-
Notifications
You must be signed in to change notification settings - Fork 186
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fixed group and role assignment on subject principal for login module #397
Merged
Merged
Changes from all commits
Commits
Show all changes
4 commits
Select commit
Hold shift + click to select a range
b421035
fixed group and role assignment on subject principal for login module
devnullpointer 33eec9f
Update CHANGELOG.md
c4d415e
Added commit with roles test
devnullpointer 8ee2c32
Merge branch 'master' of https://github.com/xystra/waffle
devnullpointer File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
125 changes: 125 additions & 0 deletions
125
Source/JNA/waffle-jna/src/main/java/waffle/jaas/GroupPrincipal.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,125 @@ | ||
/** | ||
* Waffle (https://github.com/dblock/waffle) | ||
* | ||
* Copyright (c) 2010-2016 Application Security, Inc. | ||
* | ||
* All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse | ||
* Public License v1.0 which accompanies this distribution, and is available at | ||
* http://www.eclipse.org/legal/epl-v10.html. | ||
* | ||
* Contributors: Application Security, Inc. | ||
*/ | ||
package waffle.jaas; | ||
|
||
import java.security.Principal; | ||
import java.security.acl.Group; | ||
import java.util.Collection; | ||
import java.util.Collections; | ||
import java.util.Enumeration; | ||
import java.util.HashMap; | ||
import java.util.Iterator; | ||
import java.util.Map; | ||
|
||
/** | ||
* Group principal. | ||
* | ||
* @author rockchip[dot]tv[at]gmail[dot]com | ||
*/ | ||
public class GroupPrincipal extends UserPrincipal implements Group { | ||
|
||
/** The Constant serialVersionUID. */ | ||
private static final long serialVersionUID = 1L; | ||
|
||
/** The fqn. */ | ||
private final String fqn; | ||
|
||
/** A list of fqn members for this group. */ | ||
private final Map<Principal, Principal> members; | ||
|
||
public GroupPrincipal(final String fqn) { | ||
super(fqn); | ||
|
||
this.fqn = fqn; | ||
this.members = new HashMap<>(); | ||
} | ||
|
||
/* | ||
* (non-Javadoc) | ||
* @see waffle.jaas.UserPrincipal#getName() | ||
*/ | ||
@Override | ||
public String getName() { | ||
return fqn; | ||
} | ||
|
||
/* | ||
* (non-Javadoc) | ||
* @see java.security.acl.Group#addMember(java.security.Principal) | ||
*/ | ||
@Override | ||
public boolean addMember(final Principal user) { | ||
final boolean isMember = members.containsKey(user); | ||
if (!isMember) { | ||
members.put(user, user); | ||
} | ||
return isMember; | ||
} | ||
|
||
/* | ||
* (non-Javadoc) | ||
* @see java.security.acl.Group#isMember(java.security.Principal) | ||
*/ | ||
@Override | ||
public boolean isMember(final Principal user) { | ||
boolean isMember = members.containsKey(user); | ||
if (!isMember) { | ||
final Collection<Principal> values = members.values(); | ||
final Iterator<Principal> iter = values.iterator(); | ||
while (!isMember && iter.hasNext()) { | ||
final Object next = iter.next(); | ||
if (next instanceof Group) { | ||
final Group group = (Group) next; | ||
isMember = group.isMember(user); | ||
} | ||
} | ||
} | ||
return isMember; | ||
} | ||
|
||
/* | ||
* (non-Javadoc) | ||
* @see java.security.acl.Group#members() | ||
*/ | ||
@Override | ||
public Enumeration<? extends Principal> members() { | ||
return Collections.enumeration(members.values()); | ||
} | ||
|
||
/* | ||
* (non-Javadoc) | ||
* @see java.security.acl.Group#removeMember(java.security.Principal) | ||
*/ | ||
@Override | ||
public boolean removeMember(final Principal user) { | ||
final Object prev = members.remove(user); | ||
return prev != null; | ||
} | ||
|
||
/* | ||
* (non-Javadoc) | ||
* @see java.lang.Object#toString() | ||
*/ | ||
@Override | ||
public String toString() { | ||
final StringBuffer tmp = new StringBuffer(getName()); | ||
tmp.append("(members:"); | ||
final Iterator<Principal> iter = members.keySet().iterator(); | ||
while (iter.hasNext()) { | ||
tmp.append(iter.next()); | ||
tmp.append(','); | ||
} | ||
tmp.setCharAt(tmp.length() - 1, ')'); | ||
return tmp.toString(); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
96 changes: 96 additions & 0 deletions
96
Source/JNA/waffle-jna/src/test/java/waffle/jaas/GroupPrincipalTests.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
/** | ||
* Waffle (https://github.com/dblock/waffle) | ||
* | ||
* Copyright (c) 2010-2016 Application Security, Inc. | ||
* | ||
* All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse | ||
* Public License v1.0 which accompanies this distribution, and is available at | ||
* http://www.eclipse.org/legal/epl-v10.html. | ||
* | ||
* Contributors: Application Security, Inc. | ||
*/ | ||
package waffle.jaas; | ||
|
||
import java.io.ByteArrayInputStream; | ||
import java.io.ByteArrayOutputStream; | ||
import java.io.IOException; | ||
import java.io.InputStream; | ||
import java.io.ObjectInputStream; | ||
import java.io.ObjectOutputStream; | ||
|
||
import org.assertj.core.api.Assertions; | ||
import org.junit.Assert; | ||
import org.junit.Before; | ||
import org.junit.Test; | ||
|
||
/** | ||
* The Class GroupPrincipalTests. | ||
* | ||
* @author rockchip[dot]tv[at]gmail[dot]com | ||
*/ | ||
public class GroupPrincipalTests { | ||
|
||
/** The group principal. */ | ||
private GroupPrincipal groupPrincipal; | ||
|
||
/** | ||
* Equals_other object. | ||
*/ | ||
@Test | ||
public void equals_otherObject() { | ||
Assert.assertNotEquals(this.groupPrincipal, new String()); | ||
} | ||
|
||
/** | ||
* Equals_same object. | ||
*/ | ||
@Test | ||
public void equals_sameObject() { | ||
Assert.assertEquals(this.groupPrincipal, this.groupPrincipal); | ||
} | ||
|
||
/** | ||
* Sets the up. | ||
*/ | ||
@Before | ||
public void setUp() { | ||
this.groupPrincipal = new GroupPrincipal("localhost\\Administrator"); | ||
} | ||
|
||
/** | ||
* Test equals_ symmetric. | ||
*/ | ||
@Test | ||
public void testEquals_Symmetric() { | ||
final GroupPrincipal x = new GroupPrincipal("localhost\\Administrator"); | ||
final GroupPrincipal y = new GroupPrincipal("localhost\\Administrator"); | ||
Assert.assertEquals(x, y); | ||
Assert.assertEquals(x.hashCode(), y.hashCode()); | ||
} | ||
|
||
/** | ||
* Test is serializable. | ||
* | ||
* @throws IOException | ||
* Signals that an I/O exception has occurred. | ||
* @throws ClassNotFoundException | ||
* the class not found exception | ||
*/ | ||
@Test | ||
public void testIsSerializable() throws IOException, ClassNotFoundException { | ||
// serialize | ||
final ByteArrayOutputStream out = new ByteArrayOutputStream(); | ||
try (final ObjectOutputStream oos = new ObjectOutputStream(out)) { | ||
oos.writeObject(this.groupPrincipal); | ||
} | ||
Assertions.assertThat(out.toByteArray().length).isGreaterThan(0); | ||
// deserialize | ||
final InputStream in = new ByteArrayInputStream(out.toByteArray()); | ||
final ObjectInputStream ois = new ObjectInputStream(in); | ||
final GroupPrincipal copy = (GroupPrincipal) ois.readObject(); | ||
// test | ||
Assert.assertEquals(this.groupPrincipal, copy); | ||
Assert.assertEquals(this.groupPrincipal.getName(), copy.getName()); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are you sure we want it to extend
UserPrincipal
and not createPrincipal
with user and group extending that?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I used the jboss implementation of their SimpleGroup which extends SimplePrincipal as a blueprint.
https://github.com/picketbox/picketbox/blob/master/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/SimpleGroup.java