Download as
Browse Code »

Commit c1a53f13fe34becf82493e36c59905b364a96a40

Authored by PauloGladson
1 parent 37ad2584

Segurança e ajustes nos pacotes

Showing 20 changed files with 149 additions and 352 deletions   Show diff stats
demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/SecurityContext.java
  Diff comments   View file @c1a53f1
... ... @@ -28,12 +28,6 @@ public interface SecurityContext extends Serializable {
28 28 boolean isLoggedIn();
29 29  
30 30 /**
31   - * @throws NotLoggedInException if there is no user logged in a specific
32   - * session
33   - */
34   - void checkLoggedIn();
35   -
36   - /**
37 31 * Checks if the logged user has permission to execute an specific operation
38 32 * on a specific resource.
39 33 *
... ... @@ -69,5 +63,5 @@ public interface SecurityContext extends Serializable {
69 63 DemoisellePrincipal getUser();
70 64  
71 65 void setUser(DemoisellePrincipal loggedUser);
72   -
  66 +
73 67 }
... ...
demoiselle-core/src/main/java/org/demoiselle/jee/core/internal/producer/ResourceBundleProducer.java
  Diff comments   View file @c1a53f1
... ... @@ -56,8 +56,8 @@ public class ResourceBundleProducer implements Serializable {
56 56 return create(baseName);
57 57 }
58 58  
59   - @SuppressWarnings("serial")
60   - public static ResourceBundle create(String baseName) {
  59 + @SuppressWarnings("serial")
  60 + public static ResourceBundle create(String baseName) {
61 61 ResourceBundle bundle;
62 62  
63 63 try {
... ...
demoiselle-parent/pom.xml
  Diff comments   View file @c1a53f1
... ... @@ -3,6 +3,7 @@
3 3 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
4 4  
5 5 <artifactId>demoiselle-parent</artifactId>
  6 + <version>3.0.0-BETA1-SNAPSHOT</version>
6 7 <packaging>pom</packaging>
7 8 <modelVersion>4.0.0</modelVersion>
8 9  
... ... @@ -16,6 +17,7 @@
16 17  
17 18 <properties>
18 19 <!-- General -->
  20 + <demoiselle.version>3.0.0-BETA1-SNAPSHOT</demoiselle.version>
19 21 <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
20 22  
21 23 <!-- Dependencies versions -->
... ... @@ -37,6 +39,8 @@
37 39 <deltaspike.version>1.7.1</deltaspike.version>
38 40 <ejb.version>3.2</ejb.version>
39 41 <cache.version>1.0.0</cache.version>
  42 + <!--Microcontainers-->
  43 + <wildfly-swarm>2016.8</wildfly-swarm>
40 44  
41 45 <!-- Maven plugin versions -->
42 46 <maven.compiler.plugin.version>3.5.1</maven.compiler.plugin.version>
... ... @@ -171,29 +175,29 @@
171 175 <dependency>
172 176 <groupId>org.demoiselle.jee</groupId>
173 177 <artifactId>demoiselle-core</artifactId>
174   - <version>${project.version}</version>
  178 + <version>${version}</version>
175 179 </dependency>
176 180  
177 181 <dependency>
178 182 <groupId>org.demoiselle.jee</groupId>
179 183 <artifactId>demoiselle-security</artifactId>
180   - <version>${project.version}</version>
  184 + <version>${demoiselle.version}</version>
181 185 </dependency>
182 186  
183 187 <dependency>
184 188 <groupId>org.demoiselle.jee</groupId>
185 189 <artifactId>demoiselle-rest</artifactId>
186   - <version>${project.version}</version>
  190 + <version>${demoiselle.version}</version>
187 191 </dependency>
188 192  
189 193 <dependency>
190 194 <groupId>org.demoiselle.jee</groupId>
191 195 <artifactId>demoiselle-persistence-jpa</artifactId>
192   - <version>${project.version}</version>
  196 + <version>${demoiselle.version}</version>
193 197 </dependency>
194 198  
195 199 </dependencies>
196 200  
197 201 </dependencyManagement>
198   -
  202 +
199 203 </project>
... ...
demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java
View file @37ad258
... ... @@ -1,59 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - *
4   - * License: GNU Lesser General Public License (LGPL), version 3 or later.
5   - * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
6   - */
7   -package org.demoiselle.jee.ws.jaxrs;
8   -
9   -import java.util.logging.Logger;
10   -import javax.annotation.PostConstruct;
11   -import javax.inject.Inject;
12   -import javax.ws.rs.client.ClientRequestContext;
13   -import javax.ws.rs.client.ClientRequestFilter;
14   -import javax.ws.rs.client.ClientResponseContext;
15   -import javax.ws.rs.client.ClientResponseFilter;
16   -import javax.ws.rs.container.ContainerRequestContext;
17   -import javax.ws.rs.container.ContainerRequestFilter;
18   -import javax.ws.rs.container.ContainerResponseContext;
19   -import javax.ws.rs.container.ContainerResponseFilter;
20   -import javax.ws.rs.container.PreMatching;
21   -import javax.ws.rs.ext.Provider;
22   -
23   -/**
24   - *
25   - * @author 70744416353
26   - */
27   -@Provider
28   -@PreMatching
29   -public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, ContainerRequestFilter, ContainerResponseFilter {
30   -
31   - @Inject
32   - private Logger LOG;
33   -
34   - @Override
35   - public void filter(ClientRequestContext requestContext) {
36   - }
37   -
38   - @Override
39   - public void filter(ClientRequestContext requestContext, ClientResponseContext responseContext) {
40   - }
41   -
42   - @Override
43   - public void filter(ContainerRequestContext requestContext) {
44   - }
45   -
46   - @Override
47   - public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) {
48   - response.getHeaders().putSingle("Demoiselle", "3.0.0");
49   - response.getHeaders().putSingle("Access-Control-Allow-Origin", "*");
50   - response.getHeaders().putSingle("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, DELETE");
51   - response.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type");
52   - }
53   -
54   - @PostConstruct
55   - public void init() {
56   - LOG.info("Demoiselle Module - Rest");
57   - }
58   -
59   -}
demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/filter/JaxRsFilter.java 0 → 100644
  Diff comments   View file @c1a53f1
... ... @@ -0,0 +1,59 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + *
  4 + * License: GNU Lesser General Public License (LGPL), version 3 or later.
  5 + * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
  6 + */
  7 +package org.demoiselle.jee.ws.jaxrs.filter;
  8 +
  9 +import java.util.logging.Logger;
  10 +import javax.annotation.PostConstruct;
  11 +import javax.inject.Inject;
  12 +import javax.ws.rs.client.ClientRequestContext;
  13 +import javax.ws.rs.client.ClientRequestFilter;
  14 +import javax.ws.rs.client.ClientResponseContext;
  15 +import javax.ws.rs.client.ClientResponseFilter;
  16 +import javax.ws.rs.container.ContainerRequestContext;
  17 +import javax.ws.rs.container.ContainerRequestFilter;
  18 +import javax.ws.rs.container.ContainerResponseContext;
  19 +import javax.ws.rs.container.ContainerResponseFilter;
  20 +import javax.ws.rs.container.PreMatching;
  21 +import javax.ws.rs.ext.Provider;
  22 +
  23 +/**
  24 + *
  25 + * @author 70744416353
  26 + */
  27 +@Provider
  28 +@PreMatching
  29 +public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, ContainerRequestFilter, ContainerResponseFilter {
  30 +
  31 + @Inject
  32 + private Logger LOG;
  33 +
  34 + @Override
  35 + public void filter(ClientRequestContext requestContext) {
  36 + }
  37 +
  38 + @Override
  39 + public void filter(ClientRequestContext requestContext, ClientResponseContext responseContext) {
  40 + }
  41 +
  42 + @Override
  43 + public void filter(ContainerRequestContext requestContext) {
  44 + }
  45 +
  46 + @Override
  47 + public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) {
  48 + response.getHeaders().putSingle("Demoiselle", "3.0.0");
  49 + response.getHeaders().putSingle("Access-Control-Allow-Origin", "*");
  50 + response.getHeaders().putSingle("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, DELETE");
  51 + response.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type");
  52 + }
  53 +
  54 + @PostConstruct
  55 + public void init() {
  56 + LOG.info("Demoiselle Module - Rest");
  57 + }
  58 +
  59 +}
... ...
demoiselle-security/pom.xml
  Diff comments   View file @c1a53f1
... ... @@ -14,7 +14,7 @@
14 14 <groupId>org.demoiselle.jee</groupId>
15 15 <artifactId>demoiselle-parent</artifactId>
16 16 <version>3.0.0-BETA1-SNAPSHOT</version>
17   - <relativePath>../demoiselle-parent</relativePath>
  17 +
18 18 </parent>
19 19  
20 20 <dependencies>
... ...
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/AuthenticationException.java
View file @37ad258
... ... @@ -1,53 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - *
4   - * License: GNU Lesser General Public License (LGPL), version 3 or later.
5   - * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
6   - */
7   -package org.demoiselle.jee.security.exception;
8   -
9   -/**
10   - * <p>
11   - * Thrown when the mecanism responsible for the entire authentication lifecycle fails.
12   - * </p>
13   - *
14   - * @author SERPRO
15   - */
16   -public class AuthenticationException extends SecurityException {
17   -
18   - private static final long serialVersionUID = 1L;
19   -
20   - /**
21   - * <p>
22   - * Constructor with message.
23   - * </p>
24   - *
25   - * @param message exception message
26   - */
27   - public AuthenticationException(String message) {
28   - super(message);
29   - }
30   -
31   - /**
32   - * <p>
33   - * Constructor with the cause.
34   - * </p>
35   - *
36   - * @param cause exception cause
37   - */
38   - public AuthenticationException(Throwable cause) {
39   - super(cause);
40   - }
41   -
42   - /**
43   - * <p>
44   - * Constructor with message and cause.
45   - * </p>
46   - *
47   - * @param message exception message
48   - * @param cause exception cause
49   - */
50   - public AuthenticationException(String message, Throwable cause) {
51   - super(message, cause);
52   - }
53   -}
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/AuthorizationException.java
View file @37ad258
... ... @@ -1,42 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - *
4   - * License: GNU Lesser General Public License (LGPL), version 3 or later.
5   - * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
6   - */
7   -package org.demoiselle.jee.security.exception;
8   -
9   -/**
10   - * <p>
11   - * Thrown when a fail on trying to access some resource and/or execute an
12   - * operation without the proper authorization.
13   - * </p>
14   - *
15   - * @author SERPRO
16   - */
17   -public class AuthorizationException extends SecurityException {
18   -
19   - private static final long serialVersionUID = 1L;
20   -
21   - /**
22   - * <p>
23   - * Constructor with message.
24   - * </p>
25   - *
26   - * @param message exception message
27   - */
28   - public AuthorizationException(String message) {
29   - super(message);
30   - }
31   -
32   - /**
33   - * <p>
34   - * Constructor with the cause.
35   - * </p>
36   - *
37   - * @param cause exception cause
38   - */
39   - public AuthorizationException(Throwable cause) {
40   - super(cause);
41   - }
42   -}
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/DemoiselleSecurityException.java
  Diff comments   View file @c1a53f1
... ... @@ -22,6 +22,12 @@ public class DemoiselleSecurityException extends DemoiselleRESTException {
22 22 super(string);
23 23 this.statusCode = 401;
24 24 }
  25 +
  26 + public DemoiselleSecurityException(String string, int statusCode) {
  27 + super(string);
  28 + this.statusCode = statusCode;
  29 + }
  30 +
25 31  
26 32 public int getStatusCode() {
27 33 return statusCode;
... ...
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/InvalidCredentialsException.java
View file @37ad258
... ... @@ -1,50 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - *
4   - * License: GNU Lesser General Public License (LGPL), version 3 or later.
5   - * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
6   - */
7   -package org.demoiselle.jee.security.exception;
8   -
9   -import javax.enterprise.inject.spi.CDI;
10   -import org.demoiselle.jee.core.annotation.literal.NameQualifier;
11   -import org.demoiselle.jee.core.util.ResourceBundle;
12   -
13   -/**
14   - * <p>
15   - * Thrown when the user's credentials are invalid.
16   - * </p>
17   - *
18   - * @author SERPRO
19   - */
20   -public class InvalidCredentialsException extends AuthenticationException {
21   -
22   - private static final long serialVersionUID = 1L;
23   -
24   - public InvalidCredentialsException() {
25   - super(CDI.current().select(ResourceBundle.class, new NameQualifier("demoiselle-core-bundle")).get().getString("invalid-credentials"));
26   - }
27   -
28   - /**
29   - * <p>
30   - * Constructs an <code>InvalidCredentialsException</code> with a message.
31   - * </p>
32   - *
33   - * @param message exception message.
34   - */
35   - public InvalidCredentialsException(String message) {
36   - super(message);
37   - }
38   -
39   - /**
40   - * <p>
41   - * Constructor with message and cause.
42   - * </p>
43   - *
44   - * @param message exception message.
45   - * @param cause exception cause.
46   - */
47   - public InvalidCredentialsException(String message, Throwable cause) {
48   - super(message, cause);
49   - }
50   -}
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/NotLoggedInException.java
View file @37ad258
... ... @@ -1,32 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - *
4   - * License: GNU Lesser General Public License (LGPL), version 3 or later.
5   - * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
6   - */
7   -package org.demoiselle.jee.security.exception;
8   -
9   -/**
10   - * <p>
11   - * Thrown when trying to access some resource or execute an operation that requires authentication.
12   - * </p>
13   - *
14   - * @author SERPRO
15   - */
16   -public class NotLoggedInException extends DemoiselleSecurityException {
17   -
18   - private static final long serialVersionUID = 1L;
19   -
20   - /**
21   - * <p>
22   - * Constructs an <code>NotLoggedInException</code> with a message.
23   - * </p>
24   - *
25   - * @param message exception message
26   - */
27   - public NotLoggedInException(String message) {
28   - super(message);
29   - }
30   -
31   -
32   -}
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/SecurityException.java
View file @37ad258
... ... @@ -1,49 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - *
4   - * License: GNU Lesser General Public License (LGPL), version 3 or later.
5   - * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
6   - */
7   -package org.demoiselle.jee.security.exception;
8   -
9   -import org.demoiselle.jee.core.exception.DemoiselleException;
10   -
11   -/**
12   - * <code>SecurityException</code> is the superclass of those exceptions that can
13   - * be thrown due to any security related issue.
14   - *
15   - * @author SERPRO
16   - */
17   -public class SecurityException extends DemoiselleException {
18   -
19   - private static final long serialVersionUID = 1L;
20   -
21   - /**
22   - * Constructs an <code>SecurityException</code> with the specified detail
23   - * message.
24   - *
25   - * @param message the detail message.
26   - */
27   - SecurityException(String message) {
28   - super(message);
29   - }
30   -
31   - /**
32   - * Constructor with the cause.
33   - *
34   - * @param cause exception cause
35   - */
36   - SecurityException(Throwable cause) {
37   - super(cause);
38   - }
39   -
40   - /**
41   - * Constructor with message and cause.
42   - *
43   - * @param message exception message
44   - * @param cause exception cause
45   - */
46   - SecurityException(String message, Throwable cause) {
47   - super(message, cause);
48   - }
49   -}
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java
  Diff comments   View file @c1a53f1
... ... @@ -91,7 +91,7 @@ public class DemoisellePrincipalImpl implements DemoisellePrincipal {
91 91  
92 92 @Override
93 93 public String toString() {
94   - return "DemoisellePrincipalImpl{" + "id=" + id + ", name=" + name + ", roles=" + roles + ", permissions=" + permissions + '}';
  94 + return "DemoisellePrincipal{" + "id=" + id + ", name=" + name + ", roles=" + roles + ", permissions=" + permissions + '}';
95 95 }
96 96  
97 97 }
... ...
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java
  Diff comments   View file @c1a53f1
... ... @@ -6,16 +6,14 @@
6 6 */
7 7 package org.demoiselle.jee.security.impl;
8 8  
9   -import java.util.Iterator;
10   -import java.util.Map;
11   -import java.util.stream.Collectors;
12 9 import javax.enterprise.context.Dependent;
13 10 import javax.inject.Inject;
  11 +import javax.ws.rs.core.Response;
14 12 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
15 13  
16   -import org.demoiselle.jee.security.exception.NotLoggedInException;
17 14 import org.demoiselle.jee.core.interfaces.security.SecurityContext;
18 15 import org.demoiselle.jee.core.interfaces.security.TokensManager;
  16 +import org.demoiselle.jee.security.exception.DemoiselleSecurityException;
19 17 import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
20 18  
21 19 /**
... ... @@ -33,20 +31,20 @@ public class SecurityContextImpl implements SecurityContext {
33 31 @Inject
34 32 private TokensManager tm;
35 33  
36   - @Inject
37   - private DemoiselleSecurityMessages bundle;
38   -
39 34 /**
40 35 * @see org.demoiselle.security.SecurityContext#hasPermission(String,
41 36 * String)
42 37 */
43 38 @Override
44 39 public boolean hasPermission(String resource, String operation) {
45   - return (tm.getUser().getPermissions().entrySet()
  40 + if ((tm.getUser().getPermissions().entrySet()
46 41 .stream()
47 42 .filter(p -> p.getKey().equalsIgnoreCase(resource))
48 43 .filter(p -> p.getValue().equalsIgnoreCase(operation))
49   - .count() > 0);
  44 + .count() <= 0)) {
  45 + return false;
  46 + }
  47 + return true;
50 48 }
51 49  
52 50 /**
... ... @@ -54,7 +52,10 @@ public class SecurityContextImpl implements SecurityContext {
54 52 */
55 53 @Override
56 54 public boolean hasRole(String role) {
57   - return (tm.getUser().getRoles().parallelStream().filter(p -> p.equals(role)).count() > 0);
  55 + if (tm.getUser().getRoles().parallelStream().filter(p -> p.equals(role)).count() <= 0) {
  56 + return true;
  57 + }
  58 + return false;
58 59 }
59 60  
60 61 /**
... ... @@ -62,14 +63,7 @@ public class SecurityContextImpl implements SecurityContext {
62 63 */
63 64 @Override
64 65 public boolean isLoggedIn() {
65   - return tm.validate();
66   - }
67   -
68   - @Override
69   - public void checkLoggedIn() throws NotLoggedInException {
70   - if (!isLoggedIn()) {
71   - throw new NotLoggedInException(bundle.userNotAuthenticated());
72   - }
  66 + return getUser() != null;
73 67 }
74 68  
75 69 @Override
... ...
demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/LoggedInInterceptor.java
  Diff comments   View file @c1a53f1
... ... @@ -12,8 +12,12 @@ import javax.interceptor.AroundInvoke;
12 12 import javax.interceptor.Interceptor;
13 13 import javax.interceptor.InvocationContext;
14 14 import java.io.Serializable;
  15 +import java.util.logging.Logger;
  16 +import javax.ws.rs.core.Response;
15 17 import org.demoiselle.jee.security.annotation.LoggedIn;
16 18 import org.demoiselle.jee.core.interfaces.security.SecurityContext;
  19 +import org.demoiselle.jee.security.exception.DemoiselleSecurityException;
  20 +import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
17 21  
18 22 /**
19 23 * <p>
... ... @@ -32,9 +36,14 @@ public class LoggedInInterceptor implements Serializable {
32 36 @Inject
33 37 private SecurityContext securityContext;
34 38  
  39 + @Inject
  40 + private DemoiselleSecurityMessages bundle;
  41 +
35 42 @AroundInvoke
36 43 public Object manage(final InvocationContext ic) throws Exception {
37   - securityContext.checkLoggedIn();
  44 + if (!securityContext.isLoggedIn()) {
  45 + throw new DemoiselleSecurityException(bundle.userNotAuthenticated(), Response.Status.UNAUTHORIZED.getStatusCode());
  46 + }
38 47 return ic.proceed();
39 48 }
40 49 }
... ...
demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java
  Diff comments   View file @c1a53f1
... ... @@ -6,8 +6,6 @@
6 6 */
7 7 package org.demoiselle.jee.security.interceptor;
8 8  
9   -import org.demoiselle.jee.security.exception.AuthorizationException;
10   -
11 9 import javax.annotation.Priority;
12 10 import javax.interceptor.AroundInvoke;
13 11 import javax.interceptor.Interceptor;
... ... @@ -15,12 +13,15 @@ import javax.interceptor.InvocationContext;
15 13 import java.io.Serializable;
16 14 import java.util.logging.Logger;
17 15 import javax.inject.Inject;
  16 +import javax.ws.rs.core.Response;
18 17 import org.demoiselle.jee.core.annotation.Name;
19 18 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
20 19 import org.demoiselle.jee.core.util.ResourceBundle;
21 20 import org.demoiselle.jee.core.util.Strings;
22 21 import org.demoiselle.jee.security.annotation.RequiredPermission;
23 22 import org.demoiselle.jee.core.interfaces.security.SecurityContext;
  23 +import org.demoiselle.jee.security.exception.DemoiselleSecurityException;
  24 +import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
24 25  
25 26 /**
26 27 * <p>
... ... @@ -43,7 +44,7 @@ public class RequiredPermissionInterceptor implements Serializable {
43 44 private DemoisellePrincipal loggedUser;
44 45  
45 46 @Inject
46   - private ResourceBundle bundle;
  47 + private DemoiselleSecurityMessages bundle;
47 48  
48 49 @Inject
49 50 private Logger logger;
... ... @@ -73,15 +74,15 @@ public class RequiredPermissionInterceptor implements Serializable {
73 74  
74 75 if (securityContext.isLoggedIn()) {
75 76 username = loggedUser.getName();
76   - logger.finest(bundle.getString("access-checking", username, operation, resource));
  77 + logger.finest(bundle.accessCheckingPermission(username, operation, resource));
77 78 }
78 79  
79 80 if (securityContext.hasPermission(resource, operation)) {
80   - logger.severe(bundle.getString("access-denied", username, operation, resource));
81   - throw new AuthorizationException(bundle.getString("access-denied-ui", resource, operation));
  81 + logger.severe(bundle.doesNotHavePermission(username, operation, resource));
  82 + throw new DemoiselleSecurityException(bundle.doesNotHavePermission(username, operation, resource), Response.Status.UNAUTHORIZED.getStatusCode());
82 83 }
83 84  
84   - logger.fine(bundle.getString("access-allowed", username, operation, resource));
  85 + logger.fine(bundle.accessAllowed(username, operation, resource));
85 86 return ic.proceed();
86 87 }
87 88  
... ...
demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.java
  Diff comments   View file @c1a53f1
... ... @@ -6,8 +6,6 @@
6 6 */
7 7 package org.demoiselle.jee.security.interceptor;
8 8  
9   -import org.demoiselle.jee.security.exception.AuthorizationException;
10   -
11 9 import javax.annotation.Priority;
12 10 import javax.interceptor.AroundInvoke;
13 11 import javax.interceptor.Interceptor;
... ... @@ -19,10 +17,13 @@ import java.util.List;
19 17  
20 18 import java.util.logging.Logger;
21 19 import javax.inject.Inject;
  20 +import javax.ws.rs.core.Response;
22 21 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
23 22 import org.demoiselle.jee.core.util.ResourceBundle;
24 23 import org.demoiselle.jee.security.annotation.RequiredRole;
25 24 import org.demoiselle.jee.core.interfaces.security.SecurityContext;
  25 +import org.demoiselle.jee.security.exception.DemoiselleSecurityException;
  26 +import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
26 27  
27 28 /**
28 29 * <p>
... ... @@ -45,7 +46,7 @@ public class RequiredRoleInterceptor implements Serializable {
45 46 private DemoisellePrincipal loggedUser;
46 47  
47 48 @Inject
48   - private ResourceBundle bundle;
  49 + private DemoiselleSecurityMessages bundle;
49 50  
50 51 @Inject
51 52 private Logger logger;
... ... @@ -70,28 +71,26 @@ public class RequiredRoleInterceptor implements Serializable {
70 71 public Object manage(final InvocationContext ic) throws Exception {
71 72 List<String> roles = getRoles(ic);
72 73  
  74 + String username = null;
  75 +
73 76 if (securityContext.isLoggedIn()) {
74   - logger.info(
75   - bundle.getString("has-role-verification", loggedUser.getName(), roles));
  77 + username = loggedUser.getName();
76 78 }
77 79  
78 80 List<String> userRoles = new ArrayList<String>();
79 81  
80 82 for (String role : roles) {
81 83 if (securityContext.hasRole(role)) {
  84 + logger.finest(bundle.accessCheckingRole(username, role));
82 85 userRoles.add(role);
83 86 }
84 87 }
85 88  
86 89 if (userRoles.isEmpty()) {
87   - logger.severe(
88   - bundle.getString("does-not-have-role", loggedUser.getName(), roles));
89   -
90   - throw new AuthorizationException(bundle.getString("does-not-have-role-ui", roles));
  90 + logger.severe(bundle.doesNotHaveRole(username, roles.toString()));
  91 + throw new DemoiselleSecurityException(bundle.doesNotHaveRole(username, roles.toString()), Response.Status.UNAUTHORIZED.getStatusCode());
91 92 }
92 93  
93   - logger.fine(bundle.getString("user-has-role", loggedUser.getName(), userRoles));
94   -
95 94 return ic.proceed();
96 95 }
97 96  
... ...
demoiselle-security/src/main/java/org/demoiselle/jee/security/message/DemoiselleSecurityMessages.java
  Diff comments   View file @c1a53f1
... ... @@ -12,8 +12,28 @@ import org.apache.deltaspike.core.api.message.MessageTemplate;
12 12 @MessageBundle
13 13 public interface DemoiselleSecurityMessages {
14 14  
15   - @MessageTemplate("{user-not-authenticated}")
16   - String userNotAuthenticated();
  15 + @MessageTemplate("{access-checking-permission}")
  16 + String accessCheckingPermission(String usuario, String operacao, String recurso);
17 17  
  18 + @MessageTemplate("{access-checking-role}")
  19 + String accessCheckingRole(String usuario, String role);
18 20  
19   -}
20 21 \ No newline at end of file
  22 + @MessageTemplate("{access-allowed}")
  23 + String accessAllowed(String usuario, String operacao, String recurso);
  24 +
  25 + @MessageTemplate("{access-denied}")
  26 + String accessDenied(String usuario, String operacao, String recurso);
  27 +
  28 + @MessageTemplate("{user-not-authenticated}")
  29 + String userNotAuthenticated();
  30 +
  31 + @MessageTemplate("{invalid-credentials}")
  32 + String invalidCredentials();
  33 +
  34 + @MessageTemplate("{does-not-have-role}")
  35 + String doesNotHaveRole(String usuario, String role);
  36 +
  37 + @MessageTemplate("{does-not-have-permission}")
  38 + String doesNotHavePermission(String usuario, String operacao, String recurso);
  39 +
  40 +}
... ...
demoiselle-security/src/main/resources/org/demoiselle/jee/security/message/DemoiselleSecurityMessages.properties
  Diff comments   View file @c1a53f1
1   -adding-message-to-context=Adicionando uma mensagem no contexto: [{0}]
2   -access-checking=Verificando permiss\u00e3o do usu\u00e1rio {0} para executar a a\u00e7\u00e3o {1} no recurso {2}
3   -access-allowed=O usu\u00e1rio {0} acessou o recurso {2} com a a\u00e7\u00e3o {1}
4   -access-denied=O usu\u00e1rio {0} n\u00e3o possui permiss\u00e3o para executar a a\u00e7\u00e3o {1} no recurso {2}
5   -access-denied-ui=Voc\u00ea n\u00e3o est\u00e1 autorizado a executar a a\u00e7\u00e3o {1} no recurso {0}
6   -authorizer-not-defined=Nenhuma regra de resolu\u00e7\u00e3o de permiss\u00f5es foi definida. Para utilizar @{0} \u00e9 preciso definir a propriedade frameworkdemoiselle.security.authorizer.class como regra de resolu\u00e7\u00e3o de permiss\u00f5es desejada no arquivo demoiselle.properties.
  1 +access-checking-permission=Verificando permiss\u00e3o do usu\u00e1rio %s para executar a a\u00e7\u00e3o %s no recurso %s
  2 +access-checking-role=Verificando permiss\u00e3o do usu\u00e1rio %s para a role %s
  3 +access-allowed=O usu\u00e1rio %s acessou o recurso %s com a a\u00e7\u00e3o %s
  4 +access-denied=O usu\u00e1rio %s n\u00e3o possui permiss\u00e3o para executar a a\u00e7\u00e3o %s no recurso %s
7 5 user-not-authenticated=Usu\u00e1rio n\u00e3o autenticado
8 6 invalid-credentials=Usu\u00e1rio ou senha inv\u00e1lidos
9   -has-role-verification=Verificando se o usu\u00e1rio {0} possui a(s) role(s)\: {1}
10   -does-not-have-role=Usu\u00e1rio {0} n\u00e3o possui a(s) role(s)\: {1}
11   -does-not-have-role-ui=Para acessar este recurso \u00e9 necess\u00e1rio ser {0}
12   -user-has-role=Usu\u00e1rio {0} possui a(s) role(s)\: {1}
13 7 \ No newline at end of file
  8 +does-not-have-role=Usu\u00e1rio %s n\u00e3o possui a role\: %s
  9 +does-not-have-permission=Usu\u00e1rio %s n\u00e3o possui a permiss\u00e3o para executar a a\u00e7\u00e3o %s no recurso %s
... ...
pom.xml
  Diff comments   View file @c1a53f1
... ... @@ -66,13 +66,13 @@
66 66 <modules>
67 67 <module>demoiselle-parent</module>
68 68 <module>demoiselle-core</module>
  69 + <module>demoiselle-configuration</module>
69 70 <module>demoiselle-persistence-jpa</module>
70 71 <module>demoiselle-rest</module>
71 72 <module>demoiselle-security</module>
72 73 <module>demoiselle-security-token</module>
73 74 <module>demoiselle-security-basic</module>
74 75 <module>demoiselle-security-jwt</module>
75   - <module>demoiselle-configuration</module>
76 76 <!--<module>demoiselle-security-jwt</module>-->
77 77 </modules>
78 78  
... ...