Allow configuration of multiple jboss modules when instantiating clas…

…ses (the jboss module attribute is currently overridden if more than one picketbox module defines it, which ends up causing class loading failures)

picketbox-infinispan/src/main/java/org/jboss/security/authentication/JBossCachedAuthenticationManager.java

@@ -307,14 +307,14 @@ private boolean authenticate(Principal principal, Object credential, Subject the
 	   if(theAppPolicy != null)
 	   {
 		   BaseAuthenticationInfo authInfo = theAppPolicy.getAuthenticationInfo();
-		   String jbossModuleName = authInfo.getJBossModuleName();
-		   if(jbossModuleName != null)
+		   Set<String> jbossModuleNames = authInfo.getJBossModuleNames();
+		   if(!jbossModuleNames.isEmpty())
 		   {
 			   ClassLoader currentTccl = SubjectActions.getContextClassLoader();
 			   ClassLoaderLocator theCLL = ClassLoaderLocatorFactory.get();
 			   if(theCLL != null)
 			   {
-				   ClassLoader newTCCL = theCLL.get(jbossModuleName);
+				   ClassLoader newTCCL = theCLL.get(jbossModuleNames);
 				   if(newTCCL != null)
 				   {
 					   try

security-jboss-sx/jbosssx/pom.xml

@@ -112,6 +112,15 @@
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.1</version>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
     <dependencies>

security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/message/config/JBossServerAuthConfig.java

@@ -26,6 +26,7 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
@@ -139,12 +140,12 @@ public ServerAuthContext getAuthContext(String authContextID,
 
          // establish the module classloader if a jboss-module has been specified.
          ClassLoader moduleCL = null;
-         String jbossModule = jai.getJBossModuleName();
-         if (jbossModule != null && !jbossModule.isEmpty())
+         Set<String> jbossModuleNames = jai.getJBossModuleNames();
+         if (!jbossModuleNames.isEmpty())
          {
             ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
             if (locator != null)
-               moduleCL = locator.get(jbossModule);
+               moduleCL = locator.get(jbossModuleNames);
          }
 
          for(AuthModuleEntry ame: amearr)

security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/BaseSecurityInfo.java

@@ -22,7 +22,9 @@
 package org.jboss.security.config;
 
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 import javax.security.auth.AuthPermission;
 
@@ -48,7 +50,7 @@ public abstract class BaseSecurityInfo<T>
     * Name of the JBoss Module that can be optionally configured for
     * custom login modules etc
     */
-   protected String jbossModuleName;
+   protected Set<String> jbossModuleNames = new HashSet<String>();
 
    public BaseSecurityInfo()
    {
@@ -94,18 +96,19 @@ public void setName(String name)
     * Get the name of the JBoss Module
     * @return
     */
-   public String getJBossModuleName() 
+   public Set<String> getJBossModuleNames()
    {
-	   return jbossModuleName;
+	   return jbossModuleNames;
    }
 
    /**
     * Set the name of the JBoss Module
     * @param jbossModuleName
     */
-   public void setJBossModuleName(String jbossModuleName) 
+   public void addJBossModuleName(String jbossModuleName)
    {
-	   this.jbossModuleName = jbossModuleName;
+       if (jbossModuleName != null && !jbossModuleName.isEmpty())
+	       this.jbossModuleNames.add(jbossModuleName);
    }
 
    protected abstract BaseSecurityInfo<T> create(String name);

security-jboss-sx/jbosssx/src/main/java/org/jboss/security/identitytrust/JBossIdentityTrustContext.java

@@ -25,6 +25,7 @@
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
 import java.util.Map;
+import java.util.Set;
 
 import javax.security.auth.login.LoginException;
 
@@ -107,13 +108,13 @@ private void initializeModules() throws Exception
       IdentityTrustInfo iti = aPolicy.getIdentityTrustInfo();
       if(iti == null)
          return;
-      String jbossModuleName = iti.getJBossModuleName();
-      if(jbossModuleName != null)
+      Set<String> jbossModuleNames = iti.getJBossModuleNames();
+      if(!jbossModuleNames.isEmpty())
       {
     	  ClassLoaderLocator cll = ClassLoaderLocatorFactory.get();
     	  if(cll != null)
     	  {
-    		  moduleCL = cll.get(jbossModuleName);
+    		  moduleCL = cll.get(jbossModuleNames);
     	  }
       }
       IdentityTrustModuleEntry[] itmearr = iti.getIdentityTrustModuleEntry();

security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/ClassLoaderLocator.java

@@ -21,6 +21,9 @@
  */
 package org.jboss.security.plugins;
 
+import java.util.HashSet;
+import java.util.Set;
+
 /**
  * An interface to locate a {@code ClassLoader}}
  * The primary use of this interface is in the JBoss Application Server,
@@ -31,9 +34,15 @@
 public interface ClassLoaderLocator 
 {
 	/**
-	 * Given a key, return a {@code ClassLoader}
-	 * @param key
-	 * @return
+	 * Given a module name, return a {@code ClassLoader}
+	 * @param module the name of the module for which we want a {@link ClassLoader}.
+	 * @return the module {@link java.lang.ClassLoader}.
 	 */
-	ClassLoader get(String key);
+	default ClassLoader get(String module) {
+        Set<String> modules = new HashSet<>();
+        modules.add(module);
+        return get(modules);
+    }
+
+    ClassLoader get(Set<String> modules);
 }

security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/audit/JBossAuditManager.java

@@ -9,6 +9,7 @@
 import java.security.PrivilegedActionException;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
 
@@ -64,13 +65,13 @@ public AuditContext getAuditContext() throws PrivilegedActionException
     		  AuditInfo ai = ap.getAuditInfo();
     		  if(ai != null)
     		  {  
-    			  String jbossModuleName = ai.getJBossModuleName();
-    			  if(jbossModuleName != null)
+    			  Set<String> jbossModuleNames = ai.getJBossModuleNames();
+    			  if(!jbossModuleNames.isEmpty())
     			  {
     				  ClassLoaderLocator cll = ClassLoaderLocatorFactory.get();
     				   if(cll != null)
     				   {
-    					   moduleCL = cll.get(jbossModuleName);
+    					   moduleCL = cll.get(jbossModuleNames);
     				   }
     			  }
 				  ac = instantiate(moduleCL, ai);

security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/auth/JaasSecurityManagerBase.java

@@ -292,14 +292,14 @@ private boolean authenticate(Principal principal, Object credential,
 	   if(theAppPolicy != null)
 	   {
 		   BaseAuthenticationInfo authInfo = theAppPolicy.getAuthenticationInfo();
-		   String jbossModuleName = authInfo.getJBossModuleName();
-		   if(jbossModuleName != null)
+		   Set<String> jbossModuleNames = authInfo.getJBossModuleNames();
+		   if(!jbossModuleNames.isEmpty())
 		   {
 			   ClassLoader currentTccl = SubjectActions.getContextClassLoader();
 			   ClassLoaderLocator theCLL = ClassLoaderLocatorFactory.get();
 			   if(theCLL != null)
 			   {
-				   ClassLoader newTCCL = theCLL.get(jbossModuleName);
+				   ClassLoader newTCCL = theCLL.get(jbossModuleNames);
 				   if(newTCCL != null)
 				   {
 					   try

security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/authorization/JBossAuthorizationContext.java

@@ -27,6 +27,7 @@
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
@@ -181,13 +182,13 @@ private void initializeModules(Resource resource, RoleGroup role, List<Authoriza
          throw PicketBoxMessages.MESSAGES.failedToObtainAuthorizationInfo(securityDomainName);
 
       ClassLoader moduleCL = null;
-      String jbossModuleName = authzInfo.getJBossModuleName();
-      if(jbossModuleName != null)
+      Set<String> jbossModuleNames = authzInfo.getJBossModuleNames();
+      if(!jbossModuleNames.isEmpty())
       {
     	  ClassLoaderLocator cll = ClassLoaderLocatorFactory.get();
     	  if( cll != null)
     	  {
-    		  moduleCL = cll.get(jbossModuleName);
+    		  moduleCL = cll.get(jbossModuleNames);
     	  }
       }
       AuthorizationModuleEntry[] entries = authzInfo.getAuthorizationModuleEntry();

security-jboss-sx/jbosssx/src/main/java/org/jboss/security/plugins/mapping/JBossMappingManager.java

@@ -22,6 +22,7 @@
 package org.jboss.security.plugins.mapping;
 
 import java.util.ArrayList;
+import java.util.Set;
 
 import org.jboss.security.PicketBoxLogger;
 import org.jboss.security.PicketBoxMessages;
@@ -101,13 +102,13 @@ public <T> MappingContext<T> getMappingContext(Class<T> mappingType)
    private <T> MappingContext<T> generateMappingContext(MappingContext<T> mc, MappingInfo rmi)
    {
 	   ClassLoader moduleCL = null;
-	   String jbossModuleName = rmi.getJBossModuleName();
-	   if(jbossModuleName != null)
+	   Set<String> jbossModuleNames = rmi.getJBossModuleNames();
+	   if(!jbossModuleNames.isEmpty())
 	   {
 		   ClassLoaderLocator cll = ClassLoaderLocatorFactory.get();
 		   if(cll != null)
 		   {
-			   moduleCL = cll.get(jbossModuleName);
+			   moduleCL = cll.get(jbossModuleNames);
 		   }
 	   }
 	   MappingModuleEntry[] mpe = rmi.getMappingModuleEntry();

security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/JBossAuthorizationManagerWithModuleUnitTestCase.java

@@ -21,6 +21,8 @@
  */
 package org.jboss.test.authorization;
 
+import java.util.Set;
+
 import org.jboss.security.config.ApplicationPolicy;
 import org.jboss.security.config.AuthorizationInfo;
 import org.jboss.security.config.SecurityConfiguration;
@@ -41,13 +43,13 @@ protected void setSecurityConfiguration() throws Exception
 		super.setSecurityConfiguration();
 		ApplicationPolicy ap = SecurityConfiguration.getApplicationPolicy("other");
 		AuthorizationInfo ai = ap.getAuthorizationInfo();
-		ai.setJBossModuleName("org.picketbox");
+		ai.addJBossModuleName("org.picketbox");
 		ap.setAuthorizationInfo(ai);
 		SecurityConfiguration.addApplicationPolicy(ap);
 
 		ClassLoaderLocatorFactory.set(new ClassLoaderLocator() {
 
-			public ClassLoader get(String key) {
+			public ClassLoader get(Set<String> modules) {
 				return Thread.currentThread().getContextClassLoader();
 			}
 		});