Add security dev. to provide authentication mechanisms
parent
d7ad5df7ea
commit
dd7e792b4f
|
@ -7,6 +7,7 @@ import javax.inject.Inject;
|
|||
import javax.ws.rs.core.Application;
|
||||
import javax.ws.rs.ext.RuntimeDelegate;
|
||||
import net.openesb.rest.api.OpenESBApplication;
|
||||
import net.openesb.security.SecurityProvider;
|
||||
import net.openesb.standalone.LifecycleException;
|
||||
import net.openesb.standalone.LocalStringKeys;
|
||||
import net.openesb.standalone.env.Environment;
|
||||
|
@ -19,7 +20,9 @@ import org.glassfish.grizzly.http.server.HttpHandler;
|
|||
import org.glassfish.grizzly.http.server.NetworkListener;
|
||||
import org.glassfish.grizzly.http.server.ServerConfiguration;
|
||||
import org.glassfish.grizzly.threadpool.ThreadPoolConfig;
|
||||
import org.glassfish.hk2.utilities.binding.AbstractBinder;
|
||||
import org.glassfish.jersey.server.ContainerFactory;
|
||||
import org.glassfish.jersey.server.ResourceConfig;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -42,10 +45,13 @@ public class EmbeddedHttpServer implements HttpServer {
|
|||
private final Environment environment;
|
||||
private boolean enabled;
|
||||
|
||||
private final SecurityProvider securityProvider;
|
||||
|
||||
@Inject
|
||||
public EmbeddedHttpServer(Settings settings, Environment environment) {
|
||||
public EmbeddedHttpServer(Settings settings, Environment environment, SecurityProvider securityProvider) {
|
||||
this.settings = settings;
|
||||
this.environment = environment;
|
||||
this.securityProvider = securityProvider;
|
||||
this.init();
|
||||
}
|
||||
|
||||
|
@ -82,7 +88,10 @@ public class EmbeddedHttpServer implements HttpServer {
|
|||
*/
|
||||
RuntimeDelegate.setInstance(null);
|
||||
|
||||
HttpHandler handler = ContainerFactory.createContainer(HttpHandler.class, new OpenESBApplication());
|
||||
ResourceConfig app = new OpenESBApplication();
|
||||
app.register(new SecurityBridgeProvider());
|
||||
|
||||
HttpHandler handler = ContainerFactory.createContainer(HttpHandler.class, app);
|
||||
config.addHttpHandler(handler, "/api");
|
||||
}
|
||||
}
|
||||
|
@ -156,4 +165,13 @@ public class EmbeddedHttpServer implements HttpServer {
|
|||
config.addHttpHandler(handler, rootURI);
|
||||
}
|
||||
}
|
||||
|
||||
class SecurityBridgeProvider extends AbstractBinder {
|
||||
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(securityProvider).to(SecurityProvider.class);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
@ -28,7 +28,7 @@ public class SecurityProviderImpl implements SecurityProvider {
|
|||
private static final Logger LOG =
|
||||
Logger.getLogger(SecurityProviderImpl.class.getPackage().getName());
|
||||
private final static String SETTINGS_KEY = "realm";
|
||||
private final static String MANAGEMENT_REALM = "admin";
|
||||
|
||||
private final Map<String, Realm> realms = new HashMap<String, Realm>();
|
||||
private final ShiroAuthenticator authenticator = new ShiroAuthenticator();
|
||||
|
||||
|
|
|
@ -7,8 +7,10 @@ import java.util.logging.Logger;
|
|||
import javax.security.auth.Subject;
|
||||
import net.openesb.security.AuthenticationException;
|
||||
import net.openesb.security.AuthenticationToken;
|
||||
import net.openesb.security.SecurityProvider;
|
||||
import net.openesb.standalone.security.realm.Realm;
|
||||
import net.openesb.standalone.security.realm.impl.PropertiesRealm;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authc.UsernamePasswordToken;
|
||||
import org.apache.shiro.mgt.DefaultSecurityManager;
|
||||
|
||||
|
@ -31,6 +33,12 @@ public class ShiroAuthenticator {
|
|||
if (converter.canHandle(realm.getClass())) {
|
||||
org.apache.shiro.realm.Realm sRealm = converter.convert((PropertiesRealm)realm);
|
||||
DefaultSecurityManager manager = new DefaultSecurityManager(sRealm);
|
||||
|
||||
// This should be done only one time for admin/management realm.
|
||||
if (SecurityProvider.MANAGEMENT_REALM.equalsIgnoreCase(realm.getName())) {
|
||||
SecurityUtils.setSecurityManager(manager);
|
||||
}
|
||||
|
||||
securityManagers.put(realm.getName(), manager);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -66,7 +66,7 @@ NAMING_UNMARSHAL_SUCCESS = OESE-1405: Naming context have been unmars
|
|||
HTTP_SERVER_PORT = OESE-1500: Using HTTP Port: {0}
|
||||
HTTP_SERVER_ENABLED = OESE-1501: HTTP Server enabled: {0}
|
||||
HTTP_START_SERVER = OESE-1502: Starting HTTP Server
|
||||
HTTP_START_SERVER_FAILED = OESE-1503: Failed to start HTTP Server: {0}
|
||||
HTTP_START_SERVER_FAILED = OESE-1503: Failed to start HTTP Server:
|
||||
HTTP_STOP_SERVER = OESE-1504: HTTP Server stopped
|
||||
|
||||
context.binding.ok=context binding is successful and the data have been unmarshaled
|
||||
|
|
|
@ -25,4 +25,5 @@ echo *
|
|||
echo **************************************************
|
||||
GOTO endbatch
|
||||
|
||||
|
||||
:endbatch
|
|
@ -91,8 +91,8 @@ echo.
|
|||
echo **************************************************
|
||||
echo *
|
||||
echo * WARNING ...
|
||||
echo * Unable to find to start OpenESB standalone Edition
|
||||
echo * Bootstrap jar file is misssinf
|
||||
echo * Unable to find OpenESB Standalone Edition
|
||||
echo * Bootstrap jar file is misssing
|
||||
echo * Please check your installation
|
||||
echo *
|
||||
echo **************************************************
|
||||
|
|
|
@ -27,7 +27,7 @@
|
|||
# Set the security realms which have to be used for management purpose or components
|
||||
# security concerns.
|
||||
realm:
|
||||
# The realm "admin" is the realm used for management (JMX / Rest API)
|
||||
admin:
|
||||
# The realm "management" is the realm used for management (JMX / Rest API / oeadmin)
|
||||
management:
|
||||
type: properties
|
||||
file: ${openesb.home}/config/mgmt-users.properties
|
Loading…
Reference in New Issue