433244 Security manager lifecycle cleanup
This commit is contained in:
Greg Wilkins
parent
4b26faf897
commit
b764a1d136
|
|
@ -133,6 +133,7 @@ public class HashLoginService extends MappedLoginService implements UserListener
|
|||
/**
|
||||
* @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStart()
|
||||
*/
|
||||
@Override
|
||||
protected void doStart() throws Exception
|
||||
{
|
||||
super.doStart();
|
||||
|
|
@ -154,6 +155,7 @@ public class HashLoginService extends MappedLoginService implements UserListener
|
|||
/**
|
||||
* @see org.eclipse.jetty.util.component.AbstractLifeCycle#doStop()
|
||||
*/
|
||||
@Override
|
||||
protected void doStop() throws Exception
|
||||
{
|
||||
super.doStop();
|
||||
|
|
@ -163,6 +165,7 @@ public class HashLoginService extends MappedLoginService implements UserListener
|
|||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
@Override
|
||||
public void update(String userName, Credential credential, String[] roleArray)
|
||||
{
|
||||
if (LOG.isDebugEnabled())
|
||||
|
|
@ -171,6 +174,7 @@ public class HashLoginService extends MappedLoginService implements UserListener
|
|||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
@Override
|
||||
public void remove(String userName)
|
||||
{
|
||||
if (LOG.isDebugEnabled())
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ import org.eclipse.jetty.server.handler.ContextHandler;
|
|||
import org.eclipse.jetty.server.handler.ContextHandler.Context;
|
||||
import org.eclipse.jetty.server.handler.HandlerWrapper;
|
||||
import org.eclipse.jetty.server.session.AbstractSession;
|
||||
import org.eclipse.jetty.util.component.LifeCycle;
|
||||
import org.eclipse.jetty.util.log.Log;
|
||||
import org.eclipse.jetty.util.log.Logger;
|
||||
|
||||
|
|
@ -74,8 +75,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
private LoginService _loginService;
|
||||
private IdentityService _identityService;
|
||||
private boolean _renewSession=true;
|
||||
private boolean _discoveredIdentityService = false;
|
||||
private boolean _discoveredLoginService = false;
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
protected SecurityHandler()
|
||||
|
|
@ -266,20 +265,24 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
protected LoginService findLoginService()
|
||||
protected LoginService findLoginService() throws Exception
|
||||
{
|
||||
Collection<LoginService> list = getServer().getBeans(LoginService.class);
|
||||
|
||||
LoginService service = null;
|
||||
String realm=getRealmName();
|
||||
if (realm!=null)
|
||||
{
|
||||
for (LoginService service : list)
|
||||
if (service.getName()!=null && service.getName().equals(realm))
|
||||
return service;
|
||||
for (LoginService s : list)
|
||||
if (s.getName()!=null && s.getName().equals(realm))
|
||||
{
|
||||
service=s;
|
||||
break;
|
||||
}
|
||||
}
|
||||
else if (list.size()==1)
|
||||
return list.iterator().next();
|
||||
return null;
|
||||
service = list.iterator().next();
|
||||
|
||||
return service;
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
|
|
@ -342,7 +345,8 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
if (_loginService==null)
|
||||
{
|
||||
setLoginService(findLoginService());
|
||||
_discoveredLoginService = true;
|
||||
if (_loginService!=null)
|
||||
unmanage(_loginService);
|
||||
}
|
||||
|
||||
if (_identityService==null)
|
||||
|
|
@ -353,10 +357,16 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
if (_identityService==null)
|
||||
setIdentityService(findIdentityService());
|
||||
|
||||
if (_identityService==null && _realmName!=null)
|
||||
if (_identityService==null)
|
||||
{
|
||||
if (_realmName!=null)
|
||||
{
|
||||
setIdentityService(new DefaultIdentityService());
|
||||
|
||||
_discoveredIdentityService = true;
|
||||
manage(_identityService);
|
||||
}
|
||||
}
|
||||
else
|
||||
unmanage(_identityService);
|
||||
}
|
||||
|
||||
if (_loginService!=null)
|
||||
|
|
@ -387,14 +397,13 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
protected void doStop() throws Exception
|
||||
{
|
||||
//if we discovered the services (rather than had them explicitly configured), remove them.
|
||||
if (_discoveredIdentityService)
|
||||
if (!isManaged(_identityService))
|
||||
{
|
||||
removeBean(_identityService);
|
||||
_identityService = null;
|
||||
|
||||
}
|
||||
|
||||
if (_discoveredLoginService)
|
||||
if (!isManaged(_loginService))
|
||||
{
|
||||
removeBean(_loginService);
|
||||
_loginService=null;
|
||||
|
|
@ -427,6 +436,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
/**
|
||||
* @see org.eclipse.jetty.security.Authenticator.AuthConfiguration#isSessionRenewedOnAuthentication()
|
||||
*/
|
||||
@Override
|
||||
public boolean isSessionRenewedOnAuthentication()
|
||||
{
|
||||
return _renewSession;
|
||||
|
|
@ -473,7 +483,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
{
|
||||
if (!baseRequest.isHandled())
|
||||
{
|
||||
response.sendError(Response.SC_FORBIDDEN);
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN);
|
||||
baseRequest.setHandled(true);
|
||||
}
|
||||
return;
|
||||
|
|
@ -488,7 +498,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
LOG.warn("No authenticator for: "+roleInfo);
|
||||
if (!baseRequest.isHandled())
|
||||
{
|
||||
response.sendError(Response.SC_FORBIDDEN);
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN);
|
||||
baseRequest.setHandled(true);
|
||||
}
|
||||
return;
|
||||
|
|
@ -524,7 +534,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
boolean authorized=checkWebResourcePermissions(pathInContext, baseRequest, base_response, roleInfo, userAuth.getUserIdentity());
|
||||
if (!authorized)
|
||||
{
|
||||
response.sendError(Response.SC_FORBIDDEN, "!role");
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN, "!role");
|
||||
baseRequest.setHandled(true);
|
||||
return;
|
||||
}
|
||||
|
|
@ -574,7 +584,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
{
|
||||
// jaspi 3.8.3 send HTTP 500 internal server error, with message
|
||||
// from AuthException
|
||||
response.sendError(Response.SC_INTERNAL_SERVER_ERROR, e.getMessage());
|
||||
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
|
||||
}
|
||||
finally
|
||||
{
|
||||
|
|
@ -634,6 +644,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
/* ------------------------------------------------------------ */
|
||||
public class NotChecked implements Principal
|
||||
{
|
||||
@Override
|
||||
public String getName()
|
||||
{
|
||||
return null;
|
||||
|
|
@ -656,6 +667,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
/* ------------------------------------------------------------ */
|
||||
public static final Principal __NO_USER = new Principal()
|
||||
{
|
||||
@Override
|
||||
public String getName()
|
||||
{
|
||||
return null;
|
||||
|
|
@ -680,6 +692,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
*/
|
||||
public static final Principal __NOBODY = new Principal()
|
||||
{
|
||||
@Override
|
||||
public String getName()
|
||||
{
|
||||
return "Nobody";
|
||||
|
|
|
|||
|
|
@ -288,6 +288,14 @@ public abstract class HttpInput<T> extends ServletInputStream implements Runnabl
|
|||
}
|
||||
}
|
||||
|
||||
public boolean isAsync()
|
||||
{
|
||||
synchronized (lock())
|
||||
{
|
||||
return _contentState==ASYNC;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return whether an EOF has been detected, even though there may be content to consume.
|
||||
*/
|
||||
|
|
@ -436,6 +444,7 @@ public abstract class HttpInput<T> extends ServletInputStream implements Runnabl
|
|||
input.blockForContent();
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString()
|
||||
{
|
||||
return "STREAM";
|
||||
|
|
@ -471,6 +480,7 @@ public abstract class HttpInput<T> extends ServletInputStream implements Runnabl
|
|||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString()
|
||||
{
|
||||
return "EARLY_EOF";
|
||||
|
|
@ -485,6 +495,7 @@ public abstract class HttpInput<T> extends ServletInputStream implements Runnabl
|
|||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString()
|
||||
{
|
||||
return "EOF";
|
||||
|
|
|
|||
|
|
@ -339,6 +339,8 @@ public class Request implements HttpServletRequest
|
|||
throw new IllegalStateException("Form too large " + content_length + ">" + maxFormContentSize);
|
||||
}
|
||||
InputStream in = getInputStream();
|
||||
if (_input.isAsync())
|
||||
throw new IllegalStateException("Cannot extract parameters with async IO");
|
||||
|
||||
// Add form params to query params
|
||||
UrlEncoded.decodeTo(in,_baseParameters,encoding,content_length < 0?maxFormContentSize:-1,maxFormKeys);
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ public class HashSessionManagerTest
|
|||
@Before
|
||||
public void quietStacks()
|
||||
{
|
||||
enableStacks(true);
|
||||
enableStacks(false);
|
||||
}
|
||||
|
||||
protected void enableStacks(boolean enabled)
|
||||
|
|
|
|||
Loading…
Reference in New Issue