Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

@RunAs not honoured (#4743) 

* Issue #4739 Fix @RunAs

Signed-off-by: Jan Bartel <janb@webtide.com>
This commit is contained in:
Jan Bartel 2020-04-06 11:33:09 +02:00 committed by GitHub
parent 4b2842265a
commit 8eb4bb98a4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 81 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
jetty-annotations/src/main/java/org/eclipse/jetty/annotations/RunAsAnnotationHandler.java
View File

@ -21,7 +21,6 @@ package org.eclipse.jetty.annotations;
import javax.servlet.Servlet; import javax.servlet.Servlet;
import org.eclipse.jetty.annotations.AnnotationIntrospector.AbstractIntrospectableAnnotationHandler; import org.eclipse.jetty.annotations.AnnotationIntrospector.AbstractIntrospectableAnnotationHandler;
import org.eclipse.jetty.plus.annotation.RunAsCollection;
import org.eclipse.jetty.servlet.ServletHolder; import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger; import org.eclipse.jetty.util.log.Logger;
@ -64,14 +63,7 @@ public class RunAsAnnotationHandler extends AbstractIntrospectableAnnotationHand
if (d == null) if (d == null)
{ {
metaData.setOrigin(holder.getName() + ".servlet.run-as", runAs, clazz); metaData.setOrigin(holder.getName() + ".servlet.run-as", runAs, clazz);
org.eclipse.jetty.plus.annotation.RunAs ra = new org.eclipse.jetty.plus.annotation.RunAs(clazz.getName(), role); holder.setRunAsRole(role);
RunAsCollection raCollection = (RunAsCollection)_context.getAttribute(RunAsCollection.RUNAS_COLLECTION);
if (raCollection == null)
{
raCollection = new RunAsCollection();
_context.setAttribute(RunAsCollection.RUNAS_COLLECTION, raCollection);
}
raCollection.add(ra);
} }
} }
} }

60
jetty-annotations/src/test/java/org/eclipse/jetty/annotations/TestRunAsAnnotation.java Normal file
View File

@ -0,0 +1,60 @@
//
// ========================================================================
// Copyright (c) 1995-2020 Mort Bay Consulting Pty Ltd and others.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.annotations;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.webapp.WebAppContext;
import org.eclipse.jetty.webapp.WebDescriptor;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
public class TestRunAsAnnotation
{
@Test
public void testRunAsAnnotation() throws Exception
{
WebAppContext wac = new WebAppContext();
//pre-add a servlet but not by descriptor
ServletHolder holder = new ServletHolder();
holder.setName("foo1");
holder.setHeldClass(ServletC.class);
holder.setInitOrder(1); //load on startup
wac.getServletHandler().addServletWithMapping(holder, "/foo/*");
//add another servlet of the same class, but as if by descriptor
ServletHolder holder2 = new ServletHolder();
holder2.setName("foo2");
holder2.setHeldClass(ServletC.class);
holder2.setInitOrder(1);
wac.getServletHandler().addServletWithMapping(holder2, "/foo2/*");
wac.getMetaData().setOrigin(holder2.getName() + ".servlet.run-as", new WebDescriptor(null));
AnnotationIntrospector parser = new AnnotationIntrospector();
RunAsAnnotationHandler handler = new RunAsAnnotationHandler(wac);
parser.registerHandler(handler);
parser.introspect(ServletC.class);
assertEquals("admin", holder.getRunAsRole());
assertEquals(null, holder2.getRunAsRole());
}
}

2
jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/RunAs.java
View File

@ -26,7 +26,9 @@ import org.eclipse.jetty.servlet.ServletHolder;
* RunAs * RunAs
* <p> * <p>
* Represents a <code>&lt;run-as&gt;</code> element in web.xml, or a <code>&#064;RunAs</code> annotation. * Represents a <code>&lt;run-as&gt;</code> element in web.xml, or a <code>&#064;RunAs</code> annotation.
* @deprecated unused as of 9.4.28 due for removal in 10.0.0
*/ */
@Deprecated
public class RunAs public class RunAs
{ {
private String _className; private String _className;

2
jetty-plus/src/main/java/org/eclipse/jetty/plus/annotation/RunAsCollection.java
View File

@ -27,7 +27,9 @@ import org.eclipse.jetty.util.log.Logger;
/** /**
* RunAsCollection * RunAsCollection
* @deprecated class unused as of 9.4.28 due for removal in 10.0.0
*/ */
@Deprecated
public class RunAsCollection public class RunAsCollection
{ {
private static final Logger LOG = Log.getLogger(RunAsCollection.class); private static final Logger LOG = Log.getLogger(RunAsCollection.class);

6
jetty-plus/src/main/java/org/eclipse/jetty/plus/webapp/PlusDecorator.java
View File

@ -20,7 +20,6 @@ package org.eclipse.jetty.plus.webapp;
import org.eclipse.jetty.plus.annotation.InjectionCollection; import org.eclipse.jetty.plus.annotation.InjectionCollection;
import org.eclipse.jetty.plus.annotation.LifeCycleCallbackCollection; import org.eclipse.jetty.plus.annotation.LifeCycleCallbackCollection;
import org.eclipse.jetty.plus.annotation.RunAsCollection;
import org.eclipse.jetty.util.Decorator; import org.eclipse.jetty.util.Decorator;
import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger; import org.eclipse.jetty.util.log.Logger;
@ -43,11 +42,6 @@ public class PlusDecorator implements Decorator
@Override @Override
public Object decorate(Object o) public Object decorate(Object o)
{ {
RunAsCollection runAses = (RunAsCollection)_context.getAttribute(RunAsCollection.RUNAS_COLLECTION);
if (runAses != null)
runAses.setRunAs(o);
InjectionCollection injections = (InjectionCollection)_context.getAttribute(InjectionCollection.INJECTION_COLLECTION); InjectionCollection injections = (InjectionCollection)_context.getAttribute(InjectionCollection.INJECTION_COLLECTION);
if (injections != null) if (injections != null)
injections.inject(o); injections.inject(o);

9
jetty-plus/src/main/java/org/eclipse/jetty/plus/webapp/PlusDescriptorProcessor.java
View File

@ -20,7 +20,6 @@ package org.eclipse.jetty.plus.webapp;
import java.util.Iterator; import java.util.Iterator;
import java.util.Objects; import java.util.Objects;
import javax.naming.Context; import javax.naming.Context;
import javax.naming.InitialContext; import javax.naming.InitialContext;
import javax.naming.NameNotFoundException; import javax.naming.NameNotFoundException;
@ -33,7 +32,6 @@ import org.eclipse.jetty.plus.annotation.LifeCycleCallback;
import org.eclipse.jetty.plus.annotation.LifeCycleCallbackCollection; import org.eclipse.jetty.plus.annotation.LifeCycleCallbackCollection;
import org.eclipse.jetty.plus.annotation.PostConstructCallback; import org.eclipse.jetty.plus.annotation.PostConstructCallback;
import org.eclipse.jetty.plus.annotation.PreDestroyCallback; import org.eclipse.jetty.plus.annotation.PreDestroyCallback;
import org.eclipse.jetty.plus.annotation.RunAsCollection;
import org.eclipse.jetty.plus.jndi.EnvEntry; import org.eclipse.jetty.plus.jndi.EnvEntry;
import org.eclipse.jetty.plus.jndi.Link; import org.eclipse.jetty.plus.jndi.Link;
import org.eclipse.jetty.plus.jndi.NamingEntry; import org.eclipse.jetty.plus.jndi.NamingEntry;
@ -93,13 +91,6 @@ public class PlusDescriptorProcessor extends IterativeDescriptorProcessor
callbacks = new LifeCycleCallbackCollection(); callbacks = new LifeCycleCallbackCollection();
context.setAttribute(LifeCycleCallbackCollection.LIFECYCLE_CALLBACK_COLLECTION, callbacks); context.setAttribute(LifeCycleCallbackCollection.LIFECYCLE_CALLBACK_COLLECTION, callbacks);
} }
RunAsCollection runAsCollection = (RunAsCollection)context.getAttribute(RunAsCollection.RUNAS_COLLECTION);
if (runAsCollection == null)
{
runAsCollection = new RunAsCollection();
context.setAttribute(RunAsCollection.RUNAS_COLLECTION, runAsCollection);
}
} }
/** /**

31
jetty-servlet/src/main/java/org/eclipse/jetty/servlet/ServletHolder.java
View File

@ -392,18 +392,6 @@ public class ServletHolder extends Holder<Servlet> implements UserIdentity.Scope
//check if we need to forcibly set load-on-startup //check if we need to forcibly set load-on-startup
checkInitOnStartup(); checkInitOnStartup();
if (_runAsRole == null)
{
_identityService = null;
_runAsToken = null;
}
else
{
_identityService = getServletHandler().getIdentityService();
if (_identityService != null)
_runAsToken = _identityService.newRunAsToken(_runAsRole);
}
_config = new Config(); _config = new Config();
synchronized (this) synchronized (this)
@ -577,10 +565,23 @@ public class ServletHolder extends Holder<Servlet> implements UserIdentity.Scope
_servlet = newInstance(); _servlet = newInstance();
if (_config == null) if (_config == null)
_config = new Config(); _config = new Config();
//check run-as rolename and convert to token from IdentityService
if (_runAsRole == null)
{
_identityService = null;
_runAsToken = null;
}
else
{
_identityService = getServletHandler().getIdentityService();
if (_identityService != null)
{
// Handle run as _runAsToken = _identityService.newRunAsToken(_runAsRole);
if (_identityService != null && _runAsToken != null) _servlet = new RunAsServlet(_servlet, _identityService, _runAsToken);
_servlet = new RunAsServlet(_servlet, _identityService, _runAsToken); }
}
if (!isAsyncSupported()) if (!isAsyncSupported())
_servlet = new NotAsyncServlet(_servlet); _servlet = new NotAsyncServlet(_servlet);