security.integration.util.Resources;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.security.identity.Identity;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.asset.EmptyAsset;
import org.jboss.shrinkwrap.api.spec.WebArchive;
@@ -47,9 +46,10 @@
@Deployment
public static WebArchive createDeployment() {
return ShrinkWrap.create(WebArchive.class)
- .addClasses(Credential.class, Identity.class,
+ .addClasses(Identity.class, IdentityImpl.class,
Role.class, User.class, RoleRegistry.class, RoleRegistryImpl.class,
- Resources.class, AuthInfo.class, AuthInfoImpl.class)
+ Resources.class, AuthInfo.class, AuthInfoImpl.class,
+ RoleManager.class, RoleManagerImpl.class, UserRegistry.class, UserRegistryImpl.class)
.addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml")
.addAsResource("persistence.xml", "META-INF/persistence.xml");
}
@@ -18,7 +18,12 @@
package org.jboss.aerogear.security.integration;
import org.jboss.aerogear.security.idm.auth.*;
+import org.jboss.aerogear.security.idm.persistence.UserRegistry;
import org.jboss.aerogear.security.integration.fixture.idm.DummyService;
+import org.jboss.aerogear.security.integration.fixture.idm.UserRegistryImpl;
+import org.jboss.aerogear.security.integration.fixture.idm.entity.Role;
+import org.jboss.aerogear.security.integration.fixture.idm.entity.User;
+import org.jboss.aerogear.security.integration.util.Resources;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.junit.Arquillian;
import org.jboss.shrinkwrap.api.ShrinkWrap;
@@ -31,22 +36,23 @@
@RunWith(Arquillian.class)
public class SecurityInterceptorIT {
- @Inject
- private DummyService dummyService;
-
- @Deployment
- public static WebArchive createTestArchive() {
- return ShrinkWrap.create(WebArchive.class, "auth.war")
- .addClasses(DummyService.class, SecurityInterceptorBinding.class, Secure.class,
- SecurityInterceptor.class, Credential.class, CredentialImpl.class,
- AuthInfo.class, AuthInfoImpl.class)
- .addAsWebInfResource("beans.xml", "beans.xml")
- .addAsWebInfResource("web.xml", "web.xml");
-
- }
-
- @Test
- public void shouldReturnSuccessfulStatus() throws Exception {
- dummyService.getUser(1L);
- }
+ @Inject
+ private DummyService dummyService;
+
+ @Deployment
+ public static WebArchive createTestArchive() {
+ return ShrinkWrap.create(WebArchive.class, "auth.war")
+ .addClasses(DummyService.class, SecurityInterceptorBinding.class, Secure.class,
+ SecurityInterceptor.class, Identity.class, IdentityImpl.class,
+ UserRegistry.class, UserRegistryImpl.class, User.class, Role.class, Resources.class,
+ AuthInfo.class, AuthInfoImpl.class, RoleManager.class, RoleManagerImpl.class)
+ .addAsWebInfResource("beans.xml", "beans.xml")
+ .addAsWebInfResource("web.xml", "web.xml")
+ .addAsResource("persistence.xml", "META-INF/persistence.xml");
+ }
+
+ @Test
+ public void shouldReturnSuccessfulStatus() throws Exception {
+ dummyService.getUser(1L);
+ }
}
@@ -17,11 +17,7 @@
package org.jboss.aerogear.security.integration;
-import org.jboss.aerogear.security.idm.auth.AuthInfo;
-import org.jboss.aerogear.security.idm.auth.AuthInfoImpl;
-import org.jboss.aerogear.security.idm.auth.Credential;
-import org.jboss.aerogear.security.idm.handler.AuthenticationHandler;
-import org.jboss.aerogear.security.idm.handler.AuthenticationHandlerImpl;
+import org.jboss.aerogear.security.idm.auth.*;
import org.jboss.aerogear.security.idm.persistence.RoleRegistry;
import org.jboss.aerogear.security.idm.persistence.UserRegistry;
import org.jboss.aerogear.security.integration.fixture.idm.RoleRegistryImpl;
@@ -31,11 +27,9 @@
import org.jboss.aerogear.security.integration.util.Resources;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.security.identity.Identity;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.asset.EmptyAsset;
import org.jboss.shrinkwrap.api.spec.WebArchive;
-import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -69,9 +63,10 @@
@Deployment
public static WebArchive createDeployment() {
return ShrinkWrap.create(WebArchive.class)
- .addClasses(Credential.class, AuthInfo.class, AuthInfoImpl.class, Identity.class,
- Role.class, User.class, AuthInfo.class, AuthInfoImpl.class,
- UserRegistry.class, UserRegistryImpl.class, Resources.class)
+ .addClasses(Identity.class, IdentityImpl.class,
+ Role.class, User.class, RoleRegistry.class, RoleRegistryImpl.class,
+ Resources.class, AuthInfo.class, AuthInfoImpl.class,
+ RoleManager.class, RoleManagerImpl.class, UserRegistry.class, UserRegistryImpl.class)
.addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml")
.addAsResource("persistence.xml", "META-INF/persistence.xml");
}
@@ -52,10 +52,10 @@
@Deployment
public static WebArchive createDeployment() {
return ShrinkWrap.create(WebArchive.class)
- .addClasses(Credential.class, CredentialImpl.class, AuthInfo.class, AuthInfoImpl.class,
+ .addClasses(Identity.class, IdentityImpl.class, AuthInfo.class, AuthInfoImpl.class,
AuthenticatorManager.class, AuthenticatorManagerImpl.class,
DummyService.class, SecurityInterceptorBinding.class,
- Secure.class, SecurityInterceptor.class,
+ Secure.class, SecurityInterceptor.class, RoleManager.class, RoleManagerImpl.class,
LoginEvent.class, LogoutEvent.class, UserRegistry.class, UserRegistryImpl.class,
User.class, Role.class, Resources.class,
AuthenticationHandler.class, AuthenticationHandlerImpl.class)
@@ -87,6 +87,11 @@ public Object getPassword() {
public String getUsername() {
return "test";
}
+
+ @Override
+ public String getRole() {
+ return "admin";
+ }
};
}

0 comments on commit b59fba8

Please sign in to comment.