Add security dev. to provide authentication mechanisms

openesb-standalone-container/src/main/java/net/openesb/standalone/http/grizzly/EmbeddedHttpServer.java

@@ -7,6 +7,7 @@ import javax.inject.Inject;
 import javax.ws.rs.core.Application;
 import javax.ws.rs.ext.RuntimeDelegate;
 import net.openesb.rest.api.OpenESBApplication;
+import net.openesb.security.SecurityProvider;
 import net.openesb.standalone.LifecycleException;
 import net.openesb.standalone.LocalStringKeys;
 import net.openesb.standalone.env.Environment;
@@ -19,7 +20,9 @@ import org.glassfish.grizzly.http.server.HttpHandler;
 import org.glassfish.grizzly.http.server.NetworkListener;
 import org.glassfish.grizzly.http.server.ServerConfiguration;
 import org.glassfish.grizzly.threadpool.ThreadPoolConfig;
+import org.glassfish.hk2.utilities.binding.AbstractBinder;
 import org.glassfish.jersey.server.ContainerFactory;
+import org.glassfish.jersey.server.ResourceConfig;
 
 /**
  *
@@ -42,10 +45,13 @@ public class EmbeddedHttpServer implements HttpServer {
     private final Environment environment;
     private boolean enabled;
 
+    private final SecurityProvider securityProvider;
+    
     @Inject
-    public EmbeddedHttpServer(Settings settings, Environment environment) {
+    public EmbeddedHttpServer(Settings settings, Environment environment, SecurityProvider securityProvider) {
         this.settings = settings;
         this.environment = environment;
+        this.securityProvider = securityProvider;
         this.init();
     }
     
@@ -82,7 +88,10 @@ public class EmbeddedHttpServer implements HttpServer {
              */
             RuntimeDelegate.setInstance(null);
             
-            HttpHandler handler = ContainerFactory.createContainer(HttpHandler.class, new OpenESBApplication());
+            ResourceConfig app = new OpenESBApplication();
+            app.register(new SecurityBridgeProvider());
+            
+            HttpHandler handler = ContainerFactory.createContainer(HttpHandler.class, app);
             config.addHttpHandler(handler, "/api");
         }
     }
@@ -156,4 +165,13 @@ public class EmbeddedHttpServer implements HttpServer {
             config.addHttpHandler(handler, rootURI);
         }
     }
+    
+    class SecurityBridgeProvider extends AbstractBinder {
+
+        @Override
+        protected void configure() {
+            bind(securityProvider).to(SecurityProvider.class);
+        }
+        
+    }
 }

openesb-standalone-container/src/main/java/net/openesb/standalone/security/SecurityProviderImpl.java

@@ -28,7 +28,7 @@ public class SecurityProviderImpl implements SecurityProvider {
     private static final Logger LOG =
             Logger.getLogger(SecurityProviderImpl.class.getPackage().getName());
     private final static String SETTINGS_KEY = "realm";
-    private final static String MANAGEMENT_REALM = "admin";
+    
     private final Map<String, Realm> realms = new HashMap<String, Realm>();
     private final ShiroAuthenticator authenticator = new ShiroAuthenticator();
 

openesb-standalone-container/src/main/java/net/openesb/standalone/security/realm/shiro/ShiroAuthenticator.java

@@ -7,8 +7,10 @@ import java.util.logging.Logger;
 import javax.security.auth.Subject;
 import net.openesb.security.AuthenticationException;
 import net.openesb.security.AuthenticationToken;
+import net.openesb.security.SecurityProvider;
 import net.openesb.standalone.security.realm.Realm;
 import net.openesb.standalone.security.realm.impl.PropertiesRealm;
+import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.mgt.DefaultSecurityManager;
 
@@ -31,6 +33,12 @@ public class ShiroAuthenticator {
             if (converter.canHandle(realm.getClass())) {
                 org.apache.shiro.realm.Realm sRealm = converter.convert((PropertiesRealm)realm);
                 DefaultSecurityManager manager = new DefaultSecurityManager(sRealm);
+                
+                // This should be done only one time for admin/management realm.
+                if (SecurityProvider.MANAGEMENT_REALM.equalsIgnoreCase(realm.getName())) {
+                    SecurityUtils.setSecurityManager(manager);
+                }
+                
                 securityManagers.put(realm.getName(), manager);
             }
         }

openesb-standalone-container/src/main/resources/net/openesb/standalone/Bundle.properties

@@ -66,7 +66,7 @@ NAMING_UNMARSHAL_SUCCESS            = OESE-1405: Naming context have been unmars
 HTTP_SERVER_PORT                    = OESE-1500: Using HTTP Port: {0}
 HTTP_SERVER_ENABLED                 = OESE-1501: HTTP Server enabled: {0}
 HTTP_START_SERVER                   = OESE-1502: Starting HTTP Server
-HTTP_START_SERVER_FAILED            = OESE-1503: Failed to start HTTP Server: {0}
+HTTP_START_SERVER_FAILED            = OESE-1503: Failed to start HTTP Server:
 HTTP_STOP_SERVER                    = OESE-1504: HTTP Server stopped
 
 context.binding.ok=context binding is successful and the data have been unmarshaled 

openesb-standalone-packaging/src/main/resources/bin/oeadmin.bat

@@ -25,4 +25,5 @@ echo *
 echo **************************************************
 GOTO endbatch
 
+
 :endbatch 

openesb-standalone-packaging/src/main/resources/bin/openesb.bat

@@ -91,8 +91,8 @@ echo.
 echo **************************************************
 echo *
 echo * WARNING ...
-echo * Unable to find to start OpenESB standalone Edition 
+echo * Unable to find OpenESB Standalone Edition 
-echo * Bootstrap jar file is misssinf
+echo * Bootstrap jar file is misssing
 echo * Please check your installation  
 echo *
 echo **************************************************

openesb-standalone-packaging/src/main/resources/config/openesb.yaml

@@ -27,7 +27,7 @@
 # Set the security realms which have to be used for management purpose or components
 # security concerns.
 realm:
-   # The realm "admin" is the realm used for management (JMX / Rest API)
+   # The realm "management" is the realm used for management (JMX / Rest API / oeadmin)
-   admin:
+   management:
       type: properties
       file: ${openesb.home}/config/mgmt-users.properties