Include security fix and new packagin to embed Shiro and SLF4J dependencies

Include a default realm using properties file for management purpose
2014-03-01 09:44:25 +01:00 · 2014-03-01 09:44:25 +01:00 · 50930e847b
parent d1ff36ade1
commit 50930e847b
7 changed files with 70 additions and 4 deletions
--- a/openesb-standalone-packaging/pom.xml
+++ b/openesb-standalone-packaging/pom.xml
@ -113,6 +113,12 @@
            <version>${shiro.version}</version>
        </dependency>
        
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>1.7.6</version>
+        </dependency>
+        
        <!-- OpenESB REST API & Web Console -->
        <dependency>
            <groupId>net.open-esb</groupId>
--- a/openesb-standalone-packaging/src/main/assembly/distribution.xml
+++ b/openesb-standalone-packaging/src/main/assembly/distribution.xml
@ -97,6 +97,7 @@
                <include>org.apache.tomcat:tomcat-catalina</include>
                <include>org.yaml:snakeyaml</include>
                <include>org.apache.shiro:shiro-core</include>
+                <include>org.slf4j:slf4j-api</include>
            </includes>
            <outputDirectory>lib/ext</outputDirectory>
            <useProjectArtifact>false</useProjectArtifact>
--- a/openesb-standalone-packaging/src/main/resources/config/mgmt-users.properties
+++ b/openesb-standalone-packaging/src/main/resources/config/mgmt-users.properties
@ -0,0 +1,3 @@
+
+# Management users
+user.admin = admin
--- a/openesb-standalone-packaging/src/main/resources/config/openesb.yaml
+++ b/openesb-standalone-packaging/src/main/resources/config/openesb.yaml
@ -16,4 +16,9 @@

 # Disable HTTP completely:
 #
-# http.enabled: false
+# http.enabled: false
+
+realm:
+   admin:
+      type: properties
+      file: ${install.root}/config/mgmt-users.properties
--- a/openesb-standalone-security/src/main/java/net/openesb/standalone/security/realm/RealmBuilder.java
+++ b/openesb-standalone-security/src/main/java/net/openesb/standalone/security/realm/RealmBuilder.java
@ -10,6 +10,8 @@ import java.util.ServiceLoader;
 */
 public final class RealmBuilder {
    
+    private final static String REALM_TYPE = "type";
+    
    public static RealmBuilder realmBuilder() {
        return new RealmBuilder();
    }
@ -17,7 +19,8 @@ public final class RealmBuilder {
    public Realm build(String realmName, Map<String, String> properties) {
        ServiceLoader<RealmHandler> handlers = ServiceLoader.load(RealmHandler.class);
        for(RealmHandler handler : handlers) {
-            if (handler.canHandle(realmName)) {
+            String type = properties.get(REALM_TYPE);
+            if (handler.canHandle(type)) {
                Realm realm = handler.create(properties);
                realm.setName(realmName);
                
--- a/openesb-standalone-security/src/main/java/net/openesb/standalone/security/realm/impl/AbstractRealmHandler.java
+++ b/openesb-standalone-security/src/main/java/net/openesb/standalone/security/realm/impl/AbstractRealmHandler.java
@ -0,0 +1,47 @@
+package net.openesb.standalone.security.realm.impl;
+
+import net.openesb.standalone.security.realm.Realm;
+import net.openesb.standalone.security.realm.RealmHandler;
+
+/**
+ *
+ * @author David BRASSELY (brasseld at gmail.com)
+ * @author OpenESB Community
+ */
+public abstract class AbstractRealmHandler<T extends Realm> implements RealmHandler<T> {
+
+    /**
+     * System property replacement in the given string.
+     *
+     * @param str The original string
+     * @return the modified string
+     */
+    protected String replace(String str) {
+        String result = str;
+        int pos_start = str.indexOf("${");
+        if (pos_start >= 0) {
+            StringBuilder builder = new StringBuilder();
+            int pos_end = -1;
+            while (pos_start >= 0) {
+                builder.append(str, pos_end + 1, pos_start);
+                pos_end = str.indexOf('}', pos_start + 2);
+                if (pos_end < 0) {
+                    pos_end = pos_start - 1;
+                    break;
+                }
+                String propName = str.substring(pos_start + 2, pos_end);
+                String replacement = propName.length() > 0 ? System
+                        .getProperty(propName) : null;
+                if (replacement != null) {
+                    builder.append(replacement);
+                } else {
+                    builder.append(str, pos_start, pos_end + 1);
+                }
+                pos_start = str.indexOf("${", pos_end + 1);
+            }
+            builder.append(str, pos_end + 1, str.length());
+            result = builder.toString();
+        }
+        return result;
+    }
+}
--- a/openesb-standalone-security/src/main/java/net/openesb/standalone/security/realm/impl/PropertiesRealmHandler.java
+++ b/openesb-standalone-security/src/main/java/net/openesb/standalone/security/realm/impl/PropertiesRealmHandler.java
@ -4,14 +4,13 @@ import java.io.File;
 import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
-import net.openesb.standalone.security.realm.RealmHandler;

 /**
 *
 * @author David BRASSELY (brasseld at gmail.com)
 * @author OpenESB Community
 */
-public class PropertiesRealmHandler implements RealmHandler<PropertiesRealm> {
+public class PropertiesRealmHandler extends AbstractRealmHandler<PropertiesRealm> {
    
    private final Logger mLog =
            Logger.getLogger(this.getClass().getPackage().getName());
@ -30,6 +29,8 @@ public class PropertiesRealmHandler implements RealmHandler<PropertiesRealm> {
    @Override
    public PropertiesRealm create(Map<String, String> properties) {
        String file = properties.get(PROPERTY_PATH);
+        file = replace(file);
+        
        mLog.log(Level.INFO, "Creating properties realm using file: {0}", file);
        
        File propertyFile = new File(file);