Skip to content

Commit

Permalink
Merge branch 'release/3.1.0.Final'
Browse files Browse the repository at this point in the history
  • Loading branch information
@sbryzak
sbryzak committed Dec 20, 2011
2 parents 41417d0 + 4c30a45 commit c109b4c
Show file tree
Hide file tree
Showing 13 changed files with 76 additions and 109 deletions.
2 changes: 1 addition & 1 deletion api/pom.xml
View file
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.jboss.seam.security</groupId>
<artifactId>seam-security-parent</artifactId>
<version>3.1.0-SNAPSHOT</version>
<version>3.2.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion dist/pom.xml
View file
Expand Up @@ -5,7 +5,7 @@
<parent>
<groupId>org.jboss.seam.security</groupId>
<artifactId>seam-security-parent</artifactId>
<version>3.1.0-SNAPSHOT</version>
<version>3.2.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion docs/pom.xml
View file
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.jboss.seam.security</groupId>
<artifactId>seam-security-parent</artifactId>
<version>3.1.0-SNAPSHOT</version>
<version>3.2.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion external/pom.xml
View file
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.jboss.seam.security</groupId>
<artifactId>seam-security-parent</artifactId>
<version>3.1.0-SNAPSHOT</version>
<version>3.2.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion impl/pom.xml
View file
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.jboss.seam.security</groupId>
<artifactId>seam-security-parent</artifactId>
<version>3.1.0-SNAPSHOT</version>
<version>3.2.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>

Expand Down
7 changes: 5 additions & 2 deletions impl/src/main/java/org/jboss/seam/security/IdentityImpl.java
View file
Expand Up @@ -239,8 +239,11 @@ protected boolean authenticate() throws AuthenticationException {
return false;
} catch (Exception ex) {
authenticating = false;
if (ex instanceof AuthenticationException) throw (AuthenticationException) ex;
return false;
if (ex instanceof AuthenticationException) {
throw (AuthenticationException) ex;
} else {
throw new AuthenticationException("Authentication failed.", ex);
}
}
}

Expand Down
37 changes: 23 additions & 14 deletions impl/src/main/java/org/jboss/seam/security/SecurityExtension.java
View file
Expand Up @@ -153,9 +153,9 @@ public int hashCode() {
private Set<AnnotatedType<?>> securedTypes = new HashSet<AnnotatedType<?>>();

/**
* A mapping between a secured method and its authorizers
* A mapping between a secured method of a class and its authorizers
*/
private Map<Method, Set<Authorizer>> methodAuthorizers = new HashMap<Method, Set<Authorizer>>();
private Map<Class<?>, Map<Method, Set<Authorizer>>> methodAuthorizers = new HashMap<Class<?>, Map<Method, Set<Authorizer>>>();

/**
* @param <X>
Expand Down Expand Up @@ -243,7 +243,7 @@ public void validateBindings(@Observes AfterBeanDiscovery event, BeanManager bea
for (final AnnotatedMethod<?> method : type.getMethods()) {
for (final Annotation annotation : method.getAnnotations()) {
if (annotation.annotationType().isAnnotationPresent(SecurityBindingType.class)) {
registerSecuredMethod(method.getJavaMember());
registerSecuredMethod(method.getJavaMember(), type.getJavaClass());
break;
}
}
Expand All @@ -262,12 +262,12 @@ public void validateBindings(@Observes AfterBeanDiscovery event, BeanManager bea
* @param m
* @return
*/
public Set<Authorizer> lookupAuthorizerStack(Method m) {
if (!methodAuthorizers.containsKey(m)) {
registerSecuredMethod(m);
public Set<Authorizer> lookupAuthorizerStack(Method m, Class<?> targetClass) {
if (!methodAuthorizers.containsKey(targetClass) || !methodAuthorizers.get(targetClass).containsKey(m)) {
registerSecuredMethod(m, targetClass);
}

return methodAuthorizers.get(m);
return methodAuthorizers.get(targetClass).get(m);
}

void checkAuthorization(Annotation binding) {
Expand All @@ -287,15 +287,25 @@ void checkAuthorization(Annotation binding) {
}
}

protected void registerSecuredMethod(Method method) {
if (!methodAuthorizers.containsKey(method)) {
protected synchronized void registerSecuredMethod(Method method, Class<?> targetClass) {
if (!methodAuthorizers.containsKey(targetClass)) {
methodAuthorizers.put(targetClass, new HashMap<Method, Set<Authorizer>>());
}

Map<Method, Set<Authorizer>> authz = methodAuthorizers.get(targetClass);

if (!authz.containsKey(method)) {
// Build a list of all security bindings on both the method and its declaring class
Set<Annotation> bindings = new HashSet<Annotation>();

for (final Annotation annotation : method.getDeclaringClass().getAnnotations()) {
if (annotation.annotationType().isAnnotationPresent(SecurityBindingType.class)) {
bindings.add(annotation);
Class<?> cls = targetClass;
while (!cls.equals(Object.class)) {
for (final Annotation annotation : cls.getAnnotations()) {
if (annotation.annotationType().isAnnotationPresent(SecurityBindingType.class)) {
bindings.add(annotation);
}
}
cls = cls.getSuperclass();
}

for (final Annotation annotation : method.getAnnotations()) {
Expand Down Expand Up @@ -349,9 +359,8 @@ protected void registerSecuredMethod(Method method) {
method.getDeclaringClass().getName() + "." +
method.getName() + "].");
}

methodAuthorizers.put(method, authorizerStack);
}
authz.put(method, authorizerStack);
}
}

Expand Down
2 changes: 1 addition & 1 deletion impl/src/main/java/org/jboss/seam/security/SecurityInterceptor.java
View file
Expand Up @@ -27,7 +27,7 @@ public class SecurityInterceptor implements Serializable {
public Object aroundInvoke(InvocationContext invocation) throws Exception {
Method method = invocation.getMethod();

for (Authorizer authorizer : extension.lookupAuthorizerStack(method)) {
for (Authorizer authorizer : extension.lookupAuthorizerStack(method, invocation.getTarget().getClass())) {
authorizer.authorize();
}

Expand Down
63 changes: 0 additions & 63 deletions impl/src/main/java/org/jboss/seam/security/management/IdentityObjectImpl.java
View file

This file was deleted.

2 changes: 2 additions & 0 deletions impl/src/main/java/org/jboss/seam/security/management/IdmAuthenticator.java
View file
Expand Up @@ -63,6 +63,8 @@ public void authenticate() {
setUser(u);
setStatus(AuthenticationStatus.SUCCESS);
return;
} else {
log.info("Authentication failed for user '" + credentials.getUsername() + "'");
}
} catch (IdentityException ex) {
log.error("Authentication error", ex);
Expand Down
56 changes: 36 additions & 20 deletions impl/src/main/java/org/jboss/seam/security/management/picketlink/JpaIdentityStore.java
View file
Expand Up @@ -22,11 +22,9 @@
import javax.persistence.criteria.Path;
import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import javax.persistence.criteria.Selection;

import org.jboss.seam.security.annotations.management.IdentityProperty;
import org.jboss.seam.security.annotations.management.PropertyType;
import org.jboss.seam.security.management.IdentityObjectImpl;
import org.jboss.seam.security.management.IdentityObjectRelationshipImpl;
import org.jboss.seam.security.management.IdentityObjectRelationshipTypeImpl;
import org.jboss.seam.security.management.IdentityObjectTypeImpl;
Expand All @@ -40,6 +38,7 @@
import org.picketlink.idm.common.exception.IdentityException;
import org.picketlink.idm.impl.api.SimpleAttribute;
import org.picketlink.idm.impl.store.FeaturesMetaDataImpl;
import org.picketlink.idm.impl.types.SimpleIdentityObject;
import org.picketlink.idm.spi.configuration.IdentityStoreConfigurationContext;
import org.picketlink.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
import org.picketlink.idm.spi.exception.OperationNotSupportedException;
Expand Down Expand Up @@ -128,9 +127,9 @@ public IdentityObject convertToIdentityObject(Object entity) {
if (cache.containsKey(entity)) {
return (IdentityObject) cache.get(entity);
} else {
IdentityObject obj = new IdentityObjectImpl(
identityIdProperty.getValue(entity).toString(),
IdentityObject obj = new SimpleIdentityObject(
identityNameProperty.getValue(entity).toString(),
identityIdProperty.getValue(entity).toString(),
convertToIdentityObjectType(identityTypeProperty.getValue(entity)));
cache.put(entity, obj);

Expand Down Expand Up @@ -961,8 +960,11 @@ protected Object lookupIdentityType(String identityType, EntityManager em) {
// If there is no identity type table, just return the name
if (typeNameProp == null) return identityType;

final String identTypeEntityAnnotationValue = typeNameProp.getDeclaringClass().getAnnotation(Entity.class).name();
final String identTypeEntityName = ("".equals(identTypeEntityAnnotationValue) ? typeNameProp.getDeclaringClass().getSimpleName() : identTypeEntityAnnotationValue);

Object val = em.createQuery(
"select t from " + typeNameProp.getDeclaringClass().getSimpleName() +
"select t from " + identTypeEntityName +
" t where t." + typeNameProp.getName() +
" = :identityType")
.setParameter("identityType", identityType)
Expand Down Expand Up @@ -1020,9 +1022,8 @@ public IdentityObject createIdentityObject(
}

Object id = modelProperties.get(PROPERTY_IDENTITY_ID).getValue(identityInstance);
IdentityObject obj = new IdentityObjectImpl(
(id != null ? id.toString() : null),
name, identityObjectType);
IdentityObject obj = new SimpleIdentityObject(name, (id != null ? id.toString() : null),
identityObjectType);

if (attributes != null) {
List<IdentityObjectAttribute> attribs = new ArrayList<IdentityObjectAttribute>();
Expand Down Expand Up @@ -1154,8 +1155,11 @@ public EntityManager getEntityManager(IdentityStoreInvocationContext invocationC
public IdentityObject findIdentityObject(IdentityStoreInvocationContext invocationContext, String id)
throws IdentityException {
try {
final String identEntityAnnotationValue = identityClass.getAnnotation(Entity.class).name();
final String identEntityName = ("".equals(identEntityAnnotationValue) ? identityClass.getSimpleName() : identEntityAnnotationValue);

Object identity = getEntityManager(invocationContext).createQuery("select i from " +
identityClass.getName() + " i where i." +
identEntityName + " i where i." +
modelProperties.get(PROPERTY_IDENTITY_ID).getName() +
" = :id")
.setParameter("id", id)
Expand All @@ -1168,9 +1172,9 @@ public IdentityObject findIdentityObject(IdentityStoreInvocationContext invocati
new IdentityObjectTypeImpl(modelProperties.get(PROPERTY_IDENTITY_TYPE).getValue(identity).toString());


return new IdentityObjectImpl(
modelProperties.get(PROPERTY_IDENTITY_ID).getValue(identity).toString(),
return new SimpleIdentityObject(
modelProperties.get(PROPERTY_IDENTITY_NAME).getValue(identity).toString(),
modelProperties.get(PROPERTY_IDENTITY_ID).getValue(identity).toString(),
type);
} catch (NoResultException ex) {
return null;
Expand All @@ -1185,18 +1189,21 @@ public IdentityObject findIdentityObject(
lookupIdentityType(identityObjectType.getName(), getEntityManager(invocationContext)) :
identityObjectType.getName();

final String identEntityAnnotationValue = identityClass.getAnnotation(Entity.class).name();
final String identEntityName = ("".equals(identEntityAnnotationValue) ? identityClass.getSimpleName() : identEntityAnnotationValue);

Object identity = getEntityManager(invocationContext).createQuery("select i from " +
identityClass.getName() + " i where i." +
identEntityName + " i where i." +
modelProperties.get(PROPERTY_IDENTITY_NAME).getName() +
" = :name and i." + modelProperties.get(PROPERTY_IDENTITY_TYPE).getName() +
" = :type")
.setParameter("name", name)
.setParameter("type", identityType)
.getSingleResult();

return new IdentityObjectImpl(
modelProperties.get(PROPERTY_IDENTITY_ID).getValue(identity).toString(),
return new SimpleIdentityObject(
modelProperties.get(PROPERTY_IDENTITY_NAME).getValue(identity).toString(),
modelProperties.get(PROPERTY_IDENTITY_ID).getValue(identity).toString(),
identityObjectType);
} catch (NoResultException ex) {
return null;
Expand Down Expand Up @@ -2078,25 +2085,34 @@ public Collection<IdentityObject> findIdentityObject(IdentityStoreInvocationCont
Object identType = modelProperties.containsKey(PROPERTY_IDENTITY_TYPE_NAME) ? lookupIdentityType(
identityType.getName(), getEntityManager(invocationCxt)) : identityType.getName();

final String identEntityAnnotationValue = identityClass.getAnnotation(Entity.class).name();
final String identEntityName = ("".equals(identEntityAnnotationValue) ? identityClass.getSimpleName() : identEntityAnnotationValue);

Object ident = getEntityManager(invocationCxt).createQuery(
"select i from " + identityClass.getName() + " i where i."
"select i from " + identEntityName + " i where i."
+ modelProperties.get(PROPERTY_IDENTITY_NAME).getName() + " = :name and i."
+ modelProperties.get(PROPERTY_IDENTITY_TYPE).getName() + " = :type")
.setParameter("name", identity.getName()).setParameter("type", identType).getSingleResult();

// FIXME: This won't work if they use the table name attribute on the annotation
String relEntityName = "";
if (modelProperties.get(PROPERTY_RELATIONSHIP_NAME) != null) {
final Class<?> relationshipClass = modelProperties.get(PROPERTY_RELATIONSHIP_NAME).getDeclaringClass();
final String relEntityAnnotationValue = relationshipClass.getAnnotation(Entity.class).name();
relEntityName = ("".equals(identEntityAnnotationValue) ? relationshipClass.getSimpleName() : relEntityAnnotationValue);
}

if (parent) {
if (relationshipType != null) {
queryString.append("select distinct ior." + modelProperties.get(PROPERTY_RELATIONSHIP_TO).getName() + " from "
+ modelProperties.get(PROPERTY_RELATIONSHIP_NAME).getDeclaringClass().getSimpleName() + " ior where ior."
+ relEntityName + " ior where ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_TO).getName() + "."
+ modelProperties.get(PROPERTY_RELATIONSHIP_NAME).getName() + " like :nameFilter and ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_TYPE).getName() + "."
+ modelProperties.get(PROPERTY_RELATIONSHIP_TYPE_NAME).getName() + " = :relType and ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_FROM).getName() + " = :identity");
} else {
queryString.append("select distinct ior. " + modelProperties.get(PROPERTY_RELATIONSHIP_TO).getName() + "from "
+ modelProperties.get(PROPERTY_RELATIONSHIP_NAME).getDeclaringClass().getSimpleName() + " ior where ior."
+ relEntityName + " ior where ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_TO).getName() + "."
+ modelProperties.get(PROPERTY_IDENTITY_NAME).getName() + " like :nameFilter and ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_FROM).getName() + " = :identity");
Expand All @@ -2109,7 +2125,7 @@ public Collection<IdentityObject> findIdentityObject(IdentityStoreInvocationCont
if (relationshipType != null) {
queryString.append("select distinct ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_FROM).getName() + " from "
+ modelProperties.get(PROPERTY_RELATIONSHIP_NAME).getDeclaringClass().getSimpleName() + " ior where ior."
+ relEntityName + " ior where ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_FROM).getName() + "."
+ modelProperties.get(PROPERTY_IDENTITY_NAME).getName() + " like :nameFilter and ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_TYPE).getName() + "."
Expand All @@ -2118,7 +2134,7 @@ public Collection<IdentityObject> findIdentityObject(IdentityStoreInvocationCont
} else {
queryString.append("select distinct ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_FROM).getName() + " from "
+ modelProperties.get(PROPERTY_RELATIONSHIP_NAME).getDeclaringClass().getSimpleName() + " ior where ior."
+ relEntityName + " ior where ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_FROM).getName() + "."
+ modelProperties.get(PROPERTY_IDENTITY_NAME).getName() + " like :nameFilter and ior."
+ modelProperties.get(PROPERTY_RELATIONSHIP_TO).getName() + " = :identity");
Expand Down

0 comments on commit c109b4c

Please sign in to comment.