/xservices/trunk/ivy.xml |
---|
44,8 → 44,11 |
<dependency org="org.apache.ant" name="ant-commons-net" rev="1.8.4"/> |
<!-- JCS does not define scopes in its pom.xml, thus map any configuration to default --> |
<dependency org="jcs" name="jcs" rev="1.3" transitive="false" conf="*->default"/> |
<dependency org="org.apache.jcs" name="jcs" rev="1.3"/> |
<!--<dependency org="concurrent" name="concurrent" rev="1.3.4"/> --><!-- needed for JCS --> |
<dependency org="org.quartz-scheduler" name="quartz" rev="2.2.0"/> |
<dependency org="log4j" name="log4j" rev="1.2.17"/> |
55,12 → 58,17 |
<dependency org="jaxen" name="jaxen" rev="1.1.4"/> |
<dependency org="org.apache.shiro" name="shiro-core" rev="1.2.2"/> |
<dependency org="org.apache.shiro" name="shiro-web" rev="1.2.2"/> |
<dependency org="org.slf4j" name="slf4j-log4j12" rev="1.6.6"/> <!-- Binding to Log4J --> |
<dependency org="org.apache.cxf" name="cxf-rt-core" rev="2.7.0"/> |
<dependency org="org.apache.cxf" name="cxf-rt-transports-http" rev="2.7.0"/> |
<dependency org="org.apache.cxf" name="cxf-rt-databinding-aegis" rev="2.7.0"/> |
<dependency org="org.apache.cxf" name="cxf-rt-frontend-jaxrs" rev="2.7.0"/> |
<dependency org="org.apache.cxf" name="cxf-rt-frontend-jaxws" rev="2.7.0"/> |
<dependency org="org.apache.cxf" name="cxf-rt-rs-security-sso-saml" rev="2.7.0"/> |
<dependency org="rhino" name="js" rev="1.7R2"/> |
/xservices/trunk/src/java/shiro.ini |
---|
0,0 → 1,52 |
# ======================= |
# Shiro INI configuration |
# ======================= |
[main] |
# Objects and their properties are defined here, |
# Such as the securityManager, Realms and anything |
# else needed to build the SecurityManager |
realm = net.brutex.xservices.security.XServicesRealm |
securityManager.realms = $realm |
#authc = org.apache.shiro.web.filter.authc.FormAuthenticationFilter |
[users] |
# The 'users' section is for simple deployments |
# when you only need a small number of statically-defined |
# set of User accounts. |
# Format: user = password, role1, role2, ... |
admin = password |
brian = password, Administrator |
[roles] |
# The 'roles' section is for simple deployments |
# when you only need a small number of statically-defined |
# roles. |
Administrator = c:/t*/*, c:/windows/*, d:/**/VIDEO, C:/Users/brosenberger/**, d:/data/**, c:/** |
[urls] |
# The 'urls' section is used for url-based security |
# in web applications. We'll discuss this section in the |
# Web documentation |
/** = authcBasic |
#Default filters |
#Filter Name Class |
#anon org.apache.shiro.web.filter.authc.AnonymousFilter |
#authc org.apache.shiro.web.filter.authc.FormAuthenticationFilter |
#authcBasic org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter |
#logout org.apache.shiro.web.filter.authc.LogoutFilter |
#noSessionCreation org.apache.shiro.web.filter.session.NoSessionCreationFilter |
#perms org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter |
#port org.apache.shiro.web.filter.authz.PortFilter |
#rest org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter |
#roles org.apache.shiro.web.filter.authz.RolesAuthorizationFilter |
#ssl org.apache.shiro.web.filter.authz.SslFilter |
#user org.apache.shiro.web.filter.authc.UserFilter |
Property changes: |
Added: svn:mime-type |
+text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/Identity.java |
---|
File deleted |
Property changes: |
Deleted: svn:mime-type |
-text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/SecurityManager.java |
---|
File deleted |
\ No newline at end of file |
Property changes: |
Deleted: svn:mime-type |
-text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/StandardSecurityManager.java |
---|
File deleted |
\ No newline at end of file |
Property changes: |
Deleted: svn:mime-type |
-text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/UserIdentity.java |
---|
File deleted |
\ No newline at end of file |
Property changes: |
Deleted: svn:mime-type |
-text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/PermissionResolver.java |
---|
0,0 → 1,35 |
/* |
* Copyright 2013 Brian Rosenberger (Brutex Network) |
* |
* Licensed under the Apache License, Version 2.0 (the "License"); |
* you may not use this file except in compliance with the License. |
* You may obtain a copy of the License at |
* |
* http://www.apache.org/licenses/LICENSE-2.0 |
* |
* Unless required by applicable law or agreed to in writing, software |
* distributed under the License is distributed on an "AS IS" BASIS, |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
* See the License for the specific language governing permissions and |
* limitations under the License. |
*/ |
package net.brutex.xservices.security; |
import org.apache.log4j.Logger; |
import org.apache.shiro.authz.Permission; |
/** |
* @author Brian Rosenberger, bru(at)brutex.de |
* |
*/ |
public class PermissionResolver implements org.apache.shiro.authz.permission.PermissionResolver { |
final Logger logger = Logger.getLogger(PermissionResolver.class); |
@Override |
public Permission resolvePermission(String permissionString) { |
logger.debug(String.format("Creating new Permission '%s'", permissionString)); |
return new DirectoryPermission(permissionString); |
} |
} |
Property changes: |
Added: svn:mime-type |
+text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/XServicesRealm.java |
---|
0,0 → 1,80 |
/* |
* Copyright 2013 Brian Rosenberger (Brutex Network) |
* |
* Licensed under the Apache License, Version 2.0 (the "License"); |
* you may not use this file except in compliance with the License. |
* You may obtain a copy of the License at |
* |
* http://www.apache.org/licenses/LICENSE-2.0 |
* |
* Unless required by applicable law or agreed to in writing, software |
* distributed under the License is distributed on an "AS IS" BASIS, |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
* See the License for the specific language governing permissions and |
* limitations under the License. |
*/ |
package net.brutex.xservices.security; |
import java.text.ParseException; |
import java.util.Collection; |
import java.util.Map; |
import org.apache.log4j.Logger; |
import org.apache.shiro.authc.AuthenticationException; |
import org.apache.shiro.authc.AuthenticationInfo; |
import org.apache.shiro.authc.AuthenticationToken; |
import org.apache.shiro.authz.AuthorizationInfo; |
import org.apache.shiro.authz.Permission; |
import org.apache.shiro.authz.permission.PermissionResolver; |
import org.apache.shiro.config.Ini; |
import org.apache.shiro.io.ResourceUtils; |
import org.apache.shiro.realm.AuthorizingRealm; |
import org.apache.shiro.realm.text.IniRealm; |
import org.apache.shiro.subject.PrincipalCollection; |
import org.apache.shiro.util.Nameable; |
import org.apache.shiro.util.PermissionUtils; |
// TODO: Auto-generated Javadoc |
/* |
* For later use. A Realm connects to a DS where Users/ Passes are defined |
* and allows Shiro to transparently work against different user/pass stores |
* (i.e. LDAP, Custom, etc.) |
* |
* @author Brian Rosenberger, bru(at)brutex.de |
* |
*/ |
/** |
* The Class XServicesRealm. |
*/ |
public class XServicesRealm extends IniRealm implements Nameable { |
/** The logger. */ |
private static Logger logger = Logger.getLogger(XServicesRealm.class); |
/** The name. */ |
private String name; |
/* (non-Javadoc) |
* @see org.apache.shiro.realm.AuthorizingRealm#setName(java.lang.String) |
*/ |
@Override |
public void setName(String name) { |
this.name = name; |
} |
/** |
* Instantiates a new x services realm with default |
* 'shiro.ini' in classpath and {@link net.brutex.xservices.security.PermissionResolver PermissionResolver}. |
* |
*/ |
public XServicesRealm() { |
super(); |
this.setIni(Ini.fromResourcePath(ResourceUtils.CLASSPATH_PREFIX+"shiro.ini")); |
this.setPermissionResolver(new net.brutex.xservices.security.PermissionResolver()); |
//this.setRolePermissionResolver(new RolePermissionResolver()); |
init(); |
} |
} |
Property changes: |
Added: svn:mime-type |
+text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/DirectoryPermission.java |
---|
0,0 → 1,65 |
/* |
* Copyright 2013 Brian Rosenberger (Brutex Network) |
* |
* Licensed under the Apache License, Version 2.0 (the "License"); |
* you may not use this file except in compliance with the License. |
* You may obtain a copy of the License at |
* |
* http://www.apache.org/licenses/LICENSE-2.0 |
* |
* Unless required by applicable law or agreed to in writing, software |
* distributed under the License is distributed on an "AS IS" BASIS, |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
* See the License for the specific language governing permissions and |
* limitations under the License. |
*/ |
package net.brutex.xservices.security; |
import org.apache.log4j.Logger; |
import org.apache.shiro.authz.Permission; |
import org.apache.shiro.util.AntPathMatcher; |
/** |
* @author Brian Rosenberger, bru(at)brutex.de |
* |
*/ |
public class DirectoryPermission implements Permission { |
private final Logger logger = Logger.getLogger(DirectoryPermission.class); |
private final String path; |
public DirectoryPermission(String antlikepath) { |
path = antlikepath; |
} |
@Override |
public boolean implies(Permission p) { |
boolean result = false; |
/* is of same type */ |
if(! (p instanceof DirectoryPermission)) { |
logger.debug(String.format("Testing if permission of type '%s' implies permission of type '%s'. Result was '%s'" , this.getClass(), p.getClass(), result)); |
return result; |
} |
/* comparing to non null directory */ |
if( ((DirectoryPermission)p).getPath() == null) { |
logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to 'null'. Result was '%s'" , this.getPath(), result)); |
return result; |
} |
/* directory pattern implies other */ |
if( (new AntPathMatcher()).matches(path, ((DirectoryPermission)p).getPath()) ) { |
result = true; |
} |
logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to '%s'. Result was '%s'" , this.getPath(), ((DirectoryPermission) p).getPath(), result)); |
return result; |
} |
public String getPath() { |
return path; |
} |
} |
Property changes: |
Added: svn:mime-type |
+text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/log4j.properties |
---|
1,5 → 1,5 |
log4j.rootLogger=DEBUG, A1 |
log4j.rootLogger=INFO, A1 |
log4j.appender.A1=org.apache.log4j.ConsoleAppender |
log4j.appender.A1.layout=org.apache.log4j.PatternLayout |
8,7 → 8,7 |
# Print only messages of level WARN or above in the package com.foo. |
log4j.logger.net.brutex.xservices=INFO |
log4j.logger.net.brutex.xservices.ws.rs=INFO |
log4j.logger.net.brutex.xservices.ws.rs=DEBUG |
log4j.logger.org.springframework=INFO |
17,3 → 17,6 |
log4j.logger.org.apache.commons=INFO |
log4j.logger.org.apache.axiom=INFO |
log4j.logger.org.apache.shiro=INFO |
/xservices/trunk/web/WEB-INF/cxf-beans.xml |
---|
83,6 → 83,31 |
</jaxrs:serviceBeans> |
</jaxrs:server> |
<bean id="FileInfoBean" class="net.brutex.xservices.ws.rs.FileInfoImpl" /> |
<jaxrs:server address="/app1"> |
<jaxrs:serviceBeans> |
<ref bean="FileInfoBean"/> |
</jaxrs:serviceBeans> |
<jaxrs:providers> |
<ref bean="redirectGetFilter"/> |
</jaxrs:providers> |
</jaxrs:server> |
<bean id="redirectGetFilter" class="org.apache.cxf.rs.security.saml.sso.SamlRedirectBindingFilter"> |
<property name="idpServiceAddress" value="https://localhost:9443/idp"/> |
<!-- both relative and absolute URIs are supported --> |
<property name="assertionConsumerServiceAddress" value="/racs/sso"/> |
<property name="stateProvider" ref="stateManager"/> |
</bean> |
<bean id="stateManager" class="org.apache.cxf.rs.security.saml.sso.state.EHCacheSPStateManager"> |
<constructor-arg ref="cxf"/> |
</bean> |
<jaxrs:server id="CVSInfo" address="/cvsinfo"> |
/xservices/trunk/web/WEB-INF/web.xml |
---|
28,37 → 28,21 |
<param-value>3</param-value> |
</context-param> |
<!-- |
<!-- <context-param> <param-name>cvs-config-02</param-name> <param-value>c:/temp/test2.txt</param-value> |
</context-param> <context-param> <param-name>cvs-config-01</param-name> <param-value>c:/temp/test.txt</param-value> |
</context-param> <context-param> <param-name>cvs-config-03</param-name> <param-value>c:/temp/test3.txt</param-value> |
</context-param> --> |
<!-- Caching interval in minutes for CVS cache --> |
<context-param> |
<param-name>cvs-config-02</param-name> |
<param-value>c:/temp/test2.txt</param-value> |
</context-param> |
<context-param> |
<param-name>cvs-config-01</param-name> |
<param-value>c:/temp/test.txt</param-value> |
</context-param> |
<context-param> |
<param-name>cvs-config-03</param-name> |
<param-value>c:/temp/test3.txt</param-value> |
</context-param> |
--> |
<!-- Caching interval in minutes for CVS cache --> |
<context-param> |
<param-name>cvs-cache-interval</param-name> |
<param-value>3</param-value> |
</context-param> |
<!-- CVS content search cache --> |
<!-- |
<context-param> |
<param-name>cvs-findings-configuration</param-name> |
<param-value>c:/temp/cvs-findings.txt</param-value> |
</context-param> |
--> |
<!-- CVS content search cache --> |
<!-- <context-param> <param-name>cvs-findings-configuration</param-name> |
<param-value>c:/temp/cvs-findings.txt</param-value> </context-param> --> |
<listener> |
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |
</listener> |
105,4 → 89,33 |
<welcome-file-list> |
<welcome-file>index.html</welcome-file> |
</welcome-file-list> |
<!-- Shiro --> |
<listener> |
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> |
</listener> |
<filter> |
<filter-name>ShiroFilter</filter-name> |
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> |
<init-param> |
<param-name>configPath</param-name> |
<param-value>/WEB-INF/shiro.ini</param-value> |
</init-param> |
</filter> |
<filter-mapping> |
<filter-name>ShiroFilter</filter-name> |
<url-pattern>/*</url-pattern> |
<dispatcher>REQUEST</dispatcher> |
<dispatcher>FORWARD</dispatcher> |
<dispatcher>INCLUDE</dispatcher> |
<dispatcher>ERROR</dispatcher> |
</filter-mapping> |
<!-- Shiro --> |
</web-app> |