From e4c385501a15507e61f38f69de7244d289fde6e8 Mon Sep 17 00:00:00 2001 From: Cleverson Sacramento Date: Tue, 5 Mar 2013 14:42:45 -0300 Subject: [PATCH] Ajustes na interface Authentication e SecurityContext --- impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultAuthenticator.java | 4 +++- impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImpl.java | 82 +++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------- impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredPermissionInterceptor.java | 8 ++++---- impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredRoleInterceptor.java | 6 +++--- impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthenticationException.java | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java | 7 ++++--- impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthorizationException.java | 19 +------------------ impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityContext.java | 17 ++++++++++++++--- impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityException.java | 12 ++++++++++++ impl/core/src/main/java/br/gov/frameworkdemoiselle/security/User.java | 5 +++-- impl/core/src/test/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImplTest.java | 66 +++++++++++++++++++++++++++++++++--------------------------------- impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java | 64 ++++++++++++++++++++++++++-------------------------------------- impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java | 53 ++++------------------------------------------------- impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties | 2 +- pom.xml | 2 +- 15 files changed, 237 insertions(+), 189 deletions(-) create mode 100644 impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthenticationException.java diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultAuthenticator.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultAuthenticator.java index 0405d19..f3fb999 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultAuthenticator.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultAuthenticator.java @@ -40,6 +40,7 @@ import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelecto import br.gov.frameworkdemoiselle.DemoiselleException; import br.gov.frameworkdemoiselle.annotation.Priority; import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer; +import br.gov.frameworkdemoiselle.security.AuthenticationException; import br.gov.frameworkdemoiselle.security.Authenticator; import br.gov.frameworkdemoiselle.security.SecurityContext; import br.gov.frameworkdemoiselle.security.User; @@ -51,6 +52,7 @@ import br.gov.frameworkdemoiselle.util.ResourceBundle; * @author SERPRO * @see Authenticator */ +@SuppressWarnings("deprecation") @Priority(CORE_PRIORITY) public class DefaultAuthenticator implements Authenticator { @@ -62,7 +64,7 @@ public class DefaultAuthenticator implements Authenticator { * @see br.gov.frameworkdemoiselle.security.Authenticator#authenticate() */ @Override - public boolean authenticate() { + public void authenticate() throws AuthenticationException { throw getException(); } diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImpl.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImpl.java index 8edbc7f..f7b58fa 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImpl.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImpl.java @@ -36,8 +36,12 @@ */ package br.gov.frameworkdemoiselle.internal.implementation; +import java.io.Serializable; +import java.security.Principal; + import javax.inject.Named; +import br.gov.frameworkdemoiselle.DemoiselleException; import br.gov.frameworkdemoiselle.internal.bootstrap.AuthenticatorBootstrap; import br.gov.frameworkdemoiselle.internal.bootstrap.AuthorizerBootstrap; import br.gov.frameworkdemoiselle.internal.configuration.SecurityConfig; @@ -45,6 +49,7 @@ import br.gov.frameworkdemoiselle.internal.configuration.SecurityConfigImpl; import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer; import br.gov.frameworkdemoiselle.security.AfterLoginSuccessful; import br.gov.frameworkdemoiselle.security.AfterLogoutSuccessful; +import br.gov.frameworkdemoiselle.security.AuthenticationException; import br.gov.frameworkdemoiselle.security.Authenticator; import br.gov.frameworkdemoiselle.security.Authorizer; import br.gov.frameworkdemoiselle.security.NotLoggedInException; @@ -58,6 +63,7 @@ import br.gov.frameworkdemoiselle.util.ResourceBundle; * * @author SERPRO */ +@SuppressWarnings("deprecation") @Named("securityContext") public class SecurityContextImpl implements SecurityContext { @@ -116,13 +122,14 @@ public class SecurityContextImpl implements SecurityContext { */ @Override public boolean hasRole(String role) throws NotLoggedInException { + boolean result = true; + if (getConfig().isEnabled()) { checkLoggedIn(); - return getAuthorizer().hasRole(role); - - } else { - return true; + result = getAuthorizer().hasRole(role); } + + return result; } /** @@ -130,24 +137,34 @@ public class SecurityContextImpl implements SecurityContext { */ @Override public boolean isLoggedIn() { + boolean result = true; + if (getConfig().isEnabled()) { - return getUser() != null; - } else { - return true; + result = getCurrentUser() != null; } + + return result; } /** * @see br.gov.frameworkdemoiselle.security.SecurityContext#login() */ @Override - public void login() { - if (getConfig().isEnabled() && getAuthenticator().authenticate()) { - Beans.getBeanManager().fireEvent(new AfterLoginSuccessful() { - - private static final long serialVersionUID = 1L; - - }); + public void login() throws AuthenticationException { + if (getConfig().isEnabled()) { + + try { + getAuthenticator().authenticate(); + + Beans.getBeanManager().fireEvent(new AfterLoginSuccessful() { + + private static final long serialVersionUID = 1L; + + }); + + } catch (AuthenticationException cause) { + throw cause; + } } } @@ -168,31 +185,20 @@ public class SecurityContextImpl implements SecurityContext { } /** + * @deprecated Use {@link #getCurrentUser()} instead. * @see br.gov.frameworkdemoiselle.security.SecurityContext#getUser() */ @Override public User getUser() { - User user = getAuthenticator().getUser(); - - if (!getConfig().isEnabled() && user == null) { - user = new User() { - - private static final long serialVersionUID = 1L; - - @Override - public void setAttribute(Object key, Object value) { - } + throw new DemoiselleException("Utilize o método getCurrentUser() ao invés do getUser()"); + } - @Override - public String getId() { - return "demoiselle"; - } + @Override + public Principal getCurrentUser() { + Principal user = getAuthenticator().getUser(); - @Override - public Object getAttribute(Object key) { - return null; - } - }; + if (!getConfig().isEnabled() && user == null) { + user = new EmptyUser(); } return user; @@ -208,4 +214,14 @@ public class SecurityContextImpl implements SecurityContext { throw new NotLoggedInException(bundle.getString("user-not-authenticated")); } } + + private class EmptyUser implements Principal, Serializable { + + private static final long serialVersionUID = 1L; + + @Override + public String getName() { + return "demoiselle"; + } + } } diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredPermissionInterceptor.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredPermissionInterceptor.java index 679fcc8..3d49c47 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredPermissionInterceptor.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredPermissionInterceptor.java @@ -37,6 +37,7 @@ package br.gov.frameworkdemoiselle.internal.interceptor; import java.io.Serializable; +import java.security.Principal; import javax.interceptor.AroundInvoke; import javax.interceptor.Interceptor; @@ -50,7 +51,6 @@ import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer; import br.gov.frameworkdemoiselle.security.AuthorizationException; import br.gov.frameworkdemoiselle.security.RequiredPermission; import br.gov.frameworkdemoiselle.security.SecurityContext; -import br.gov.frameworkdemoiselle.security.User; import br.gov.frameworkdemoiselle.util.Beans; import br.gov.frameworkdemoiselle.util.ResourceBundle; import br.gov.frameworkdemoiselle.util.Strings; @@ -112,10 +112,10 @@ public class RequiredPermissionInterceptor implements Serializable { */ private String getUsername() { String username = ""; - User user = getSecurityContext().getUser(); + Principal user = getSecurityContext().getCurrentUser(); - if (user != null && user.getId() != null) { - username = user.getId(); + if (user != null && user.getName() != null) { + username = user.getName(); } return username; diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredRoleInterceptor.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredRoleInterceptor.java index be0eaa8..fbde82c 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredRoleInterceptor.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/interceptor/RequiredRoleInterceptor.java @@ -90,7 +90,7 @@ public class RequiredRoleInterceptor implements Serializable { if (getSecurityContext().isLoggedIn()) { getLogger().info( - getBundle().getString("has-role-verification", getSecurityContext().getUser().getId(), roles)); + getBundle().getString("has-role-verification", getSecurityContext().getCurrentUser().getName(), roles)); } List userRoles = new ArrayList(); @@ -103,14 +103,14 @@ public class RequiredRoleInterceptor implements Serializable { if (userRoles.isEmpty()) { getLogger().error( - getBundle().getString("does-not-have-role", getSecurityContext().getUser().getId(), roles)); + getBundle().getString("does-not-have-role", getSecurityContext().getCurrentUser().getName(), roles)); @SuppressWarnings("unused") AuthorizationException a = new AuthorizationException(null); throw new AuthorizationException(getBundle().getString("does-not-have-role-ui", roles)); } - getLogger().debug(getBundle().getString("user-has-role", getSecurityContext().getUser().getId(), userRoles)); + getLogger().debug(getBundle().getString("user-has-role", getSecurityContext().getCurrentUser().getName(), userRoles)); return ic.proceed(); } diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthenticationException.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthenticationException.java new file mode 100644 index 0000000..01e72e5 --- /dev/null +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthenticationException.java @@ -0,0 +1,79 @@ +/* + * Demoiselle Framework + * Copyright (C) 2010 SERPRO + * ---------------------------------------------------------------------------- + * This file is part of Demoiselle Framework. + * + * Demoiselle Framework is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License version 3 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License version 3 + * along with this program; if not, see + * or write to the Free Software Foundation, Inc., 51 Franklin Street, + * Fifth Floor, Boston, MA 02110-1301, USA. + * ---------------------------------------------------------------------------- + * Este arquivo é parte do Framework Demoiselle. + * + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação + * do Software Livre (FSF). + * + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português + * para maiores detalhes. + * + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título + * "LICENCA.txt", junto com esse programa. Se não, acesse + * ou escreva para a Fundação do Software Livre (FSF) Inc., + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. + */ +package br.gov.frameworkdemoiselle.security; + +/** + * Thrown when the authorization process fails. + * + * @author SERPRO + */ +public class AuthenticationException extends SecurityException { + + private static final long serialVersionUID = 1L; + + /** + * Constructor with message. + * + * @param message + * exception message + */ + public AuthenticationException(String message) { + super(message); + } + + /** + * Constructor with the cause. + * + * @param cause + * exception cause + */ + public AuthenticationException(Throwable cause) { + super(cause); + } + + /** + * Constructor with message and cause. + * + * @param message + * exception message + * @param cause + * exception cause + */ + public AuthenticationException(String message, Throwable cause) { + super(message, cause); + } +} diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java index 9ef41e5..2ed232f 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java @@ -37,6 +37,7 @@ package br.gov.frameworkdemoiselle.security; import java.io.Serializable; +import java.security.Principal; /** * Defines the methods that should be implemented by anyone who wants an authentication mechanism. @@ -48,9 +49,9 @@ public interface Authenticator extends Serializable { /** * Executes the necessary steps to authenticate an user. * - * @return {@code true} if the user was authenticated properly + * @throws AuthenticationException When the authentication process fails, this exception is thrown. */ - boolean authenticate(); + void authenticate() throws AuthenticationException; /** * Executes the necessary steps to unauthenticate an user. @@ -62,5 +63,5 @@ public interface Authenticator extends Serializable { * * @return the user currently authenticated */ - User getUser(); + Principal getUser(); } diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthorizationException.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthorizationException.java index eea34b2..7f0934b 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthorizationException.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthorizationException.java @@ -36,11 +36,8 @@ */ package br.gov.frameworkdemoiselle.security; -import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer; -import br.gov.frameworkdemoiselle.util.ResourceBundle; - /** - * Thrown when trying to access some resource and/or execute an operation without the proper authorization. + * Thrown when a fail on trying to access some resource and/or execute an operation without the proper authorization. * * @author SERPRO */ @@ -48,8 +45,6 @@ public class AuthorizationException extends SecurityException { private static final long serialVersionUID = 1L; - private static ResourceBundle bundle; - /** * Constructor with message. * @@ -59,16 +54,4 @@ public class AuthorizationException extends SecurityException { public AuthorizationException(String message) { super(message); } - - public AuthorizationException(String resource, String operation) { - super(getBundle().getString("access-denied-ui", resource, operation)); - } - - private static ResourceBundle getBundle() { - if (bundle == null) { - bundle = ResourceBundleProducer.create("demoiselle-core-bundle"); - } - - return bundle; - } } diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityContext.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityContext.java index 1636003..1649e96 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityContext.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityContext.java @@ -37,7 +37,7 @@ package br.gov.frameworkdemoiselle.security; import java.io.Serializable; - +import java.security.Principal; /** * Structure used to handle both authentication and authorizations mechanisms. @@ -48,8 +48,11 @@ public interface SecurityContext extends Serializable { /** * Executes the login of a user to the application. + * + * @throws AuthorizationException + * When the logon process fails, this exception is thrown. */ - void login(); + void login() throws AuthorizationException; /** * Executes the logout of a user. @@ -65,7 +68,7 @@ public interface SecurityContext extends Serializable { * @return {@code true} if the user is logged in */ boolean isLoggedIn(); - + void checkLoggedIn() throws NotLoggedInException; /** @@ -95,7 +98,15 @@ public interface SecurityContext extends Serializable { /** * Return the user logged in the session. * + * @deprecated See {@link #getCurrentUser()} * @return the user logged in a specific session. If there is no active session returns {@code null} */ User getUser(); + + /** + * Return the user logged in the authenticated session. + * + * @return the user logged in a specific session. If there is no active authenticated session returns {@code null} + */ + Principal getCurrentUser(); } diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityException.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityException.java index 125a8c3..4e356b1 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityException.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityException.java @@ -67,4 +67,16 @@ public class SecurityException extends DemoiselleException { public SecurityException(Throwable cause) { super(cause); } + + /** + * Constructor with message and cause. + * + * @param message + * exception message + * @param cause + * exception cause + */ + public SecurityException(String message, Throwable cause) { + super(message, cause); + } } diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/User.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/User.java index 7525600..5280eb1 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/User.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/User.java @@ -37,12 +37,13 @@ package br.gov.frameworkdemoiselle.security; import java.io.Serializable; +import java.security.Principal; /** * @author SERPRO - * + * @deprecated */ -public interface User extends Serializable { +public interface User extends Principal, Serializable { /** * Returns the id of the logged user. diff --git a/impl/core/src/test/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImplTest.java b/impl/core/src/test/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImplTest.java index 21efbd8..580ca51 100644 --- a/impl/core/src/test/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImplTest.java +++ b/impl/core/src/test/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImplTest.java @@ -47,13 +47,12 @@ import static org.easymock.EasyMock.expect; import static org.powermock.api.easymock.PowerMock.mockStatic; import static org.powermock.api.easymock.PowerMock.replay; import static org.powermock.api.easymock.PowerMock.replayAll; +import static org.powermock.reflect.Whitebox.setInternalState; import java.util.ArrayList; import java.util.List; import java.util.Locale; -import static org.powermock.reflect.Whitebox.setInternalState; - import javax.enterprise.inject.spi.BeanManager; import org.easymock.EasyMock; @@ -64,13 +63,13 @@ import org.powermock.api.easymock.PowerMock; import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; -import br.gov.frameworkdemoiselle.security.Authenticator; -import br.gov.frameworkdemoiselle.security.User; -import br.gov.frameworkdemoiselle.security.Authorizer; -import br.gov.frameworkdemoiselle.security.NotLoggedInException; import br.gov.frameworkdemoiselle.internal.bootstrap.AuthenticatorBootstrap; import br.gov.frameworkdemoiselle.internal.configuration.SecurityConfigImpl; import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer; +import br.gov.frameworkdemoiselle.security.Authenticator; +import br.gov.frameworkdemoiselle.security.Authorizer; +import br.gov.frameworkdemoiselle.security.NotLoggedInException; +import br.gov.frameworkdemoiselle.security.User; import br.gov.frameworkdemoiselle.util.Beans; import br.gov.frameworkdemoiselle.util.ResourceBundle; @@ -79,7 +78,9 @@ import br.gov.frameworkdemoiselle.util.ResourceBundle; public class SecurityContextImplTest { private SecurityContextImpl context; + private SecurityConfigImpl config; + private ResourceBundle bundle; @Before @@ -94,7 +95,7 @@ public class SecurityContextImplTest { @Test public void testHasPermissionWithSecurityDisabled() { expect(config.isEnabled()).andReturn(false); - replayAll(Beans.class,config); + replayAll(Beans.class, config); try { assertTrue(context.hasPermission(null, null)); @@ -107,23 +108,23 @@ public class SecurityContextImplTest { Class cache = AuthenticatorImpl.class; List> cacheList = new ArrayList>(); cacheList.add(cache); - + AuthenticatorBootstrap bootstrap = PowerMock.createMock(AuthenticatorBootstrap.class); - + expect(Beans.getReference(AuthenticatorBootstrap.class)).andReturn(bootstrap).anyTimes(); expect(config.getAuthenticatorClass()).andReturn(null).anyTimes(); expect(bootstrap.getCache()).andReturn(cacheList); expect(Beans.getReference(AuthenticatorImpl.class)).andReturn(new AuthenticatorImpl()); expect(Beans.getReference(Locale.class)).andReturn(Locale.getDefault()).anyTimes(); } - + @Test public void testHasPermissionWithSecurityEnabledAndNotLoggedIn() { mockGetAuthenticator(); expect(config.isEnabled()).andReturn(true).anyTimes(); - replayAll(Beans.class,config); - + replayAll(Beans.class, config); + bundle = ResourceBundleProducer.create("demoiselle-core-bundle"); try { @@ -154,10 +155,10 @@ public class SecurityContextImplTest { fail(); } } - + private void loginSuccessfully() { Authenticator authenticator = createMock(Authenticator.class); - expect(authenticator.authenticate()).andReturn(true); + // expect(authenticator.authenticate()).andReturn(true); BeanManager manager = createMock(BeanManager.class); expect(Beans.getBeanManager()).andReturn(manager); @@ -165,20 +166,20 @@ public class SecurityContextImplTest { PowerMock.expectLastCall(); User user = createMock(User.class); - expect(authenticator.getUser()).andReturn(user).anyTimes(); + expect(authenticator.getUser()).andReturn(user).anyTimes(); - setInternalState(context, "authenticator", authenticator); + setInternalState(context, "authenticator", authenticator); - replayAll(authenticator, user, Beans.class, manager); + replayAll(authenticator, user, Beans.class, manager); - context.login(); - assertTrue(context.isLoggedIn()); + context.login(); + assertTrue(context.isLoggedIn()); } @Test public void testHasRoleWithSecurityDisabled() { expect(config.isEnabled()).andReturn(false); - replayAll(Beans.class,config); + replayAll(Beans.class, config); try { assertTrue(context.hasRole(null)); @@ -190,10 +191,10 @@ public class SecurityContextImplTest { @Test public void testHasRoleWithSecurityEnabledAndNotLoggedIn() { mockGetAuthenticator(); - + expect(config.isEnabled()).andReturn(true).anyTimes(); - replayAll(Beans.class,config); - + replayAll(Beans.class, config); + bundle = ResourceBundleProducer.create("demoiselle-core-bundle"); try { @@ -241,7 +242,7 @@ public class SecurityContextImplTest { @Test public void testIsLoggedInWithSecurityDisabled() { expect(config.isEnabled()).andReturn(false); - replayAll(config,Beans.class); + replayAll(config, Beans.class); assertTrue(context.isLoggedIn()); } @@ -249,7 +250,7 @@ public class SecurityContextImplTest { @Test public void testLoginWithSecurityDisabled() { expect(config.isEnabled()).andReturn(false).times(2); - replayAll(config,Beans.class); + replayAll(config, Beans.class); context.login(); assertTrue(context.isLoggedIn()); @@ -258,9 +259,9 @@ public class SecurityContextImplTest { @Test public void testLoginWithAuthenticationFail() { Authenticator authenticator = createMock(Authenticator.class); - + expect(config.isEnabled()).andReturn(true).anyTimes(); - expect(authenticator.authenticate()).andReturn(false); + // expect(authenticator.authenticate()).andReturn(false); expect(authenticator.getUser()).andReturn(null).anyTimes(); setInternalState(context, "authenticator", authenticator); @@ -275,7 +276,7 @@ public class SecurityContextImplTest { public void testLogOutWithSecurityDisabled() { expect(config.isEnabled()).andReturn(false).times(2); - replayAll(config,Beans.class); + replayAll(config, Beans.class); try { context.logout(); @@ -288,7 +289,7 @@ public class SecurityContextImplTest { @Test public void testLogOutWithoutPreviousLogin() { Authenticator authenticator = createMock(Authenticator.class); - + expect(authenticator.getUser()).andReturn(null).anyTimes(); expect(Beans.getReference(Locale.class)).andReturn(Locale.getDefault()).anyTimes(); expect(config.isEnabled()).andReturn(true).anyTimes(); @@ -296,7 +297,7 @@ public class SecurityContextImplTest { setInternalState(context, "authenticator", authenticator); replayAll(config, authenticator, Beans.class); - + bundle = ResourceBundleProducer.create("demoiselle-core-bundle"); try { @@ -312,7 +313,7 @@ public class SecurityContextImplTest { expect(config.isEnabled()).andReturn(true).anyTimes(); Authenticator authenticator = createMock(Authenticator.class); - expect(authenticator.authenticate()).andReturn(true); + // expect(authenticator.authenticate()).andReturn(true); authenticator.unAuthenticate(); PowerMock.expectLastCall(); @@ -381,8 +382,7 @@ public class SecurityContextImplTest { private static final long serialVersionUID = 1L; @Override - public boolean authenticate() { - return false; + public void authenticate() { } @Override diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java index 1e4515a..afc98fd 100644 --- a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java +++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java @@ -39,7 +39,7 @@ package br.gov.frameworkdemoiselle.security; import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY; import java.io.IOException; -import java.security.SecurityPermission; +import java.security.Principal; import javax.enterprise.context.SessionScoped; import javax.enterprise.inject.Produces; @@ -72,7 +72,7 @@ public class JAASAuthenticator implements Authenticator { private static Logger logger; - private User user; + private Principal user; private final Subject subject; @@ -87,26 +87,20 @@ public class JAASAuthenticator implements Authenticator { } @Override - public boolean authenticate() { - boolean result = false; - + public void authenticate() throws AuthenticationException { try { LoginContext loginContext = createLoginContext(); - + if (loginContext != null) { loginContext.login(); this.user = createUser(this.credentials.getUsername()); this.credentials.clear(); - - result = true; } } catch (LoginException cause) { - getLogger().info(cause.getMessage()); + throw new AuthenticationException(cause); } - - return result; } @Override @@ -114,52 +108,46 @@ public class JAASAuthenticator implements Authenticator { this.user = null; } - private User createUser(final String username) { - return new User() { + private Principal createUser(final String username) { + return new Principal() { - private static final long serialVersionUID = 1L; + // TODO Tornar esta classe serializável + // private static final long serialVersionUID = 1L; @Override - public String getId() { + public String getName() { return username; } - - @Override - public Object getAttribute(Object key) { - return null; - } - - @Override - public void setAttribute(Object key, Object value) { - } }; } @Override - public User getUser() { + public Principal getUser() { try { - -// LoginContext - -// AbstractSecurityContext. - -// Object securityContext = System.getSecurityManager().getSecurityContext(); - -// System.out.println(securityContext.toString()); - + + // LoginContext + + // AbstractSecurityContext. + + // Object securityContext = System.getSecurityManager().getSecurityContext(); + + // System.out.println(securityContext.toString()); + String name = config.getLoginModuleName(); LoginContext loginContext = new LoginContext(name, this.subject); loginContext.login(); - + Subject subject2 = loginContext.getSubject(); - System.out.println(subject2.toString()); - + //subject2.get + + //System.out.println(subject2.toString()); + } catch (LoginException e) { // TODO Auto-generated catch block e.printStackTrace(); } - + return this.user; } diff --git a/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java index 7086093..01523c6 100644 --- a/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java +++ b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java @@ -43,11 +43,7 @@ import java.security.Principal; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; -import org.slf4j.Logger; - import br.gov.frameworkdemoiselle.annotation.Priority; -import br.gov.frameworkdemoiselle.internal.interceptor.TransactionalInterceptor; -import br.gov.frameworkdemoiselle.internal.producer.LoggerProducer; import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer; import br.gov.frameworkdemoiselle.util.Beans; import br.gov.frameworkdemoiselle.util.ResourceBundle; @@ -59,23 +55,14 @@ public class ServletAuthenticator implements Authenticator { private static ResourceBundle bundle; - private static Logger logger; - @Override - public boolean authenticate() { - boolean result; - + public void authenticate() throws AuthenticationException { try { getRequest().login(getCredentials().getUsername(), getCredentials().getPassword()); - result = true; } catch (ServletException cause) { - getLogger().debug(getBundle().getString("authentication-failed") + cause.getLocalizedMessage()); - - result = false; + throw new AuthenticationException(getBundle().getString("authentication-failed"), cause); } - - return result; } @Override @@ -85,32 +72,8 @@ public class ServletAuthenticator implements Authenticator { } @Override - public User getUser() { - User user = null; - final Principal userPincipal = getRequest().getUserPrincipal(); - - if (userPincipal != null) { - user = new User() { - - private static final long serialVersionUID = 1L; - - @Override - public String getId() { - return userPincipal.getName(); - } - - @Override - public void setAttribute(Object key, Object value) { - } - - @Override - public Object getAttribute(Object key) { - return null; - } - }; - } - - return user; + public Principal getUser() { + return getRequest().getUserPrincipal(); } protected Credentials getCredentials() { @@ -128,12 +91,4 @@ public class ServletAuthenticator implements Authenticator { return bundle; } - - private static Logger getLogger() { - if (logger == null) { - logger = LoggerProducer.create(TransactionalInterceptor.class); - } - - return logger; - } } diff --git a/impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties b/impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties index a6f6f31..fb4f36f 100644 --- a/impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties +++ b/impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties @@ -34,4 +34,4 @@ # 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. has-permission-not-supported=N\u00E3o \u00E9 poss\u00EDvel utilizar @{0}, pois esta funcionalidade n\u00E3o \u00E9 suportada pelo JAAS. -authentication-failed=Falha na autentica\u00E7\u00E3o \: +authentication-failed=Falha no processo de autentica\u00E7\u00E3o. diff --git a/pom.xml b/pom.xml index 53aed1e..138a0d7 100755 --- a/pom.xml +++ b/pom.xml @@ -49,7 +49,7 @@ ../internal/parent/build/demoiselle - Demoiselle Framework Build Aggregator + Demoiselle Framework A liberação de versões do framework deve ser feita a partir deste build, que fará automaticamente o build de todos os artefatos com versionamento sincronizado. Jamais gere uma versão do framework sem utilizar este build. -- libgit2 0.21.2