shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lhazlew...@apache.org
Subject svn commit: r733425 - in /incubator/jsecurity/trunk/core: src/org/jsecurity/authc/pam/ src/org/jsecurity/authz/ src/org/jsecurity/mgt/ test/org/jsecurity/mgt/
Date Sun, 11 Jan 2009 07:44:55 GMT
Author: lhazlewood
Date: Sat Jan 10 23:44:55 2009
New Revision: 733425

URL: http://svn.apache.org/viewvc?rev=733425&view=rev
Log:
JSEC-27, JSEC-40, JSEC-41 - removed default realm.  Removed core depdency on Ehcache (now
uses DefaultCacheManager which uses core SoftHashMap caches to prevent memory leaks), removed
ensureRealms() method in SecurityManager implementation since the Authorizer and Authenticator
implementations now assert if realms were properly configured or not

Modified:
    incubator/jsecurity/trunk/core/src/org/jsecurity/authc/pam/ModularRealmAuthenticator.java
    incubator/jsecurity/trunk/core/src/org/jsecurity/authz/ModularRealmAuthorizer.java
    incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthenticatingSecurityManager.java
    incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthorizingSecurityManager.java
    incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/CachingSecurityManager.java
    incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/RealmSecurityManager.java
    incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/SessionsSecurityManager.java
    incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/DefaultSecurityManagerTest.java
    incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/VMSingletonDefaultSecurityManagerTest.java

Modified: incubator/jsecurity/trunk/core/src/org/jsecurity/authc/pam/ModularRealmAuthenticator.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/org/jsecurity/authc/pam/ModularRealmAuthenticator.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/org/jsecurity/authc/pam/ModularRealmAuthenticator.java
(original)
+++ incubator/jsecurity/trunk/core/src/org/jsecurity/authc/pam/ModularRealmAuthenticator.java
Sat Jan 10 23:44:55 2009
@@ -102,6 +102,7 @@
      * an authentiation attempt.  Because
      * this would set a single realm, no {@link #setModularAuthenticationStrategy(ModularAuthenticationStrategy)
      * modularAuthenticationStrategy} would be used during authentication attempts.
+     *
      * @param realm the realm to consult during an authentication attempt.
      */
     public ModularRealmAuthenticator(Realm realm) {
@@ -113,6 +114,7 @@
      * consulted during an authentication attempt, effectively enabling PAM (Pluggable Authentication
Module)
      * behavior according to the configured
      * {@link #setModularAuthenticationStrategy(ModularAuthenticationStrategy) ModularAuthenticationStrategy}.
+     *
      * @param realms the realms to consult during an authentication attempt.
      */
     public ModularRealmAuthenticator(List<Realm> realms) {
@@ -145,6 +147,7 @@
 
     /**
      * Returns the realm(s) used by this <code>Authenticator</code> during an
authentication attempt.
+     *
      * @return the realm(s) used by this <code>Authenticator</code> during an
authentication attempt.
      */
     protected Collection<Realm> getRealms() {
@@ -293,6 +296,7 @@
      * @param authenticationToken the token containing the authentication principal and credentials
for the
      *                            user being authenticated.
      * @return account information attributed to the authenticated user.
+     * @throws IllegalStateException   if no realms have been configured at the time this
method is invoked
      * @throws AuthenticationException if the user could not be authenticated or the user
is denied authentication
      *                                 for the given principal and credentials.
      */

Modified: incubator/jsecurity/trunk/core/src/org/jsecurity/authz/ModularRealmAuthorizer.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/org/jsecurity/authz/ModularRealmAuthorizer.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/org/jsecurity/authz/ModularRealmAuthorizer.java (original)
+++ incubator/jsecurity/trunk/core/src/org/jsecurity/authz/ModularRealmAuthorizer.java Sat
Jan 10 23:44:55 2009
@@ -41,6 +41,12 @@
     protected Collection<Realm> realms;
 
     /**
+     * A PermissionResolver to be used by <em>all</em> configured realms.  Leave
<code>null</code> if you wish
+     * to configure different resolvers for different realms.
+     */
+    protected PermissionResolver permissionResolver;
+
+    /**
      * Default no-argument constructor, does nothing.
      */
     public ModularRealmAuthorizer() {
@@ -49,6 +55,7 @@
     /**
      * Constructor that accepts the <code>Realm</code>s to consult during an
authorization check.  Immediately calls
      * {@link #setRealms setRealms(realms)}.
+     *
      * @param realms the realms to consult during an authorization check.
      */
     public ModularRealmAuthorizer(Collection<Realm> realms) {
@@ -57,6 +64,7 @@
 
     /**
      * Returns the realms wrapped by this <code>Authorizer</code> which are consulted
during an authorization check.
+     *
      * @return the realms wrapped by this <code>Authorizer</code> which are consulted
during an authorization check.
      */
     public Collection<Realm> getRealms() {
@@ -65,45 +73,82 @@
 
     /**
      * Sets the realms wrapped by this <code>Authorizer</code> which are consulted
during an authorization check.
+     *
      * @param realms the realms wrapped by this <code>Authorizer</code> which
are consulted during an authorization check.
      */
     public void setRealms(Collection<Realm> realms) {
         this.realms = realms;
+        applyPermissionResolverToRealms();
     }
 
     /**
-     * Used by the {@link Authorizer Authorizer} implementation methods to ensure that the
{@link #setRealms realms}
-     * has been set.  The default implementation ensures the property is not null and not
empty.
+     * Returns the PermissionResolver to be used on <em>all</em> configured realms,
or <code>null</code (the default)
+     * if all realm instances will each configure their own permission resolver.
      *
-     * @throws IllegalStateException if the <tt>realms</tt> property is configured
incorrectly.
+     * @return the PermissionResolver to be used on <em>all</em> configured realms,
or <code>null</code (the default)
+     *         if realm instances will each configure their own permission resolver.
+     * @since 1.0
      */
-    protected void assertRealmsConfigured() throws IllegalStateException {
-        Collection<Realm> realms = getRealms();
-        if (realms == null || realms.isEmpty()) {
-            String msg = "Configuration error:  No realms have been configured!  One or more
realms must be " +
-                    "present to execute an authorization operation.";
-            throw new IllegalStateException(msg);
-        }
+    public PermissionResolver getPermissionResolver() {
+        return this.permissionResolver;
     }
 
     /**
-     * Sets the specified {@link PermissionResolver PermissionResolver} on any of the wrapped
realms that implement
-     * the {@link org.jsecurity.authz.permission.PermissionResolverAware PermissionResolverAware}
interface.
+     * Sets the specified {@link PermissionResolver PermissionResolver} on <em>all</em>
of the wrapped realms that
+     * implement the {@link org.jsecurity.authz.permission.PermissionResolverAware PermissionResolverAware}
interface.
+     * <p/>
+     * Only call this method if you want the permission resolver to be passed to all realms
that implement the
+     * <code>PermissionResolver</code> interface.  If you do not want this to
occur, the realms must
+     * configure themselves individually (or be configured individually).
      *
      * @param permissionResolver the permissionResolver to set on all of the wrapped realms
that implement the
-     * {@link org.jsecurity.authz.permission.PermissionResolverAware PermissionResolverAware}
interface.
+     *                           {@link org.jsecurity.authz.permission.PermissionResolverAware
PermissionResolverAware} interface.
      */
     public void setPermissionResolver(PermissionResolver permissionResolver) {
+        this.permissionResolver = permissionResolver;
+        applyPermissionResolverToRealms();
+    }
+
+    /**
+     * Sets the internal {@link #getPermissionResolver} on any internal configured
+     * {@link #getRealms Realms} that implement the {@link PermissionResolverAware PermissionResolverAware}
interface.
+     * <p/>
+     * This method is called after setting a permissionResolver on this ModularRealmAuthorizer
via the
+     * {@link #setPermissionResolver(org.jsecurity.authz.permission.PermissionResolver) setPermissionResolver}
method.
+     * <p/>
+     * It is also called after setting one or more realms via the {@link #setRealms setRealms}
method to allow these
+     * newly available realms to be given the <code>PermissionResolver</code>
already in use.
+     *
+     * @since 1.0
+     */
+    protected void applyPermissionResolverToRealms() {
+        PermissionResolver resolver = getPermissionResolver();
         Collection<Realm> realms = getRealms();
-        if (realms != null && !realms.isEmpty()) {
+        if (resolver != null && realms != null && !realms.isEmpty()) {
             for (Realm realm : realms) {
                 if (realm instanceof PermissionResolverAware) {
-                    ((PermissionResolverAware) realm).setPermissionResolver(permissionResolver);
+                    ((PermissionResolverAware) realm).setPermissionResolver(resolver);
                 }
             }
         }
     }
 
+
+    /**
+     * Used by the {@link Authorizer Authorizer} implementation methods to ensure that the
{@link #setRealms realms}
+     * has been set.  The default implementation ensures the property is not null and not
empty.
+     *
+     * @throws IllegalStateException if the <tt>realms</tt> property is configured
incorrectly.
+     */
+    protected void assertRealmsConfigured() throws IllegalStateException {
+        Collection<Realm> realms = getRealms();
+        if (realms == null || realms.isEmpty()) {
+            String msg = "Configuration error:  No realms have been configured!  One or more
realms must be " +
+                    "present to execute an authorization operation.";
+            throw new IllegalStateException(msg);
+        }
+    }
+
     /**
      * Returns <code>true</code> if any of the configured realms'
      * {@link Realm#isPermitted(org.jsecurity.subject.PrincipalCollection, String)} returns
<code>true</code>,
@@ -140,6 +185,7 @@
      * <code>false</code> otherwise.
      */
     public boolean[] isPermitted(PrincipalCollection principals, String... permissions) {
+        assertRealmsConfigured();
         if (permissions != null && permissions.length > 0) {
             boolean[] isPermitted = new boolean[permissions.length];
             for (int i = 0; i < permissions.length; i++) {
@@ -151,11 +197,12 @@
     }
 
     /**
-     * Returns <code>true</code> if any of the configured realms' 
+     * Returns <code>true</code> if any of the configured realms'
      * {@link Realm#isPermitted(org.jsecurity.subject.PrincipalCollection, List)} call returns
<code>true</code>,
      * <code>false</code> otherwise.
      */
     public boolean[] isPermitted(PrincipalCollection principals, List<Permission> permissions)
{
+        assertRealmsConfigured();
         if (permissions != null && !permissions.isEmpty()) {
             boolean[] isPermitted = new boolean[permissions.size()];
             int i = 0;
@@ -174,6 +221,7 @@
      * for <em>all</em> of the specified string permissions, <code>false</code>
otherwise.
      */
     public boolean isPermittedAll(PrincipalCollection principals, String... permissions)
{
+        assertRealmsConfigured();
         if (permissions != null && permissions.length > 0) {
             for (String perm : permissions) {
                 if (!isPermitted(principals, perm)) {
@@ -190,6 +238,7 @@
      * for <em>all</em> of the specified Permissions, <code>false</code>
otherwise.
      */
     public boolean isPermittedAll(PrincipalCollection principals, Collection<Permission>
permissions) {
+        assertRealmsConfigured();
         if (permissions != null && !permissions.isEmpty()) {
             for (Permission permission : permissions) {
                 if (!isPermitted(principals, permission)) {
@@ -205,6 +254,7 @@
      * an <code>UnauthorizedException</code> otherwise returns quietly.
      */
     public void checkPermission(PrincipalCollection principals, String permission) throws
AuthorizationException {
+        assertRealmsConfigured();
         if (!isPermitted(principals, permission)) {
             throw new UnauthorizedException("Subject does not have permission [" + permission
+ "]");
         }
@@ -215,6 +265,7 @@
      * an <code>UnauthorizedException</code> otherwise returns quietly.
      */
     public void checkPermission(PrincipalCollection principals, Permission permission) throws
AuthorizationException {
+        assertRealmsConfigured();
         if (!isPermitted(principals, permission)) {
             throw new UnauthorizedException("Subject does not have permission [" + permission
+ "]");
         }
@@ -225,6 +276,7 @@
      * an <code>UnauthorizedException</code> otherwise returns quietly.
      */
     public void checkPermissions(PrincipalCollection principals, String... permissions) throws
AuthorizationException {
+        assertRealmsConfigured();
         if (permissions != null && permissions.length > 0) {
             for (String perm : permissions) {
                 checkPermission(principals, perm);
@@ -238,6 +290,7 @@
      * an <code>UnauthorizedException</code> otherwise returns quietly.
      */
     public void checkPermissions(PrincipalCollection principals, Collection<Permission>
permissions) throws AuthorizationException {
+        assertRealmsConfigured();
         if (permissions != null) {
             for (Permission permission : permissions) {
                 checkPermission(principals, permission);
@@ -265,6 +318,7 @@
      * collection and places the return value from each call at the respective location in
the returned array.
      */
     public boolean[] hasRoles(PrincipalCollection principals, List<String> roleIdentifiers)
{
+        assertRealmsConfigured();
         if (roleIdentifiers != null && !roleIdentifiers.isEmpty()) {
             boolean[] hasRoles = new boolean[roleIdentifiers.size()];
             int i = 0;
@@ -283,6 +337,7 @@
      * <em>all</em> roles specified, <code>false</code> otherwise.
      */
     public boolean hasAllRoles(PrincipalCollection principals, Collection<String> roleIdentifiers)
{
+        assertRealmsConfigured();
         for (String roleIdentifier : roleIdentifiers) {
             if (!hasRole(principals, roleIdentifier)) {
                 return false;
@@ -296,6 +351,7 @@
      * an <code>UnauthorizedException</code> otherwise returns quietly.
      */
     public void checkRole(PrincipalCollection principals, String role) throws AuthorizationException
{
+        assertRealmsConfigured();
         if (!hasRole(principals, role)) {
             throw new UnauthorizedException("Subject does not have role [" + role + "]");
         }
@@ -305,6 +361,7 @@
      * Calls {@link #checkRole(org.jsecurity.subject.PrincipalCollection, String) checkRole}
for each role specified.
      */
     public void checkRoles(PrincipalCollection principals, Collection<String> roles)
throws AuthorizationException {
+        assertRealmsConfigured();
         if (roles != null) {
             for (String role : roles) {
                 checkRole(principals, role);

Modified: incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthenticatingSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthenticatingSecurityManager.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthenticatingSecurityManager.java
(original)
+++ incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthenticatingSecurityManager.java
Sat Jan 10 23:44:55 2009
@@ -41,8 +41,7 @@
  * @author Les Hazlewood
  * @since 0.9
  */
-public abstract class AuthenticatingSecurityManager extends RealmSecurityManager
-        implements AuthenticationListenerRegistrar {
+public abstract class AuthenticatingSecurityManager extends RealmSecurityManager implements
AuthenticationListenerRegistrar {
 
     /**
      * The internal <code>Authenticator</code> delegate instance that this SecurityManager
instance will use
@@ -52,19 +51,20 @@
 
     /**
      * Default no-arg constructor that initializes its internal
-     * <code>authenticator</code> instance to be a {@link ModularRealmAuthenticator
ModularRealmAuthenticator}.
+     * <code>authenticator</code> instance by just calling {@link #createAuthenticator()
createAuthenticator()}.
      */
     public AuthenticatingSecurityManager() {
-        this.authenticator = new ModularRealmAuthenticator();
+        setAuthenticator(createAuthenticator());
     }
 
     /**
      * Returns the delegate <code>Authenticator</code> instance that this SecurityManager
uses to perform all
-     * authentication operations.  Unless overridden by the 
+     * authentication operations.  Unless overridden by the
      * {@link #setAuthenticator(org.jsecurity.authc.Authenticator) setAuthenticator}, the
default instance is a
      * {@link org.jsecurity.authc.pam.ModularRealmAuthenticator ModularRealmAuthenticator}.
+     *
      * @return the delegate <code>Authenticator</code> instance that this SecurityManager
uses to perform all
-     * authentication operations.
+     *         authentication operations.
      */
     public Authenticator getAuthenticator() {
         return authenticator;
@@ -74,8 +74,9 @@
      * Sets the delegate <code>Authenticator</code> instance that this SecurityManager
uses to perform all
      * authentication operations.  Unless overridden by this method, the default instance
is a
      * {@link org.jsecurity.authc.pam.ModularRealmAuthenticator ModularRealmAuthenticator}.
-     * @param authenticator the delegate <code>Authenticator</code> instance
that this SecurityManager will use to 
-     * perform all authentication operations.
+     *
+     * @param authenticator the delegate <code>Authenticator</code> instance
that this SecurityManager will use to
+     *                      perform all authentication operations.
      * @throws IllegalArgumentException if the argument is <code>null</code>.
      */
     public void setAuthenticator(Authenticator authenticator) throws IllegalArgumentException
{
@@ -87,6 +88,17 @@
     }
 
     /**
+     * Creates the default <code>Authenticator</code> instance to use at startup.
 This simple default implementation
+     * merely returns <code>new {@link ModularRealmAuthenticator ModularRealmAuthenticator}()</code>.
+     *
+     * @return the default <code>Authenticator</code> instance to use at startup.
+     * @since 1.0
+     */
+    protected Authenticator createAuthenticator() {
+        return new ModularRealmAuthenticator();
+    }
+
+    /**
      * Sets the {@link org.jsecurity.authc.pam.ModularAuthenticationStrategy ModularAuthenticationStrategy}
to use
      * in multi-realm environments.
      *
@@ -168,8 +180,9 @@
      * Immediately calls {@link RealmSecurityManager#setRealms(java.util.Collection) super.setRealms}
and then
      * additionally passes on those realms to the internal delegate <code>Authenticator</code>
instance so
      * that it may use them during authentication attempts.
+     *
      * @param realms realms the realms managed by this <tt>SecurityManager</tt>
instance and subsequently the internal
-     * delegate <code>Authenticator</code> instance.
+     *               delegate <code>Authenticator</code> instance.
      */
     public void setRealms(Collection<Realm> realms) {
         super.setRealms(realms);
@@ -205,7 +218,6 @@
      * Delegates to the wrapped {@link Authenticator Authenticator} for authentication.
      */
     public AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException
{
-        ensureRealms();
         return this.authenticator.authenticate(token);
     }
 }

Modified: incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthorizingSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthorizingSecurityManager.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthorizingSecurityManager.java (original)
+++ incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/AuthorizingSecurityManager.java Sat
Jan 10 23:44:55 2009
@@ -55,10 +55,11 @@
     protected Authorizer authorizer;
 
     /**
-     * Default no-arg constructor.
+     * Default no-arg constructor that initializes its internal <code>authorizer</code>
instance by just
+     * calling {@link #createAuthorizer() createAuthorizer()}.
      */
     public AuthorizingSecurityManager() {
-        ensureAuthorizer();
+        setAuthorizer(createAuthorizer());
     }
 
     /**
@@ -87,23 +88,11 @@
     }
 
     /**
-     * Ensures that this instance's {@link Authorizer Authorizer} has been
-     * set, and if not, lazily creates one via the {@link #createAuthorizer() createAuthorizer()}
method and then
-     * immediately sets it via the {@link #setAuthorizer(org.jsecurity.authz.Authorizer)
setAuthorizer} method.  
-     */
-    protected void ensureAuthorizer() {
-        Authorizer authorizer = getAuthorizer();
-        if (authorizer == null) {
-            authorizer = createAuthorizer();
-            setAuthorizer(authorizer);
-        }
-    }
-
-    /**
      * Creates a new {@link Authorizer Authorizer} instance to be used by this <code>AuthorizingSecurityManager</code>
instance.
      * <p/>
      * This default implementation merely returns
      * <code>new {@link org.jsecurity.authz.ModularRealmAuthorizer ModularRealmAuthorizer}()</code>
+     *
      * @return a new {@link Authorizer Authorizer} instance to be used by this <code>AuthorizingSecurityManager</code>
instance.
      */
     protected Authorizer createAuthorizer() {
@@ -146,6 +135,7 @@
      * if ( authz instanceof ModularRealmAuthorizer ) {
      *     ((ModularRealmAuthorizer)authz).setRealms(realms);
      * }</pre>
+     *
      * @param realms the realms managed by this <tt>SecurityManager</tt> instance.
      */
     public void setRealms(Collection<Realm> realms) {
@@ -186,77 +176,62 @@
     }
 
     public boolean isPermitted(PrincipalCollection principals, String permissionString) {
-        ensureRealms();
         return getAuthorizer().isPermitted(principals, permissionString);
     }
 
     public boolean isPermitted(PrincipalCollection principals, Permission permission) {
-        ensureRealms();
         return getAuthorizer().isPermitted(principals, permission);
     }
 
     public boolean[] isPermitted(PrincipalCollection principals, String... permissions) {
-        ensureRealms();
         return getAuthorizer().isPermitted(principals, permissions);
     }
 
     public boolean[] isPermitted(PrincipalCollection principals, List<Permission> permissions)
{
-        ensureRealms();
         return getAuthorizer().isPermitted(principals, permissions);
     }
 
     public boolean isPermittedAll(PrincipalCollection principals, String... permissions)
{
-        ensureRealms();
         return getAuthorizer().isPermittedAll(principals, permissions);
     }
 
     public boolean isPermittedAll(PrincipalCollection principals, Collection<Permission>
permissions) {
-        ensureRealms();
         return getAuthorizer().isPermittedAll(principals, permissions);
     }
 
     public void checkPermission(PrincipalCollection principals, String permission) throws
AuthorizationException {
-        ensureRealms();
         getAuthorizer().checkPermission(principals, permission);
     }
 
     public void checkPermission(PrincipalCollection principals, Permission permission) throws
AuthorizationException {
-        ensureRealms();
         getAuthorizer().checkPermission(principals, permission);
     }
 
     public void checkPermissions(PrincipalCollection principals, String... permissions) throws
AuthorizationException {
-        ensureRealms();
         getAuthorizer().checkPermissions(principals, permissions);
     }
 
     public void checkPermissions(PrincipalCollection principals, Collection<Permission>
permissions) throws AuthorizationException {
-        ensureRealms();
         getAuthorizer().checkPermissions(principals, permissions);
     }
 
     public boolean hasRole(PrincipalCollection principals, String roleIdentifier) {
-        ensureRealms();
         return getAuthorizer().hasRole(principals, roleIdentifier);
     }
 
     public boolean[] hasRoles(PrincipalCollection principals, List<String> roleIdentifiers)
{
-        ensureRealms();
         return getAuthorizer().hasRoles(principals, roleIdentifiers);
     }
 
     public boolean hasAllRoles(PrincipalCollection principals, Collection<String> roleIdentifiers)
{
-        ensureRealms();
         return getAuthorizer().hasAllRoles(principals, roleIdentifiers);
     }
 
     public void checkRole(PrincipalCollection principals, String role) throws AuthorizationException
{
-        ensureRealms();
         getAuthorizer().checkRole(principals, role);
     }
 
     public void checkRoles(PrincipalCollection principals, Collection<String> roles)
throws AuthorizationException {
-        ensureRealms();
         getAuthorizer().checkRoles(principals, roles);
     }
 }

Modified: incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/CachingSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/CachingSecurityManager.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/CachingSecurityManager.java (original)
+++ incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/CachingSecurityManager.java Sat Jan
10 23:44:55 2009
@@ -30,8 +30,8 @@
  * A very basic extension point for the SecurityManager interface that merely provides logging
and caching
  * support.  All <tt>SecurityManager</tt> method implementations are left to
subclasses.
  *
- * <p>Upon instantiation, a sensible default {@link CacheManager CacheManager} will
be attempt to be created
- * automatically by the {@link #ensureCacheManager() ensureCacheManager()} method.  This
<code>CacheManager</code>
+ * <p>Upon instantiation, a sensible default {@link CacheManager CacheManager} will
be created automatically via the
+ * {@link #createCacheManager() createCacheManager() method.  This <code>CacheManager</code>
  * can then be used by subclass implementations and children components for use to achieve
better application
  * performance.
  *
@@ -55,7 +55,7 @@
      * Default no-arg constructor that will automatically attempt to initialize a default
cacheManager
      */
     public CachingSecurityManager() {
-        ensureCacheManager();
+        setCacheManager(createCacheManager());
     }
 
     /**
@@ -83,30 +83,6 @@
         afterCacheManagerSet();
     }
 
-    /**
-     * Simple lazy-initialization method that checks to see if a
-     * {@link #setCacheManager(org.jsecurity.cache.CacheManager) cacheManager} has been set,
and if not,
-     * attempts to {@link #createCacheManager() create one} and uses that to set the class
attribute.
-     * <p/>
-     * The default implementation functions as follows:
-     * <pre><code>
-     * CacheManager cm = getCacheManager();
-     * if (cm == null) {
-     *     cm = createCacheManager();
-     *     if (cm != null) {
-     *         setCacheManager(cm);
-     *     }
-     * }</code></pre>
-     */
-    protected void ensureCacheManager() {
-        CacheManager cm = getCacheManager();
-        if (cm == null) {
-            cm = createCacheManager();
-            if (cm != null) {
-                setCacheManager(cm);
-            }
-        }
-    }
 
     /**
      * Template callback to notify subclasses that a
@@ -122,14 +98,13 @@
      * <p/>
      * This default implementation returns a new
      * {@link org.jsecurity.cache.DefaultCacheManager DefaultCacheManager}, which uses in-memory
(memory-leak safe)
-     * caches.
+     * caches which are production safe.
      * <p/>
      * This can be overridden by subclasses for a different implementation, but it is often
easier to set a
      * different implementation via the {@link #setCacheManager(org.jsecurity.cache.CacheManager)
setCacheManager}
      * method, for example in code or Dependency Injection frameworks (a la Spring or JEE
3).
      *
      * @return a newly created <code>CacheManager</code> instance.
-     * @see #ensureCacheManager() ensureCacheManager()
      */
     protected CacheManager createCacheManager() {
         return new DefaultCacheManager();

Modified: incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/RealmSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/RealmSecurityManager.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/RealmSecurityManager.java (original)
+++ incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/RealmSecurityManager.java Sat Jan
10 23:44:55 2009
@@ -23,7 +23,6 @@
 import org.jsecurity.cache.CacheManager;
 import org.jsecurity.cache.CacheManagerAware;
 import org.jsecurity.realm.Realm;
-import org.jsecurity.realm.text.PropertiesRealm;
 import org.jsecurity.util.LifecycleUtils;
 
 import java.util.ArrayList;
@@ -88,42 +87,6 @@
     }
 
     /**
-     * Ensures at least one realm exists, and if not calls {@link #createDefaultRealm() createDefaultRealm()}
and sets
-     * it on this instance via the {@link #setRealm(Realm) setRealm} method.
-     * <p/>
-     * This method is used to lazily ensure at least one default Realm exists in all environments,
even if it is just
-     * with demo data, to ensure that JSecurity is usuable with the smallest (even no) configuration.
-     */
-    protected void ensureRealms() {
-        Collection<Realm> realms = getRealms();
-        if (realms == null || realms.isEmpty()) {
-            if (log.isInfoEnabled()) {
-                log.info("No Realms configured.  Defaulting to failsafe PropertiesRealm.");
-            }
-            Realm realm = createDefaultRealm();
-            setRealm(realm);
-        }
-    }
-
-    /**
-     * Creates a default Realm implementation to use in lazy-initialization use cases.
-     * <p/>
-     * The implementation returned is a {@link PropertiesRealm PropertiesRealm}, which supports
very simple
-     * properties-based user/role/permission configuration in testing, sample, and simple
applications.
-     * @return the default Realm implementation (a {@link PropertiesRealm PropertiesRealm}
to use in lazy-init use cases.
-     */
-    protected Realm createDefaultRealm() {
-        PropertiesRealm realm;
-        CacheManager cacheManager = getCacheManager();
-        if (cacheManager != null) {
-            realm = new PropertiesRealm(cacheManager);
-        } else {
-            realm = new PropertiesRealm();
-        }
-        return realm;
-    }
-
-    /**
      * Returns the {@link Realm Realm}s managed by this SecurityManager instance.
      *
      * @return the {@link Realm Realm}s managed by this SecurityManager instance.
@@ -160,7 +123,6 @@
      * Simply calls {@link #applyCacheManagerToRealms() applyCacheManagerToRealms()} to allow
the
      * newly set {@link CacheManager CacheManager} to be propagated to the internal collection
of <code>Realm</code>
      * that would need to use it.
-     *
      */
     protected void afterCacheManagerSet() {
         applyCacheManagerToRealms();

Modified: incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/SessionsSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/SessionsSecurityManager.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/SessionsSecurityManager.java (original)
+++ incubator/jsecurity/trunk/core/src/org/jsecurity/mgt/SessionsSecurityManager.java Sat
Jan 10 23:44:55 2009
@@ -61,10 +61,10 @@
 
     /**
      * Default no-arg constructor, internally creates a suitable default {@link SessionManager
SessionManager} delegate
-     * instance via the {@link #ensureSessionManager() ensureSessionManager()} method. 
+     * instance via the {@link #createSessionManager() createSessionManager()} method.
      */
     public SessionsSecurityManager() {
-        ensureSessionManager();
+        setSessionManager(createSessionManager());
     }
 
     /**
@@ -86,6 +86,7 @@
 
     /**
      * Returns this security manager's internal delegate {@link SessionManager SessionManager}.
+     *
      * @return this security manager's internal delegate {@link SessionManager SessionManager}.
      * @see #setSessionManager(org.jsecurity.session.mgt.SessionManager) setSessionManager
      */
@@ -94,19 +95,6 @@
     }
 
     /**
-     * Ensures that the internal delegate <code>SessionManager</code> exists,
and if not, calls
-     * {@link #createSessionManager createSessionManager} and sets the resulting instance
via the
-     * {@link #setSessionManager(org.jsecurity.session.mgt.SessionManager) setSessionManager}
method. 
-     */
-    protected void ensureSessionManager() {
-        SessionManager sessionManager = getSessionManager();
-        if (sessionManager == null) {
-            sessionManager = createSessionManager();
-            setSessionManager(sessionManager);
-        }
-    }
-
-    /**
      * Constructs a new <code>SessionManager</code> instance to be used as the
internal delegate for this security
      * manager.  After creation via the {@link #newSessionManagerInstance() newSessionManagerInstance()}
call, the
      * internal {@link #getCacheManager CacheManager} is set on it if the session manager
instance implements the
@@ -114,7 +102,7 @@
      * internal caching needs.
      *
      * @return a new initialized {@link SessionManager SessionManager} to use as this security
manager's internal
-     * delegate.
+     *         delegate.
      */
     protected SessionManager createSessionManager() {
         SessionManager sm = newSessionManagerInstance();
@@ -130,6 +118,7 @@
     /**
      * Merely instantiates (but does not initalize) the default <code>SessionManager</code>
implementation.  This method
      * merely returns <code>new {@link DefaultSessionManager DefaultSessionManager}()</code>.
+     *
      * @return a new, uninitialized {@link SessionManager SessionManager} instance.
      */
     protected SessionManager newSessionManagerInstance() {
@@ -185,8 +174,9 @@
      * Ensures the internal SessionManager instance is an <code>instanceof</code>
      * {@link org.jsecurity.session.SessionListenerRegistrar SessionListenerRegistrar} to
ensure that any
      * listeners attempting to be registered can actually do so with the internal delegate
instance.
+     *
      * @throws IllegalStateException if the internal delegate SessionManager instance does
not implement the
-     * <code>SessionListenerRegistrar</code> interface.
+     *                               <code>SessionListenerRegistrar</code> interface.
      */
     private void assertSessionListenerSupport() throws IllegalStateException {
         if (!(this.sessionManager instanceof SessionListenerRegistrar)) {
@@ -203,6 +193,7 @@
      * {@link #assertSessionListenerSupport() supports session listener registration} and
then
      * {@link SessionListenerRegistrar#add adds} the listener to the
      * delegate instance.
+     *
      * @param listener the <code>SessionListener</code> to register for session
events.
      */
     public void add(SessionListener listener) {
@@ -217,7 +208,7 @@
      *
      * @param listener the listener to remove that no longer wishes to be notified of session
events.
      * @return <code>true</code> if the listener was removed from the internal
delegate <code>SessionManager</code>
-     * instance, <code>false</code> otherwise.
+     *         instance, <code>false</code> otherwise.
      */
     public boolean remove(SessionListener listener) {
         SessionManager sm = getSessionManager();
@@ -242,7 +233,7 @@
     /**
      * Calls {@link #beforeSessionManagerDestroyed() beforeSessionManagerDestroyed()} to
allow subclass clean up and
      * then immediatley calls {@link #destroySessionManager() destroySessionManager()} to
clean up the internal
-     * delegate instance. 
+     * delegate instance.
      */
     protected void beforeAuthorizerDestroyed() {
         beforeSessionManagerDestroyed();

Modified: incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/DefaultSecurityManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/DefaultSecurityManagerTest.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/DefaultSecurityManagerTest.java
(original)
+++ incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/DefaultSecurityManagerTest.java
Sat Jan 10 23:44:55 2009
@@ -20,6 +20,7 @@
 
 import org.jsecurity.authc.AuthenticationToken;
 import org.jsecurity.authc.UsernamePasswordToken;
+import org.jsecurity.realm.text.PropertiesRealm;
 import org.jsecurity.session.Session;
 import org.jsecurity.subject.Subject;
 import org.jsecurity.util.ThreadContext;
@@ -39,6 +40,7 @@
     @Before
     public void setup() {
         sm = new DefaultSecurityManager();
+        sm.setRealm(new PropertiesRealm());
         ThreadContext.clear();
     }
 

Modified: incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/VMSingletonDefaultSecurityManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/VMSingletonDefaultSecurityManagerTest.java?rev=733425&r1=733424&r2=733425&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/VMSingletonDefaultSecurityManagerTest.java
(original)
+++ incubator/jsecurity/trunk/core/test/org/jsecurity/mgt/VMSingletonDefaultSecurityManagerTest.java
Sat Jan 10 23:44:55 2009
@@ -21,6 +21,7 @@
 import org.jsecurity.SecurityUtils;
 import org.jsecurity.authc.AuthenticationToken;
 import org.jsecurity.authc.UsernamePasswordToken;
+import org.jsecurity.realm.text.PropertiesRealm;
 import org.jsecurity.subject.Subject;
 import org.jsecurity.util.ThreadContext;
 import org.junit.After;
@@ -47,6 +48,7 @@
     @Test
     public void testVMSingleton() {
         DefaultSecurityManager sm = new DefaultSecurityManager();
+        sm.setRealm(new PropertiesRealm());
         SecurityUtils.setSecurityManager(sm);
 
         Subject subject = SecurityUtils.getSubject();



Mime
View raw message