Skip to content

Commit

Permalink
contextID null ?
Browse files Browse the repository at this point in the history
  • Loading branch information
@pizzi80
pizzi80 committed Mar 1, 2022
1 parent f9e3b05 commit ddf4f72
Show file tree
Hide file tree
Showing 10 changed files with 149 additions and 162 deletions.
8 changes: 4 additions & 4 deletions impl/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
<licenses>
<license>
<name>EPL 2.0</name>
<url>http://www.eclipse.org/legal/epl-2.0</url>
<url>https://www.eclipse.org/legal/epl-2.0</url>
<distribution>repo</distribution>
</license>
</licenses>
Expand Down Expand Up @@ -149,7 +149,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.0.0-M3</version>
<version>3.0.0</version>
<executions>
<execution>
<id>enforce-maven</id>
Expand Down Expand Up @@ -219,7 +219,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>3.2.0</version>
<version>3.2.2</version>
<configuration>
<archive>
<manifestFile>
Expand Down Expand Up @@ -269,7 +269,7 @@
<bottom><![CDATA[
Comments to: <a href="mailto:[email protected]">[email protected]</a>.<br>
Copyright &#169; 2021 Eclipse Foundation. All rights reserved.<br>
Use is subject to <a href="http://www.eclipse.org/legal/epl-2.0" target="_top">license terms</a>.]]>
Use is subject to <a href="https://www.eclipse.org/legal/epl-2.0" target="_top">license terms</a>.]]>
</bottom>
<links>
<link>https://jakarta.ee/specifications/platform/9/apidocs/</link>
Expand Down
27 changes: 7 additions & 20 deletions impl/src/main/java/org/glassfish/exousia/AuthorizationService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ public class AuthorizationService {

static final Logger logger = Logger.getLogger(AuthorizationService.class.getName());

private static boolean isSecMgrOff = System.getSecurityManager() == null;
private static boolean isSecMgrOff = true; //System.getSecurityManager() == null; // removed in java 17+

public static final String HTTP_SERVLET_REQUEST = "jakarta.servlet.http.HttpServletRequest";
public static final String SUBJECT = "javax.security.auth.Subject.container";
Expand All @@ -96,9 +96,7 @@ public class AuthorizationService {

private String constrainedUriRequestAttribute;

public AuthorizationService(
ServletContext servletContext,
Supplier<Subject> subjectSupplier) {
public AuthorizationService( ServletContext servletContext, Supplier<Subject> subjectSupplier) {
this(
DefaultPolicyConfigurationFactory.class,
DefaultPolicy.class,
Expand Down Expand Up @@ -129,14 +127,9 @@ public AuthorizationService(
subjectSupplier, principalMapper);
}

public AuthorizationService(
String contextId,
Supplier<Subject> subjectSupplier, PrincipalMapper principalMapper) {

this(
getFactory(), getPolicy(), contextId,
subjectSupplier, principalMapper);
}
public AuthorizationService(String contextId, Supplier<Subject> subjectSupplier, PrincipalMapper principalMapper) {
this(getFactory(), getPolicy(), contextId, subjectSupplier, principalMapper);
}

public AuthorizationService(
PolicyConfigurationFactory factory, Policy policy, String contextId,
Expand All @@ -152,15 +145,9 @@ public AuthorizationService(
// authorization config
PolicyContext.setContextID(contextId);

PolicyContext.registerHandler(
SUBJECT,
new DefaultPolicyContextHandler(SUBJECT, subjectSupplier),
true);
PolicyContext.registerHandler(SUBJECT, new DefaultPolicyContextHandler(SUBJECT, subjectSupplier), true);

PolicyContext.registerHandler(
PRINCIPAL_MAPPER,
new DefaultPolicyContextHandler(PRINCIPAL_MAPPER, () -> principalMapper),
true);
PolicyContext.registerHandler(PRINCIPAL_MAPPER, new DefaultPolicyContextHandler(PRINCIPAL_MAPPER, () -> principalMapper), true);

} catch (PolicyContextException | IllegalArgumentException | SecurityException e) {
throw new IllegalStateException(e);
Expand Down
6 changes: 3 additions & 3 deletions impl/src/main/java/org/glassfish/exousia/DefaultPolicyContextHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,17 +38,17 @@ public DefaultPolicyContextHandler(String key, Supplier<? extends Object> contex
}

@Override
public Object getContext(String key, Object data) throws PolicyContextException {
public Object getContext(String key, Object data) {
return contextObjectSupplier.get();
}

@Override
public boolean supports(String key) throws PolicyContextException {
public boolean supports(String key) {
return this.key.equals(key);
}

@Override
public String[] getKeys() throws PolicyContextException {
public String[] getKeys() {
return keys;
}

Expand Down
23 changes: 11 additions & 12 deletions impl/src/main/java/org/glassfish/exousia/constraints/SecurityConstraint.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,18 +15,17 @@
*/
package org.glassfish.exousia.constraints;

import static java.util.Arrays.asList;
import static java.util.Collections.unmodifiableList;
import static java.util.Collections.unmodifiableSet;
import static java.util.stream.Collectors.toList;
import static java.util.stream.Stream.concat;
import static jakarta.servlet.annotation.ServletSecurity.TransportGuarantee.NONE;
import jakarta.servlet.annotation.ServletSecurity.TransportGuarantee;

import java.util.HashSet;
import java.util.Collection;
import java.util.List;
import java.util.Set;

import jakarta.servlet.annotation.ServletSecurity.TransportGuarantee;
import static jakarta.servlet.annotation.ServletSecurity.TransportGuarantee.NONE;
import static java.util.Collections.unmodifiableList;
import static java.util.Collections.unmodifiableSet;
import static java.util.stream.Collectors.toList;
import static java.util.stream.Stream.concat;

public class SecurityConstraint {

Expand All @@ -39,15 +38,15 @@ public SecurityConstraint(String urlPattern, String... rolesAllowed) {
}

public SecurityConstraint(WebResourceCollection webResourceCollection, String... rolesAllowed) {
this(asList(webResourceCollection), asList(rolesAllowed));
this(List.of(webResourceCollection), List.of(rolesAllowed));
}

public SecurityConstraint(List<WebResourceCollection> webResourceCollections, String... rolesAllowed) {
this(webResourceCollections, asList(rolesAllowed));
this(webResourceCollections, List.of(rolesAllowed));
}

public SecurityConstraint(List<WebResourceCollection> webResourceCollections, List<String> rolesAllowed) {
this(webResourceCollections, new HashSet<>(rolesAllowed));
public SecurityConstraint(List<WebResourceCollection> webResourceCollections, Collection<String> rolesAllowed) {
this(webResourceCollections, Set.copyOf(rolesAllowed));
}

public SecurityConstraint(List<WebResourceCollection> webResourceCollections, Set<String> rolesAllowed) {
Expand Down
28 changes: 12 additions & 16 deletions impl/src/main/java/org/glassfish/exousia/constraints/WebResourceCollection.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,38 +15,35 @@
*/
package org.glassfish.exousia.constraints;

import static java.util.Arrays.asList;
import static java.util.Collections.emptySet;
import static java.util.Collections.unmodifiableSet;

import java.util.HashSet;
import java.util.List;
import java.util.Collection;
import java.util.Set;

import static java.util.Collections.unmodifiableSet;

public class WebResourceCollection {

private final Set<String> urlPatterns;
private final Set<String> httpMethods;
private final Set<String> httpMethodOmissions;

public WebResourceCollection(String... urlPatterns) {
this(asList(urlPatterns));
this(Set.of(urlPatterns));
}

public WebResourceCollection(List<String> urlPatterns) {
this(new HashSet<>(urlPatterns), emptySet(), emptySet());
public WebResourceCollection(Collection<String> urlPatterns) {
this( Set.copyOf(urlPatterns) , Set.of(), Set.of());
}

public WebResourceCollection(Set<String> urlPatterns, Set<String> httpMethods) {
this(urlPatterns, httpMethods, emptySet());
this(urlPatterns, httpMethods, Set.of());
}

public WebResourceCollection(String[] urlPatterns, String[] httpMethods, String[] httpMethodOmissions) {
this(asList(urlPatterns), asList(httpMethods), asList(httpMethodOmissions));
this( Set.of(urlPatterns) , Set.of(httpMethods) , Set.of(httpMethodOmissions) );
}

public WebResourceCollection(List<String> urlPatterns, List<String> httpMethods, List<String> httpMethodOmissions) {
this(new HashSet<>(urlPatterns), new HashSet<>(httpMethods), new HashSet<>(httpMethodOmissions));
private WebResourceCollection(Collection<String> urlPatterns, Collection<String> httpMethods, Collection<String> httpMethodOmissions) {
this(Set.copyOf(urlPatterns), Set.copyOf(httpMethods), Set.copyOf(httpMethodOmissions) );
}

public WebResourceCollection(Set<String> urlPatterns, Set<String> httpMethods, Set<String> httpMethodOmissions) {
Expand All @@ -55,17 +52,16 @@ public WebResourceCollection(Set<String> urlPatterns, Set<String> httpMethods, S
this.httpMethodOmissions = unmodifiableSet(httpMethodOmissions);
}

// --- GETTERS -----------------------------------------------------------------------------

public Set<String> getUrlPatterns() {
return urlPatterns;
}

public Set<String> getHttpMethods() {
return httpMethods;
}

public Set<String> getHttpMethodOmissions() {
return httpMethodOmissions;
}


}
57 changes: 20 additions & 37 deletions impl/src/main/java/org/glassfish/exousia/modules/def/DefaultPolicyConfigurationFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,58 +28,41 @@
*
* @author Arjan Tijms
*/
public class DefaultPolicyConfigurationFactory
extends PolicyConfigurationFactory {
public class DefaultPolicyConfigurationFactory extends PolicyConfigurationFactory {

private static final
ConcurrentMap<String, DefaultPolicyConfigurationStateMachine>
configurators = new ConcurrentHashMap<>();
private static final ConcurrentMap<String,DefaultPolicyConfigurationStateMachine> configurators = new ConcurrentHashMap<>();

@Override
public PolicyConfiguration getPolicyConfiguration(
String contextID,
boolean remove)
throws PolicyContextException {
public PolicyConfiguration getPolicyConfiguration( String contextID , boolean remove ) throws PolicyContextException {

DefaultPolicyConfigurationStateMachine
defaultPolicyConfigurationStateMachine =
configurators.computeIfAbsent(contextID,
contextId -> new DefaultPolicyConfigurationStateMachine(
new DefaultPolicyConfiguration(
contextID)));
// if contextID is null ??
if ( contextID == null ) return null;

if (remove) {
defaultPolicyConfigurationStateMachine
.delete();
}
DefaultPolicyConfigurationStateMachine defaultPolicyConfigurationStateMachine =
configurators.computeIfAbsent(
contextID,
contextId -> new DefaultPolicyConfigurationStateMachine(new DefaultPolicyConfiguration(contextID))
);

defaultPolicyConfigurationStateMachine
.open();
// Remove Policy
if (remove) defaultPolicyConfigurationStateMachine.delete();

return
defaultPolicyConfigurationStateMachine;
// Open and return
defaultPolicyConfigurationStateMachine.open();
return defaultPolicyConfigurationStateMachine;
}

@Override
public boolean inService(
String contextID)
throws PolicyContextException {
DefaultPolicyConfigurationStateMachine
defaultPolicyConfigurationStateMachine =
configurators.get(contextID);
public boolean inService(String contextID) throws PolicyContextException {
DefaultPolicyConfigurationStateMachine defaultPolicyConfigurationStateMachine = configurators.get(contextID);

if (defaultPolicyConfigurationStateMachine == null) {
return false;
}
if (defaultPolicyConfigurationStateMachine == null) return false;

return defaultPolicyConfigurationStateMachine
.inService();
return defaultPolicyConfigurationStateMachine.inService();
}

public static DefaultPolicyConfiguration getCurrentPolicyConfiguration() {
return (DefaultPolicyConfiguration) configurators
.get(getContextID())
.getPolicyConfiguration();
return (DefaultPolicyConfiguration) configurators.get(getContextID()).getPolicyConfiguration();
}

}
4 changes: 2 additions & 2 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@
<licenses>
<license>
<name>EPL 2.0</name>
<url>http://www.eclipse.org/legal/epl-2.0</url>
<url>https://www.eclipse.org/legal/epl-2.0</url>
<distribution>repo</distribution>
</license>
</licenses>
Expand Down Expand Up @@ -104,7 +104,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.0.0-M3</version>
<version>3.0.0</version>
<executions>
<execution>
<id>enforce-maven</id>
Expand Down
10 changes: 5 additions & 5 deletions spi/tomcat/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@
<licenses>
<license>
<name>EPL 2.0</name>
<url>http://www.eclipse.org/legal/epl-2.0</url>
<url>https://www.eclipse.org/legal/epl-2.0</url>
<distribution>repo</distribution>
</license>
</licenses>
Expand Down Expand Up @@ -120,7 +120,7 @@
<dependency>
<groupId>org.apache.tomcat</groupId>
<artifactId>tomcat-catalina</artifactId>
<version>10.0.0</version>
<version>10.0.16</version>
<scope>provided</scope>
</dependency>

Expand All @@ -129,7 +129,7 @@
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.13.1</version>
<version>4.13.2</version>
<scope>test</scope>
</dependency>
</dependencies>
Expand Down Expand Up @@ -161,7 +161,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.0.0-M3</version>
<version>3.0.0</version>
<executions>
<execution>
<id>enforce-maven</id>
Expand Down Expand Up @@ -219,7 +219,7 @@
<bottom><![CDATA[
Comments to: <a href="mailto:[email protected]">[email protected]</a>.<br>
Copyright &#169; 2021 Eclipse Foundation. All rights reserved.<br>
Use is subject to <a href="http://www.eclipse.org/legal/epl-2.0" target="_top">license terms</a>.]]>
Use is subject to <a href="https://www.eclipse.org/legal/epl-2.0" target="_top">license terms</a>.]]>
</bottom>
<links>
<link>https://jakarta.ee/specifications/platform/9/apidocs/</link>
Expand Down
Loading

0 comments on commit ddf4f72

Please sign in to comment.