GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-1320: JaasAuthenticationProvider can not find jaas realm defined inside service archive. Added flag to control refresh of configuration on startup.

3.0.x
Luke Taylor 16 years ago
parent
fdc9c5fd08
commit
1e8ea55030
1 changed files with 60 additions and 46 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 106
      core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java

106
core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java
Unescape View File

@ -56,7 +56,7 @@ import org.springframework.util.Assert; @@ -56,7 +56,7 @@ import org.springframework.util.Assert;
* org.springframework.security.authentication.UsernamePasswordAuthenticationToken} requests contain the correct username and
* password.</p>
* <p>This implementation is backed by a <a
* href="http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/JAASRefGuide.html">JAAS</a> configuration. The
* href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html">JAAS</a> configuration. The
* loginConfig property must be set to a given JAAS configuration file. This setter accepts a Spring {@link
* org.springframework.core.io.Resource} instance. It should point to a JAAS configuration file containing an index
* matching the {@link #setLoginContextName(java.lang.String) loginContextName} property.
@ -83,9 +83,9 @@ import org.springframework.util.Assert; @@ -83,9 +83,9 @@ import org.springframework.util.Assert;
* </pre>
* </p>
* <p>When using JAAS login modules as the authentication source, sometimes the
* <a href="http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/login/LoginContext.html">LoginContext</a> will
* <a href="http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html">LoginContext</a> will
* require <i>CallbackHandler</i>s. The JaasAuthenticationProvider uses an internal
* <a href="http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html">CallbackHandler
* <a href="http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html">CallbackHandler
* </a> to wrap the {@link JaasAuthenticationCallbackHandler}s configured in the ApplicationContext.
* When the LoginContext calls the internal CallbackHandler, control is passed to each
* {@link JaasAuthenticationCallbackHandler} for each Callback passed.
@ -140,6 +140,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -140,6 +140,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
private AuthorityGranter[] authorityGranters;
private JaasAuthenticationCallbackHandler[] callbackHandlers;
private ApplicationEventPublisher applicationEventPublisher;
private boolean refreshConfigurationOnStartup = true;
//~ Methods ========================================================================================================
@ -225,7 +226,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -225,7 +226,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
}
/**
* Hook method for configuring Jaas
* Hook method for configuring Jaas. If {@code
*
* @param loginConfig URL to Jaas login configuration
*
@ -234,8 +235,10 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -234,8 +235,10 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
protected void configureJaas(Resource loginConfig) throws IOException {
configureJaasUsingLoop();
// Overcome issue in SEC-760
Configuration.getConfiguration().refresh();
if (refreshConfigurationOnStartup) {
// Overcome issue in SEC-760
Configuration.getConfiguration().refresh();
}
}
/**
@ -249,7 +252,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -249,7 +252,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
boolean alreadySet = false;
int n = 1;
String prefix = "login.config.url.";
final String prefix = "login.config.url.";
String existing = null;
while ((existing = Security.getProperty(prefix + n)) != null) {
@ -269,41 +272,6 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -269,41 +272,6 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
}
}
/**
* Returns the AuthorityGrannter array that was passed to the {@link
* #setAuthorityGranters(AuthorityGranter[])} method, or null if it none were ever set.
*
* @return The AuthorityGranter array, or null
*
* @see #setAuthorityGranters(AuthorityGranter[])
*/
public AuthorityGranter[] getAuthorityGranters() {
return authorityGranters;
}
/**
* Returns the current JaasAuthenticationCallbackHandler array, or null if none are set.
*
* @return the JAASAuthenticationCallbackHandlers.
*
* @see #setCallbackHandlers(JaasAuthenticationCallbackHandler[])
*/
public JaasAuthenticationCallbackHandler[] getCallbackHandlers() {
return callbackHandlers;
}
public Resource getLoginConfig() {
return loginConfig;
}
public String getLoginContextName() {
return loginContextName;
}
public LoginExceptionResolver getLoginExceptionResolver() {
return loginExceptionResolver;
}
/**
* Handles the logout by getting the SecurityContext for the session that was destroyed. <b>MUST NOT use
* SecurityContextHolder as we are logging out a session that is not related to the current user.</b>
@ -367,6 +335,18 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -367,6 +335,18 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
}
}
/**
* Returns the AuthorityGrannter array that was passed to the {@link
* #setAuthorityGranters(AuthorityGranter[])} method, or null if it none were ever set.
*
* @return The AuthorityGranter array, or null
*
* @see #setAuthorityGranters(AuthorityGranter[])
*/
AuthorityGranter[] getAuthorityGranters() {
return authorityGranters;
}
/**
* Set the AuthorityGranters that should be consulted for role names to be granted to the Authentication.
*
@ -378,6 +358,17 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -378,6 +358,17 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
this.authorityGranters = authorityGranters;
}
/**
* Returns the current JaasAuthenticationCallbackHandler array, or null if none are set.
*
* @return the JAASAuthenticationCallbackHandlers.
*
* @see #setCallbackHandlers(JaasAuthenticationCallbackHandler[])
*/
JaasAuthenticationCallbackHandler[] getCallbackHandlers() {
return callbackHandlers;
}
/**
* Set the JAASAuthentcationCallbackHandler array to handle callback objects generated by the
* LoginContext.login method.
@ -388,19 +379,25 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -388,19 +379,25 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
this.callbackHandlers = callbackHandlers;
}
public Resource getLoginConfig() {
return loginConfig;
}
/**
* Set the JAAS login configuration file.
*
* @param loginConfig <a
* href="http://www.springframework.org/docs/api/org/springframework/core/io/Resource.html">Spring
* Resource</a>
* @param loginConfig
*
* @see <a href="http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/JAASRefGuide.html">JAAS Reference</a>
* @see <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html">JAAS Reference</a>
*/
public void setLoginConfig(Resource loginConfig) {
this.loginConfig = loginConfig;
}
String getLoginContextName() {
return loginContextName;
}
/**
* Set the loginContextName, this name is used as the index to the configuration specified in the
* loginConfig property.
@ -411,10 +408,27 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli @@ -411,10 +408,27 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
this.loginContextName = loginContextName;
}
LoginExceptionResolver getLoginExceptionResolver() {
return loginExceptionResolver;
}
public void setLoginExceptionResolver(LoginExceptionResolver loginExceptionResolver) {
this.loginExceptionResolver = loginExceptionResolver;
}
/**
* If set, a call to {@code Configuration#refresh()} will be made by {@code #configureJaas(Resource) }
* method. Defaults to {@literal true}.
*
* @see <a href="https://jira.springsource.org/browse/SEC-1320">SEC-1230</a>
*
* @param refreshConfigurationOnStartup set to {@literal false} to disable reloading of the configuration.
* May be useful in some environments.
*/
public void setRefreshConfigurationOnStartup(boolean refresh) {
this.refreshConfigurationOnStartup = refresh;
}
public boolean supports(Class<? extends Object> aClass) {
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(aClass);
}

Write Preview
Loading…
Cancel
Save