Add security dev. to provide authentication mechanisms
parent
d7ad5df7ea
commit
dd7e792b4f
|
@ -7,6 +7,7 @@ import javax.inject.Inject;
|
||||||
import javax.ws.rs.core.Application;
|
import javax.ws.rs.core.Application;
|
||||||
import javax.ws.rs.ext.RuntimeDelegate;
|
import javax.ws.rs.ext.RuntimeDelegate;
|
||||||
import net.openesb.rest.api.OpenESBApplication;
|
import net.openesb.rest.api.OpenESBApplication;
|
||||||
|
import net.openesb.security.SecurityProvider;
|
||||||
import net.openesb.standalone.LifecycleException;
|
import net.openesb.standalone.LifecycleException;
|
||||||
import net.openesb.standalone.LocalStringKeys;
|
import net.openesb.standalone.LocalStringKeys;
|
||||||
import net.openesb.standalone.env.Environment;
|
import net.openesb.standalone.env.Environment;
|
||||||
|
@ -19,7 +20,9 @@ import org.glassfish.grizzly.http.server.HttpHandler;
|
||||||
import org.glassfish.grizzly.http.server.NetworkListener;
|
import org.glassfish.grizzly.http.server.NetworkListener;
|
||||||
import org.glassfish.grizzly.http.server.ServerConfiguration;
|
import org.glassfish.grizzly.http.server.ServerConfiguration;
|
||||||
import org.glassfish.grizzly.threadpool.ThreadPoolConfig;
|
import org.glassfish.grizzly.threadpool.ThreadPoolConfig;
|
||||||
|
import org.glassfish.hk2.utilities.binding.AbstractBinder;
|
||||||
import org.glassfish.jersey.server.ContainerFactory;
|
import org.glassfish.jersey.server.ContainerFactory;
|
||||||
|
import org.glassfish.jersey.server.ResourceConfig;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
|
@ -42,10 +45,13 @@ public class EmbeddedHttpServer implements HttpServer {
|
||||||
private final Environment environment;
|
private final Environment environment;
|
||||||
private boolean enabled;
|
private boolean enabled;
|
||||||
|
|
||||||
|
private final SecurityProvider securityProvider;
|
||||||
|
|
||||||
@Inject
|
@Inject
|
||||||
public EmbeddedHttpServer(Settings settings, Environment environment) {
|
public EmbeddedHttpServer(Settings settings, Environment environment, SecurityProvider securityProvider) {
|
||||||
this.settings = settings;
|
this.settings = settings;
|
||||||
this.environment = environment;
|
this.environment = environment;
|
||||||
|
this.securityProvider = securityProvider;
|
||||||
this.init();
|
this.init();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -82,7 +88,10 @@ public class EmbeddedHttpServer implements HttpServer {
|
||||||
*/
|
*/
|
||||||
RuntimeDelegate.setInstance(null);
|
RuntimeDelegate.setInstance(null);
|
||||||
|
|
||||||
HttpHandler handler = ContainerFactory.createContainer(HttpHandler.class, new OpenESBApplication());
|
ResourceConfig app = new OpenESBApplication();
|
||||||
|
app.register(new SecurityBridgeProvider());
|
||||||
|
|
||||||
|
HttpHandler handler = ContainerFactory.createContainer(HttpHandler.class, app);
|
||||||
config.addHttpHandler(handler, "/api");
|
config.addHttpHandler(handler, "/api");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -156,4 +165,13 @@ public class EmbeddedHttpServer implements HttpServer {
|
||||||
config.addHttpHandler(handler, rootURI);
|
config.addHttpHandler(handler, rootURI);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class SecurityBridgeProvider extends AbstractBinder {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void configure() {
|
||||||
|
bind(securityProvider).to(SecurityProvider.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,7 +28,7 @@ public class SecurityProviderImpl implements SecurityProvider {
|
||||||
private static final Logger LOG =
|
private static final Logger LOG =
|
||||||
Logger.getLogger(SecurityProviderImpl.class.getPackage().getName());
|
Logger.getLogger(SecurityProviderImpl.class.getPackage().getName());
|
||||||
private final static String SETTINGS_KEY = "realm";
|
private final static String SETTINGS_KEY = "realm";
|
||||||
private final static String MANAGEMENT_REALM = "admin";
|
|
||||||
private final Map<String, Realm> realms = new HashMap<String, Realm>();
|
private final Map<String, Realm> realms = new HashMap<String, Realm>();
|
||||||
private final ShiroAuthenticator authenticator = new ShiroAuthenticator();
|
private final ShiroAuthenticator authenticator = new ShiroAuthenticator();
|
||||||
|
|
||||||
|
|
|
@ -7,8 +7,10 @@ import java.util.logging.Logger;
|
||||||
import javax.security.auth.Subject;
|
import javax.security.auth.Subject;
|
||||||
import net.openesb.security.AuthenticationException;
|
import net.openesb.security.AuthenticationException;
|
||||||
import net.openesb.security.AuthenticationToken;
|
import net.openesb.security.AuthenticationToken;
|
||||||
|
import net.openesb.security.SecurityProvider;
|
||||||
import net.openesb.standalone.security.realm.Realm;
|
import net.openesb.standalone.security.realm.Realm;
|
||||||
import net.openesb.standalone.security.realm.impl.PropertiesRealm;
|
import net.openesb.standalone.security.realm.impl.PropertiesRealm;
|
||||||
|
import org.apache.shiro.SecurityUtils;
|
||||||
import org.apache.shiro.authc.UsernamePasswordToken;
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
||||||
import org.apache.shiro.mgt.DefaultSecurityManager;
|
import org.apache.shiro.mgt.DefaultSecurityManager;
|
||||||
|
|
||||||
|
@ -31,6 +33,12 @@ public class ShiroAuthenticator {
|
||||||
if (converter.canHandle(realm.getClass())) {
|
if (converter.canHandle(realm.getClass())) {
|
||||||
org.apache.shiro.realm.Realm sRealm = converter.convert((PropertiesRealm)realm);
|
org.apache.shiro.realm.Realm sRealm = converter.convert((PropertiesRealm)realm);
|
||||||
DefaultSecurityManager manager = new DefaultSecurityManager(sRealm);
|
DefaultSecurityManager manager = new DefaultSecurityManager(sRealm);
|
||||||
|
|
||||||
|
// This should be done only one time for admin/management realm.
|
||||||
|
if (SecurityProvider.MANAGEMENT_REALM.equalsIgnoreCase(realm.getName())) {
|
||||||
|
SecurityUtils.setSecurityManager(manager);
|
||||||
|
}
|
||||||
|
|
||||||
securityManagers.put(realm.getName(), manager);
|
securityManagers.put(realm.getName(), manager);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -66,7 +66,7 @@ NAMING_UNMARSHAL_SUCCESS = OESE-1405: Naming context have been unmars
|
||||||
HTTP_SERVER_PORT = OESE-1500: Using HTTP Port: {0}
|
HTTP_SERVER_PORT = OESE-1500: Using HTTP Port: {0}
|
||||||
HTTP_SERVER_ENABLED = OESE-1501: HTTP Server enabled: {0}
|
HTTP_SERVER_ENABLED = OESE-1501: HTTP Server enabled: {0}
|
||||||
HTTP_START_SERVER = OESE-1502: Starting HTTP Server
|
HTTP_START_SERVER = OESE-1502: Starting HTTP Server
|
||||||
HTTP_START_SERVER_FAILED = OESE-1503: Failed to start HTTP Server: {0}
|
HTTP_START_SERVER_FAILED = OESE-1503: Failed to start HTTP Server:
|
||||||
HTTP_STOP_SERVER = OESE-1504: HTTP Server stopped
|
HTTP_STOP_SERVER = OESE-1504: HTTP Server stopped
|
||||||
|
|
||||||
context.binding.ok=context binding is successful and the data have been unmarshaled
|
context.binding.ok=context binding is successful and the data have been unmarshaled
|
||||||
|
|
|
@ -25,4 +25,5 @@ echo *
|
||||||
echo **************************************************
|
echo **************************************************
|
||||||
GOTO endbatch
|
GOTO endbatch
|
||||||
|
|
||||||
|
|
||||||
:endbatch
|
:endbatch
|
|
@ -91,8 +91,8 @@ echo.
|
||||||
echo **************************************************
|
echo **************************************************
|
||||||
echo *
|
echo *
|
||||||
echo * WARNING ...
|
echo * WARNING ...
|
||||||
echo * Unable to find to start OpenESB standalone Edition
|
echo * Unable to find OpenESB Standalone Edition
|
||||||
echo * Bootstrap jar file is misssinf
|
echo * Bootstrap jar file is misssing
|
||||||
echo * Please check your installation
|
echo * Please check your installation
|
||||||
echo *
|
echo *
|
||||||
echo **************************************************
|
echo **************************************************
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
# Set the security realms which have to be used for management purpose or components
|
# Set the security realms which have to be used for management purpose or components
|
||||||
# security concerns.
|
# security concerns.
|
||||||
realm:
|
realm:
|
||||||
# The realm "admin" is the realm used for management (JMX / Rest API)
|
# The realm "management" is the realm used for management (JMX / Rest API / oeadmin)
|
||||||
admin:
|
management:
|
||||||
type: properties
|
type: properties
|
||||||
file: ${openesb.home}/config/mgmt-users.properties
|
file: ${openesb.home}/config/mgmt-users.properties
|
Loading…
Reference in New Issue