Merge branch 'master' into jetty-9.4.x-Feature

This commit is contained in:
Greg Wilkins 2015-12-02 11:16:37 +11:00
commit 6c5b95d6b8
8 changed files with 31 additions and 97 deletions

View File

@ -2,7 +2,7 @@
<parent>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-project</artifactId>
<version>9.1.0-SNAPSHOT</version>
<version>9.1.3-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -24,7 +24,7 @@
</goals>
<configuration>
<excludes>**/MANIFEST.MF</excludes>
<excludeGroupIds>org.slf4j,org.eclipse.jetty.orbit,org.mortbay.jetty.alpn</excludeGroupIds>
<excludeGroupIds>javax.annotations,org.objectweb.asm,javax.servlet,org.slf4j,org.eclipse.jetty.orbit,org.mortbay.jetty.npn</excludeGroupIds>
<outputDirectory>${project.build.directory}/classes</outputDirectory>
<overWriteReleases>false</overWriteReleases>
<overWriteSnapshots>true</overWriteSnapshots>

View File

@ -19,7 +19,7 @@ cpt=application/mac-compactpro
crt=application/x-x509-ca-cert
csh=application/x-csh
css=text/css
csv=text/comma-separated-values
csv=text/csv
dcr=application/x-director
dir=application/x-director
dll=application/x-msdownload

View File

@ -73,17 +73,11 @@ public class DataSourceLoginService extends AbstractLoginService
/**
* DBUser
*
*
*/
public class DBUserPrincipal extends UserPrincipal
{
private int _key;
/**
* @param name
* @param credential
*/
public DBUserPrincipal(String name, Credential credential, int key)
{
super(name, credential);
@ -291,10 +285,6 @@ public class DataSourceLoginService extends AbstractLoginService
/* ------------------------------------------------------------ */
/**
* @see org.eclipse.jetty.security.MappedLoginService#loadUserInfo(java.lang.String)
* @Override
*/
public UserPrincipal loadUserInfo (String username)
{
try
@ -328,10 +318,6 @@ public class DataSourceLoginService extends AbstractLoginService
/* ------------------------------------------------------------ */
/**
* @see org.eclipse.jetty.security.MappedLoginService#loadRoleInfo(org.eclipse.jetty.security.UserPrincipal.KnownUser)
* @Override
*/
public String[] loadRoleInfo (UserPrincipal user)
{
DBUserPrincipal dbuser = (DBUserPrincipal)user;
@ -369,10 +355,6 @@ public class DataSourceLoginService extends AbstractLoginService
/* ------------------------------------------------------------ */
/**
* Lookup the datasource for the jndiName and formulate the
@ -426,8 +408,6 @@ public class DataSourceLoginService extends AbstractLoginService
prepareTables();
}
/* ------------------------------------------------------------ */
/**
* @throws NamingException
@ -533,7 +513,6 @@ public class DataSourceLoginService extends AbstractLoginService
}
}
/* ------------------------------------------------------------ */
/**
* @return
@ -546,5 +525,4 @@ public class DataSourceLoginService extends AbstractLoginService
initDb();
return _datasource.getConnection();
}
}

View File

@ -34,8 +34,6 @@ import org.eclipse.jetty.util.security.Credential;
/**
* AbstractLoginService
*
*
*/
public abstract class AbstractLoginService extends AbstractLifeCycle implements LoginService
{
@ -46,14 +44,9 @@ public abstract class AbstractLoginService extends AbstractLifeCycle implements
protected boolean _fullValidate = false;
/* ------------------------------------------------------------ */
/**
* RolePrincipal
*
*
*/
public static class RolePrincipal implements Principal,Serializable
{
@ -73,8 +66,6 @@ public abstract class AbstractLoginService extends AbstractLifeCycle implements
/* ------------------------------------------------------------ */
/**
* UserPrincipal
*
*
*/
public static class UserPrincipal implements Principal,Serializable
{
@ -118,19 +109,12 @@ public abstract class AbstractLoginService extends AbstractLifeCycle implements
}
}
/* ------------------------------------------------------------ */
protected abstract String[] loadRoleInfo (UserPrincipal user);
/* ------------------------------------------------------------ */
protected abstract UserPrincipal loadUserInfo (String username);
/* ------------------------------------------------------------ */
/**
* @see org.eclipse.jetty.security.LoginService#getName()
@ -250,18 +234,12 @@ public abstract class AbstractLoginService extends AbstractLifeCycle implements
}
/* ------------------------------------------------------------ */
/**
* @return
*/
public boolean isFullValidate()
{
return _fullValidate;
}
/* ------------------------------------------------------------ */
/**
* @param fullValidate
*/
public void setFullValidate(boolean fullValidate)
{
_fullValidate = fullValidate;

View File

@ -43,7 +43,8 @@ public interface Authenticator
/* ------------------------------------------------------------ */
/**
* Configure the Authenticator
* @param configuration
*
* @param configuration the configuration
*/
void setConfiguration(AuthConfiguration configuration);
@ -64,13 +65,16 @@ public interface Authenticator
* where the http method of the original request causing authentication
* is not the same as the http method resulting from the redirect
* after authentication.
* @param request
*
* @param request the request to manipulate
*/
void prepareRequest(ServletRequest request);
/* ------------------------------------------------------------ */
/** Validate a request
/**
* Validate a request
*
* @param request The request
* @param response The response
* @param mandatory True if authentication is mandatory.
@ -79,18 +83,20 @@ public interface Authenticator
* implement {@link org.eclipse.jetty.server.Authentication.ResponseSent}. If Authentication is not manditory, then a
* {@link org.eclipse.jetty.server.Authentication.Deferred} may be returned.
*
* @throws ServerAuthException
* @throws ServerAuthException if unable to validate request
*/
Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException;
/* ------------------------------------------------------------ */
/**
* @param request
* @param response
* @param mandatory
* @param validatedUser
* is response secure
*
* @param request the request
* @param response the response
* @param mandatory if security is mandator
* @param validatedUser the user that was validated
* @return true if response is secure
* @throws ServerAuthException
* @throws ServerAuthException if unable to test response
*/
boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, User validatedUser) throws ServerAuthException;
@ -106,7 +112,8 @@ public interface Authenticator
String getAuthMethod();
String getRealmName();
/** Get a SecurityHandler init parameter
/**
* Get a SecurityHandler init parameter
* @see SecurityHandler#getInitParameter(String)
* @param param parameter name
* @return Parameter value or null

View File

@ -29,15 +29,15 @@ public interface ConstraintAware
/* ------------------------------------------------------------ */
/** Set Constraint Mappings and roles.
* Can only be called during initialization.
* @param constraintMappings
* @param roles
* @param constraintMappings the mappings
* @param roles the roles
*/
void setConstraintMappings(List<ConstraintMapping> constraintMappings, Set<String> roles);
/* ------------------------------------------------------------ */
/** Add a Constraint Mapping.
* May be called for running webapplication as an annotated servlet is instantiated.
* @param mapping
* @param mapping the mapping
*/
void addConstraintMapping(ConstraintMapping mapping);
@ -45,7 +45,7 @@ public interface ConstraintAware
/* ------------------------------------------------------------ */
/** Add a Role definition.
* May be called on running webapplication as an annotated servlet is instantiated.
* @param role
* @param role the role
*/
void addRole(String role);
@ -53,7 +53,7 @@ public interface ConstraintAware
* See Servlet Spec 31, sec 13.8.4, pg 145
* When true, requests with http methods not explicitly covered either by inclusion or omissions
* in constraints, will have access denied.
* @param deny
* @param deny true for denied method access
*/
void setDenyUncoveredHttpMethods(boolean deny);

View File

@ -58,8 +58,6 @@ public class HashLoginService extends AbstractLoginService
protected boolean hotReload = false; // default is not to reload
/* ------------------------------------------------------------ */
public HashLoginService()
{

View File

@ -41,24 +41,17 @@ import org.eclipse.jetty.util.security.Credential;
/* ------------------------------------------------------------ */
/**
* HashMapped User Realm with JDBC as data source.
* The login() method checks the inherited Map for the user. If the user is not
* The {@link #login(String, Object, ServletRequest)} method checks the inherited Map for the user. If the user is not
* found, it will fetch details from the database and populate the inherited
* Map. It then calls the superclass login() method to perform the actual
* Map. It then calls the superclass {@link #login(String, Object, ServletRequest)} method to perform the actual
* authentication. Periodically (controlled by configuration parameter),
* internal hashes are cleared. Caching can be disabled by setting cache refresh
* interval to zero. Uses one database connection that is initialized at
* startup. Reconnect on failures. authenticate() is 'synchronized'.
*
* startup. Reconnect on failures.
* <p>
* An example properties file for configuration is in
* $JETTY_HOME/etc/jdbcRealm.properties
*
* @version $Id: JDBCLoginService.java 4792 2009-03-18 21:55:52Z gregw $
*
*
*
*
* <code>${jetty.home}/etc/jdbcRealm.properties</code>
*/
public class JDBCLoginService extends AbstractLoginService
{
private static final Logger LOG = Log.getLogger(JDBCLoginService.class);
@ -78,17 +71,11 @@ public class JDBCLoginService extends AbstractLoginService
/**
* JDBCKnownUser
*
*
*/
public class JDBCUserPrincipal extends UserPrincipal
{
int _userKey;
/**
* @param name
* @param credential
*/
public JDBCUserPrincipal(String name, Credential credential, int key)
{
super(name, credential);
@ -134,9 +121,6 @@ public class JDBCLoginService extends AbstractLoginService
/* ------------------------------------------------------------ */
/**
* @see org.eclipse.jetty.security.MappedLoginService#doStart()
*/
@Override
protected void doStart() throws Exception
{
@ -235,10 +219,6 @@ public class JDBCLoginService extends AbstractLoginService
/* ------------------------------------------------------------ */
/**
* @see org.eclipse.jetty.security.MappedLoginService#loadUserInfo(java.lang.String)
* @Override
*/
public UserPrincipal loadUserInfo (String username)
{
try
@ -275,10 +255,6 @@ public class JDBCLoginService extends AbstractLoginService
/* ------------------------------------------------------------ */
/**
* @see org.eclipse.jetty.security.MappedLoginService#loadRoleInfo(org.eclipse.jetty.security.UserPrincipal.KnownUser)
* @Override
*/
public String[] loadRoleInfo (UserPrincipal user)
{
JDBCUserPrincipal jdbcUser = (JDBCUserPrincipal)user;
@ -315,8 +291,6 @@ public class JDBCLoginService extends AbstractLoginService
}
/* ------------------------------------------------------------ */
/**
* @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStop()
@ -341,5 +315,4 @@ public class JDBCLoginService extends AbstractLoginService
}
_con = null;
}
}