[refactor] moved http dependency of http users out of the security co…

…re. Means you do not need javaxs.servlet dependency when embedding eXist
eXist-db · Aug 3, 2013 · 5152d3e · 5152d3e
1 parent 18faab9
commit 5152d3e
Show file tree

Hide file tree

Showing 6 changed files with 70 additions and 38 deletions.
diff --git a/src/org/exist/http/servlets/AbstractExistHttpServlet.java b/src/org/exist/http/servlets/AbstractExistHttpServlet.java
@@ -34,6 +34,7 @@
 import org.exist.security.AuthenticationException;
 import java.security.Principal;
 import org.exist.security.Subject;
+import org.exist.security.internal.web.HttpAccount;
 import org.exist.storage.BrokerPool;
 import org.exist.util.Configuration;
 import org.exist.util.DatabaseConfigurationException;
@@ -218,7 +219,7 @@ protected Subject authenticate(HttpServletRequest request, HttpServletResponse r
             return null;
         }
 
-        Principal principal = AccountImpl.getUserFromServletRequest(request);
+        Principal principal = HttpAccount.getUserFromServletRequest(request);
         if (principal != null) {return (Subject) principal;}
 
         // Try to validate the principal if passed from the Servlet engine

diff --git a/src/org/exist/http/servlets/XQueryServlet.java b/src/org/exist/http/servlets/XQueryServlet.java
@@ -45,6 +45,7 @@
 import org.exist.security.PermissionDeniedException;
 import org.exist.security.Subject;
 import org.exist.security.internal.AccountImpl;
+import org.exist.security.internal.web.HttpAccount;
 import org.exist.security.xacml.AccessContext;
 import org.exist.source.FileSource;
 import org.exist.source.Source;
@@ -317,7 +318,7 @@ protected void process(HttpServletRequest request, HttpServletResponse response)
         }
 
         if (user == getDefaultUser()) {
-        	Subject requestUser = AccountImpl.getUserFromServletRequest(request);
+        	Subject requestUser = HttpAccount.getUserFromServletRequest(request);
         	if (requestUser != null) {
         		user = requestUser;
         	} else {

diff --git a/src/org/exist/http/servlets/XSLTServlet.java b/src/org/exist/http/servlets/XSLTServlet.java
@@ -31,6 +31,7 @@
 import org.exist.security.PermissionDeniedException;
 import org.exist.security.Subject;
 import org.exist.security.internal.AccountImpl;
+import org.exist.security.internal.web.HttpAccount;
 import org.exist.storage.BrokerPool;
 import org.exist.storage.DBBroker;
 import org.exist.storage.lock.Lock;
@@ -171,7 +172,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
 
 		Subject user = pool.getSecurityManager().getGuestSubject();
 
-		Subject requestUser = AccountImpl.getUserFromServletRequest(request);
+		Subject requestUser = HttpAccount.getUserFromServletRequest(request);
         if (requestUser != null)
         	{user = requestUser;}
 

diff --git a/src/org/exist/http/urlrewrite/XQueryURLRewrite.java b/src/org/exist/http/urlrewrite/XQueryURLRewrite.java
@@ -33,6 +33,7 @@
 
 import org.apache.log4j.Logger;
 
+import org.exist.security.internal.web.HttpAccount;
 import org.exist.source.Source;
 import org.exist.source.DBSource;
 import org.exist.source.SourceFactory;
@@ -187,7 +188,7 @@ protected void service(HttpServletRequest servletRequest, HttpServletResponse se
 
         Subject user = defaultUser;
 
-        Subject requestUser = AccountImpl.getUserFromServletRequest(request);
+        Subject requestUser = HttpAccount.getUserFromServletRequest(request);
         if (requestUser != null)
         	{user = requestUser;}
 

diff --git a/src/org/exist/security/internal/AccountImpl.java b/src/org/exist/security/internal/AccountImpl.java
@@ -1,6 +1,6 @@
 /*
  *  eXist Open Source Native XML Database
- *  Copyright (C) 2003-2011 The eXist Project
+ *  Copyright (C) 2003-2013 The eXist Project
  *  http://exist-db.org
  *  
  *  This program is free software; you can redistribute it and/or
@@ -33,26 +33,22 @@
 import org.exist.security.PermissionDeniedException;
 import org.exist.security.SchemaType;
 import org.exist.security.SecurityManager;
-import org.exist.security.Subject;
 import org.exist.security.Account;
 import org.exist.security.internal.aider.UserAider;
 
 import java.io.IOException;
 import java.io.InputStream;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Properties;
 
-import javax.servlet.http.HttpServletRequest;
 import org.exist.storage.DBBroker;
 
 /**
  * Represents a user within the database.
  * 
  * @author Wolfgang Meier <wolfgang@exist-db.org>
  * @author {Marco.Tampucci, Massimo.Martinelli} @isti.cnr.it
+ * @author Adam retter <adam@exist-db.org>
  */
 @ConfigurationClass("account")
 public class AccountImpl extends AbstractAccount {
@@ -98,34 +94,6 @@ static public void setPasswordEncoding(String encoding) {
         }
     }*/
 
-    static public Subject getUserFromServletRequest(HttpServletRequest request) {
-        final Principal principal = request.getUserPrincipal();
-        if(principal instanceof Subject) {
-            return (Subject) principal;
-
-            //workaroud strange jetty authentication method, why encapsulate user object??? -shabanovd
-        } else if(principal != null && "org.eclipse.jetty.plus.jaas.JAASUserPrincipal".equals(principal.getClass().getName())) {
-            try {
-                final Method method = principal.getClass().getMethod("getSubject");
-                final Object obj = method.invoke(principal);
-                if(obj instanceof javax.security.auth.Subject) {
-                    final javax.security.auth.Subject subject = (javax.security.auth.Subject) obj;
-                    for(final Principal _principal_ : subject.getPrincipals()) {
-                        if(_principal_ instanceof Subject) {
-                            return (Subject) _principal_;
-                        }
-                    }
-                }
-            } catch(final SecurityException e) {
-            } catch(final IllegalArgumentException e) {
-            } catch(final IllegalAccessException e) {
-            } catch(final NoSuchMethodException e) {
-            } catch(final InvocationTargetException e) {
-            }
-        }
-
-        return null;
-    }
     @ConfigurationFieldAsElement("password")
     private String password = null;
     @ConfigurationFieldAsElement("digestPassword")

diff --git a/src/org/exist/security/internal/web/HttpAccount.java b/src/org/exist/security/internal/web/HttpAccount.java
@@ -0,0 +1,60 @@
+/*
+ *  eXist Open Source Native XML Database
+ *  Copyright (C) 2003-2013 The eXist Project
+ *  http://exist-db.org
+ *
+ *  This program is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public License
+ *  as published by the Free Software Foundation; either version 2
+ *  of the License, or (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ *  $Id$
+ */
+package org.exist.security.internal.web;
+
+import org.exist.security.Subject;
+
+import javax.servlet.http.HttpServletRequest;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.security.Principal;
+
+public class HttpAccount {
+
+    public static Subject getUserFromServletRequest(final HttpServletRequest request) {
+        final Principal principal = request.getUserPrincipal();
+        if(principal instanceof Subject) {
+            return (Subject) principal;
+
+            //workaroud strange jetty authentication method, why encapsulate user object??? -shabanovd
+        } else if(principal != null && "org.eclipse.jetty.plus.jaas.JAASUserPrincipal".equals(principal.getClass().getName())) {
+            try {
+                final Method method = principal.getClass().getMethod("getSubject");
+                final Object obj = method.invoke(principal);
+                if(obj instanceof javax.security.auth.Subject) {
+                    final javax.security.auth.Subject subject = (javax.security.auth.Subject) obj;
+                    for(final Principal _principal_ : subject.getPrincipals()) {
+                        if(_principal_ instanceof Subject) {
+                            return (Subject) _principal_;
+                        }
+                    }
+                }
+            } catch(final SecurityException e) {
+            } catch(final IllegalArgumentException e) {
+            } catch(final IllegalAccessException e) {
+            } catch(final NoSuchMethodException e) {
+            } catch(final InvocationTargetException e) {
+            }
+        }
+        return null;
+    }
+}