Merge branch 'master' of https://github.com/teiid/teiid

jboss-integration/src/main/java/org/teiid/jboss/JBossSessionService.java

@@ -41,14 +41,15 @@
 import org.teiid.dqp.service.GSSResult;
 import org.teiid.logging.LogConstants;
 import org.teiid.logging.LogManager;
+import org.teiid.runtime.AuthenticationHandler;
 import org.teiid.security.Credentials;
 import org.teiid.services.SessionServiceImpl;
 import org.teiid.services.TeiidLoginContext;
 
-public class JBossSessionService extends SessionServiceImpl {
+public class JBossSessionService extends SessionServiceImpl implements AuthenticationHandler {
 
 	@Override
-	protected TeiidLoginContext authenticate(String userName, Credentials credentials, String applicationName, String domain)
+	public TeiidLoginContext authenticate(String domain, String userName, Credentials credentials, String applicationName)
 			throws LoginException {
         final String baseUsername = getBaseUsername(userName);
 

jboss-integration/src/main/java/org/teiid/jboss/TransportService.java

@@ -60,14 +60,7 @@
 import org.teiid.net.ConnectionException;
 import org.teiid.net.socket.AuthenticationType;
 import org.teiid.services.SessionServiceImpl;
-import org.teiid.transport.ClientServiceRegistry;
-import org.teiid.transport.ClientServiceRegistryImpl;
-import org.teiid.transport.LocalServerConnection;
-import org.teiid.transport.LogonImpl;
-import org.teiid.transport.ODBCSocketListener;
-import org.teiid.transport.SocketConfiguration;
-import org.teiid.transport.SocketListener;
-import org.teiid.transport.WireProtocol;
+import org.teiid.transport.*;
 
 public class TransportService extends ClientServiceRegistryImpl implements Service<ClientServiceRegistry> {
 	private transient LogonImpl logon;
@@ -115,7 +108,8 @@ public void start(StartContext context) throws StartException {
 		this.setVDBRepository(this.getVdbRepository());
 		this.sessionService = new JBossSessionService();
 		if (this.authenticationDomain != null) {
-			this.sessionService.setSecurityDomain(this.authenticationDomain);			
+			this.sessionService.setSecurityDomain(this.authenticationDomain);	
+			this.sessionService.setAuthenticationHandler((JBossSessionService)this.sessionService);
 		}
 		this.sessionService.setSessionExpirationTimeLimit(this.sessionExpirationTimeLimit);
 		this.sessionService.setSessionMaxLimit(this.sessionMaxLimit);

jboss-integration/src/test/java/org/teiid/jboss/TestJBossSessionServiceImpl.java

@@ -94,7 +94,8 @@ public Subject getActiveSubject() {
         Mockito.stub(securityContext.getAuthenticationManager()).toReturn(authManager);
 
         JBossSessionService jss = new JBossSessionService() {
-        	public SecurityDomainContext getSecurityDomain(String securityDomain) {
+        	@Override
+            public SecurityDomainContext getSecurityDomain(String securityDomain) {
         		if (securityDomain.equals("testFile")) {
         			return securityContext;
         		}
@@ -104,7 +105,7 @@ public SecurityDomainContext getSecurityDomain(String securityDomain) {
         jss.setSecurityHelper(ms);
         jss.setSecurityDomain(domains);
 
-        TeiidLoginContext c = jss.authenticate("user1", credentials, null, domains); //$NON-NLS-1$ //$NON-NLS-2$
+        TeiidLoginContext c = jss.authenticate(domains, "user1", credentials, null); //$NON-NLS-1$ 
         assertEquals("user1@testFile", c.getUserName()); //$NON-NLS-1$
     }
 
@@ -118,7 +119,7 @@ public void testPassThrough() throws Exception {
         jss.setSecurityHelper(ms);
         jss.setSecurityDomain(domain);
 
-        TeiidLoginContext c = jss.passThroughLogin("user1", domain); //$NON-NLS-1$ //$NON-NLS-2$
+        TeiidLoginContext c = jss.passThroughLogin("user1", domain); //$NON-NLS-1$ 
 
         assertEquals("alreadylogged@passthrough", c.getUserName()); //$NON-NLS-1$
     }
@@ -142,13 +143,15 @@ protected VDBMetaData getActiveVDB(String vdbName, String vdbVersion)
         			throws SessionServiceException {
         		return Mockito.mock(VDBMetaData.class);
         	}
-        	public SecurityDomainContext getSecurityDomain(String securityDomain) {
+        	@Override
+            public SecurityDomainContext getSecurityDomain(String securityDomain) {
         		if (securityDomain.equals("somedomain")) {
         			return securityContext;
         		}
         		return null;
         	}        	
         };
+        jss.setAuthenticationHandler(jss);
         jss.setSecurityHelper(buildSecurityHelper());
 		jss.setSecurityDomain("somedomain");
 

runtime/src/main/java/org/teiid/runtime/AuthenticationHandler.java

@@ -0,0 +1,36 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership.  Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ * 
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ * 
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+package org.teiid.runtime;
+
+import javax.security.auth.login.LoginException;
+
+import org.teiid.dqp.service.GSSResult;
+import org.teiid.security.Credentials;
+import org.teiid.services.TeiidLoginContext;
+
+public interface AuthenticationHandler {
+
+    TeiidLoginContext authenticate(String securityDomain, String userName, Credentials credentials, String applicationName)
+            throws LoginException;
+
+    GSSResult neogitiateGssLogin(String securityDomain, byte[] serviceTicket) throws LoginException;
+}

runtime/src/main/java/org/teiid/runtime/EmbeddedConfiguration.java

@@ -39,11 +39,7 @@
 import org.teiid.cache.CacheFactory;
 import org.teiid.cache.infinispan.InfinispanCacheFactory;
 import org.teiid.core.TeiidRuntimeException;
-import org.teiid.dqp.internal.process.DQPConfiguration;
-import org.teiid.dqp.internal.process.DataRolePolicyDecider;
-import org.teiid.dqp.internal.process.DefaultAuthorizationValidator;
-import org.teiid.dqp.internal.process.TeiidExecutor;
-import org.teiid.dqp.internal.process.ThreadReuseExecutor;
+import org.teiid.dqp.internal.process.*;
 import org.teiid.query.ObjectReplicator;
 import org.teiid.replication.jgroups.ChannelFactory;
 import org.teiid.replication.jgroups.JGroupsObjectReplicator;
@@ -87,6 +83,7 @@ void stop() {
 	private SecurityHelper securityHelper;
 	private String securityDomain;
 	private TransactionManager transactionManager;
+	private AuthenticationHandler authenticationHandler;
 	private ObjectReplicator objectReplicator;
 	private WorkManager workManager;
 	private boolean useDisk = true;
@@ -263,5 +260,13 @@ public void setMaxAsyncThreads(int maxAsyncThreads) {
 
     public TeiidExecutor getAsynchWorkExecutor() {
         return new ThreadReuseExecutor("Asynchronus Workers", getMaxAsyncThreads()); //$NON-NLS-1$
+    }
+
+    public AuthenticationHandler getAuthenticationHandler() {
+        return authenticationHandler;
+    }
+
+    public void setAuthenticationHandler(AuthenticationHandler authenticationHandler) {
+        this.authenticationHandler = authenticationHandler;
     }	
 }

runtime/src/main/java/org/teiid/runtime/EmbeddedServer.java

@@ -37,15 +37,7 @@
 import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Timestamp;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Timer;
-import java.util.TreeMap;
+import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.Executor;
 import java.util.concurrent.atomic.AtomicInteger;
@@ -68,34 +60,17 @@
 import org.teiid.core.TeiidException;
 import org.teiid.core.TeiidRuntimeException;
 import org.teiid.core.util.ObjectConverterUtil;
-import org.teiid.deployers.CompositeGlobalTableStore;
-import org.teiid.deployers.CompositeVDB;
-import org.teiid.deployers.ContainerLifeCycleListener;
-import org.teiid.deployers.UDFMetaData;
-import org.teiid.deployers.VDBLifeCycleListener;
-import org.teiid.deployers.VDBRepository;
-import org.teiid.deployers.VirtualDatabaseException;
+import org.teiid.deployers.*;
 import org.teiid.dqp.internal.datamgr.ConnectorManager;
 import org.teiid.dqp.internal.datamgr.ConnectorManagerRepository;
 import org.teiid.dqp.internal.datamgr.ConnectorManagerRepository.ConnectorManagerException;
 import org.teiid.dqp.internal.datamgr.ConnectorManagerRepository.ExecutionFactoryProvider;
-import org.teiid.dqp.internal.process.CachedResults;
-import org.teiid.dqp.internal.process.DQPCore;
-import org.teiid.dqp.internal.process.PreparedPlan;
-import org.teiid.dqp.internal.process.SessionAwareCache;
-import org.teiid.dqp.internal.process.TeiidExecutor;
-import org.teiid.dqp.internal.process.TransactionServerImpl;
+import org.teiid.dqp.internal.process.*;
 import org.teiid.dqp.service.BufferService;
 import org.teiid.dqp.service.SessionServiceException;
 import org.teiid.events.EventDistributor;
 import org.teiid.events.EventDistributorFactory;
-import org.teiid.jdbc.CallableStatementImpl;
-import org.teiid.jdbc.ConnectionImpl;
-import org.teiid.jdbc.EmbeddedProfile;
-import org.teiid.jdbc.PreparedStatementImpl;
-import org.teiid.jdbc.TeiidDriver;
-import org.teiid.jdbc.TeiidPreparedStatement;
-import org.teiid.jdbc.TeiidSQLException;
+import org.teiid.jdbc.*;
 import org.teiid.logging.LogConstants;
 import org.teiid.logging.LogManager;
 import org.teiid.logging.MessageLevel;
@@ -366,6 +341,10 @@ public Object invoke(Object proxy, Method method, Object[] args)
 		} else {
 			this.sessionService.setSecurityDomain("teiid-security"); //$NON-NLS-1$
 		}
+
+		if (config.getAuthenticationHandler() != null) {
+		    this.sessionService.setAuthenticationHandler(config.getAuthenticationHandler());
+		}
 
 		this.sessionService.setVDBRepository(repo);
 		this.bufferService.setUseDisk(config.isUseDisk());

runtime/src/main/java/org/teiid/services/SessionServiceImpl.java

@@ -31,11 +31,7 @@
 import java.util.regex.Pattern;
 
 import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.callback.*;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
@@ -58,6 +54,7 @@
 import org.teiid.net.ServerConnection;
 import org.teiid.net.TeiidURL;
 import org.teiid.net.socket.AuthenticationType;
+import org.teiid.runtime.AuthenticationHandler;
 import org.teiid.runtime.RuntimePlugin;
 import org.teiid.security.Credentials;
 import org.teiid.security.SecurityHelper;
@@ -91,6 +88,7 @@ public class SessionServiceImpl implements SessionService {
     private Map<String, SessionMetadata> sessionCache = new ConcurrentHashMap<String, SessionMetadata>();
     private Timer sessionMonitor = null;    
     private List<String> securityDomainNames;
+    private AuthenticationHandler authenticationHandler = new PassThroughHandler();
 
     public void setSecurityDomain(String domainName) {
     	if (domainName == null) {
@@ -168,7 +166,7 @@ public SessionMetadata createSession(String vdbName,
         	if (onlyAllowPassthrough || authType.equals(AuthenticationType.GSS)) {
                 membership = passThroughLogin(userName, securityDomain);
         	} else {
-	        	membership = authenticate(userName, credentials, applicationName, securityDomain);
+	        	membership = this.authenticationHandler.authenticate(securityDomain, userName, credentials, applicationName);
         	}
 	        userName = membership.getUserName();
 	        securityDomain = membership.getSecurityDomain();
@@ -225,20 +223,6 @@ private String getUserName(Subject subject, String userName) {
 		return getBaseUsername(userName);
 	}
 
-	/**
-	 * 
-	 * @param userName
-	 * @param credentials
-	 * @param applicationName
-	 * @param domains
-	 * @return
-	 * @throws LoginException
-	 */
-	protected TeiidLoginContext authenticate(String userName, Credentials credentials, String applicationName, String securityDomain)
-			throws LoginException {
-		return passThroughLogin(userName, securityDomain);
-	}
-
 	protected VDBMetaData getActiveVDB(String vdbName, String vdbVersion) throws SessionServiceException {
 		VDBMetaData vdb = null;
 
@@ -545,16 +529,26 @@ public GSSResult neogitiateGssLogin(String user, String vdbName,
 		if (securityDomain == null ) {
 			 throw new LogonException(RuntimePlugin.Event.TEIID40059, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40059));
 		}
-		return neogitiateGssLogin(securityDomain, serviceTicket);
+		return this.authenticationHandler.neogitiateGssLogin(securityDomain, serviceTicket);
 	}
 
 	public AuthenticationType getDefaultAuthenticationType() {
 		return defaultAuthenticationType;
 	}
 
-	protected GSSResult neogitiateGssLogin(String securityDomain,
-			byte[] serviceTicket) throws LoginException {
-		// must be overridden in platform specific security domain
-		return null;
-	}
+    public void setAuthenticationHandler(AuthenticationHandler authenticationHandler) {
+        this.authenticationHandler = authenticationHandler;
+    }
+
+    class PassThroughHandler implements AuthenticationHandler {
+        @Override
+        public TeiidLoginContext authenticate(String securityDomain, String userName, Credentials credentials,
+                String applicationName) throws LoginException {
+            return passThroughLogin(userName, securityDomain);
+        }
+        @Override
+        public GSSResult neogitiateGssLogin(String securityDomain, byte[] serviceTicket) throws LoginException {
+            return null;
+        }
+    }
 }

runtime/src/test/java/org/teiid/services/TestSessionServiceImpl.java

@@ -1,6 +1,7 @@
 package org.teiid.services;
 
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.fail;
 
 import java.util.Properties;
 
@@ -13,26 +14,30 @@
 import org.teiid.adminapi.impl.SessionMetadata;
 import org.teiid.adminapi.impl.VDBMetaData;
 import org.teiid.deployers.VDBRepository;
+import org.teiid.dqp.service.GSSResult;
 import org.teiid.dqp.service.SessionServiceException;
 import org.teiid.net.TeiidURL;
 import org.teiid.net.socket.AuthenticationType;
+import org.teiid.runtime.AuthenticationHandler;
 import org.teiid.security.Credentials;
 
 @SuppressWarnings("nls")
 public class TestSessionServiceImpl {
 	SessionServiceImpl ssi;
 	@Before
 	public void setup() {
-		ssi = new SessionServiceImpl() {
-
-			@Override
-			protected TeiidLoginContext authenticate(String userName,
-					Credentials credentials, String applicationName,
-					String securityDomain)
-					throws LoginException {
-				return new TeiidLoginContext(userName, null, securityDomain, null);
-			}
-		};
+		ssi = new SessionServiceImpl();
+        ssi.setAuthenticationHandler(new AuthenticationHandler() {
+            @Override
+            public GSSResult neogitiateGssLogin(String securityDomain, byte[] serviceTicket) throws LoginException {
+                return null;
+            }
+            @Override
+            public TeiidLoginContext authenticate(String securityDomain, String userName, Credentials credentials,
+                    String applicationName) throws LoginException {
+                return new TeiidLoginContext(userName, null, securityDomain, null);
+            }
+        });
 	}
 
 	@Test