diff options
author | slaws <slaws@13f79535-47bb-0310-9956-ffa450edef68> | 2009-09-29 10:57:20 +0000 |
---|---|---|
committer | slaws <slaws@13f79535-47bb-0310-9956-ffa450edef68> | 2009-09-29 10:57:20 +0000 |
commit | c873aa270ae11f4c690ecec13fdc597c515c2b15 (patch) | |
tree | 4ca372585f21ab807afebca66054d7ca7ac5a95d | |
parent | a80c3fe0efbf184af56e2c07cc3ef28a735ad75e (diff) |
Extend basic auth support to match the credentials set in the policy. Not a production solution but useful for demonstrating how policy can be used.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@819883 13f79535-47bb-0310-9956-ffa450edef68
3 files changed, 43 insertions, 17 deletions
diff --git a/branches/sca-java-1.x/itest/policy-security-basicauth/src/main/resources/definitions.xml b/branches/sca-java-1.x/itest/policy-security-basicauth/src/main/resources/definitions.xml index dbdf0cd263..455ca2f917 100644 --- a/branches/sca-java-1.x/itest/policy-security-basicauth/src/main/resources/definitions.xml +++ b/branches/sca-java-1.x/itest/policy-security-basicauth/src/main/resources/definitions.xml @@ -31,6 +31,10 @@ <tuscany:userName>myname</tuscany:userName> <tuscany:password>mypassword</tuscany:password> </tuscany:basicAuthentication> + <tuscany:basicAuthentication> + <tuscany:userName>myname1</tuscany:userName> + <tuscany:password>mypassword1</tuscany:password> + </tuscany:basicAuthentication> </sca:policySet> <sca:policySet name="ImplementationIdentityPolicySet" diff --git a/branches/sca-java-1.x/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java b/branches/sca-java-1.x/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java index 4c18c89353..0f73320c47 100644 --- a/branches/sca-java-1.x/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java +++ b/branches/sca-java-1.x/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java @@ -104,8 +104,18 @@ public class Axis2BindingBasicAuthenticationConfigurator { // get the security context Subject subject = SecurityUtil.getSubject(msg); - BasicAuthenticationPrincipal principal = new BasicAuthenticationPrincipal(username, - password); + BasicAuthenticationPrincipal principal = null; + try { + principal = new BasicAuthenticationPrincipal(username, + password); + } catch (Exception ex) { + // null test will throw a suitable exceptions + } + + if (principal == null){ + throw new ServiceRuntimeException("User credentials for authentication expected"); + } + subject.getPrincipals().add(principal); } } diff --git a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java index e783d77c97..c1fab9efe4 100644 --- a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java +++ b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java @@ -27,6 +27,7 @@ import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.policy.PolicySet; import org.apache.tuscany.sca.policy.SecurityUtil; +import org.osoa.sca.ServiceRuntimeException; /** @@ -51,14 +52,7 @@ public class BasicAuthenticationServicePolicyInterceptor implements Interceptor } private void init() { - if (policySet != null) { - for (Object policyObject : policySet.getPolicies()){ - if (policyObject instanceof BasicAuthenticationPolicy){ - policy = (BasicAuthenticationPolicy)policyObject; - break; - } - } - } + } public Message invoke(Message msg) { @@ -66,17 +60,35 @@ public class BasicAuthenticationServicePolicyInterceptor implements Interceptor Subject subject = SecurityUtil.getSubject(msg); BasicAuthenticationPrincipal principal = SecurityUtil.getPrincipal(subject, BasicAuthenticationPrincipal.class); - + boolean authenticated = false; + if (principal != null){ - System.out.println("Username: " + - principal.getName() + - " Password: " + - principal.getPassword()); + System.out.println("Authenticating user: " + + principal.getName()); // could call out here to some 3rd party system to do whatever you - // need to do do with username and password - + // need to do do with username and password. For this very simple + // interceptor just check that the credentials match crendentials in + // the policy + + if (policySet != null) { + for (Object policyObject : policySet.getPolicies()){ + if (policyObject instanceof BasicAuthenticationPolicy){ + BasicAuthenticationPolicy policy = (BasicAuthenticationPolicy)policyObject; + + if (policy.getUserName().equals(principal.getName())){ + if (policy.getPassword().equals(principal.getPassword())){ + authenticated = true; + } + } + } + } + } + } + + if (authenticated == false){ + throw new ServiceRuntimeException("User: " + principal.getName() + " cannot be authenticated"); } return getNext().invoke(msg); |