diff --git a/pom.xml b/pom.xml
index 8bff89d..75c78d5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -37,11 +37,14 @@
iscache
[1.2.0-SNAPSHOT,2.0.0-SNAPSHOT)
+
+
org.gcube.dvos
usermanagement-stub
@@ -52,16 +55,25 @@
ehcache-core
2.5.1
+
+
+ org.glassfish
+ javax.xml.rpc
+ 3.1.1
+
+
org.gcube.personalisation
profileadministration-client-library
@@ -97,11 +109,18 @@
1.6.4
test
+
+ xerces
+ xerces
+ 2.4.0
+
+
backport-util-concurrent
backport-util-concurrent
@@ -160,6 +179,21 @@
kxml2
2.3.0
+
+ xalan
+ xalan
+ 2.7.1
+
+
+ org.apache.axis
+ axis
+ 1.4
+
+
+ net.sourceforge.addressing
+ addressing
+ 1.1.1
+
diff --git a/src/main/java/org/gcube/application/framework/core/cache/CachesManager.java b/src/main/java/org/gcube/application/framework/core/cache/CachesManager.java
index b861e91..2b8054d 100644
--- a/src/main/java/org/gcube/application/framework/core/cache/CachesManager.java
+++ b/src/main/java/org/gcube/application/framework/core/cache/CachesManager.java
@@ -39,8 +39,6 @@ public class CachesManager {
*/
protected CachesManager() {
-
-
manager = CacheManager.create(CachesManager.class.getResource("/ehcache.xml"));
caches = new HashMap();
diff --git a/src/main/java/org/gcube/application/framework/core/cache/RIsManager.java b/src/main/java/org/gcube/application/framework/core/cache/RIsManager.java
index 34b7c10..988b366 100644
--- a/src/main/java/org/gcube/application/framework/core/cache/RIsManager.java
+++ b/src/main/java/org/gcube/application/framework/core/cache/RIsManager.java
@@ -36,7 +36,7 @@ public class RIsManager {
// protected HashMap isCaches;
- protected HashMap caches; //(scope,iccache) pairs
+ protected HashMap caches; //(scope,iccache) pairs
/** Object logger. */
@@ -46,7 +46,7 @@ public class RIsManager {
* Initializes RIsManager
*/
private RIsManager() {
- caches = new HashMap();
+ caches = new HashMap();
}
/**
@@ -60,19 +60,21 @@ public class RIsManager {
}
- // TODO: UNCOMMENT AND FIX THIS FUNCTION TO COMPLY WITH THE FeatherWeight Stack
/**
* @param scope the GGUBEScope for which the RIs are requested
* @return the ISCache for this specific scope
*/
-// public synchronized Cache getISCache(String scope)
-// {
-// ISCache info = caches.get(scope);
+ public synchronized ISCache getISCache(String scope)
+ {
+ ISCache info = caches.get(scope);
+
+// TODO: UNCOMMENT when ISCache is FeatherWeight Stack compatible
+
// if(info == null)
// {
// // If the ISCache in not already created, then it creates a new instance and adds it to the HashMap
// try {
-// CacheManager.addManager(scope);
+// ISCacheManager.addManager(scope);
// info = ISCacheManager.getCacheManager(scope).getManager(scope).getCache();
// caches.put(scope, info);
// try {
@@ -84,7 +86,11 @@ public class RIsManager {
// logger.error("", e);
// }
// }
-// return info;
-// }
+
+ logger.debug("RI in cache is probably null");
+ logger.info("RI in cache is probably null");
+
+ return info;
+ }
}
diff --git a/src/main/java/org/gcube/application/framework/core/cache/factories/ApplicationCredentials.java b/src/main/java/org/gcube/application/framework/core/cache/factories/ApplicationCredentials.java
index 0ed8134..be16a6a 100644
--- a/src/main/java/org/gcube/application/framework/core/cache/factories/ApplicationCredentials.java
+++ b/src/main/java/org/gcube/application/framework/core/cache/factories/ApplicationCredentials.java
@@ -8,106 +8,112 @@ import org.gcube.application.framework.core.util.UserCredential;
//import org.gcube.common.core.scope.GCUBEScope;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.gcube.vomanagement.vomsapi.VOMSAdmin;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
-import org.gcube.vomanagement.vomsapi.util.VOMSAttributesReader;
-import org.glite.wsdl.services.org_glite_security_voms.User;
-import org.gridforum.jgss.ExtendedGSSCredential;
+//import org.gcube.vomanagement.vomsapi.VOMSAdmin;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
+//import org.gcube.vomanagement.vomsapi.util.VOMSAttributesReader;
+//import org.glite.wsdl.services.org_glite_security_voms.User;
+//import org.gridforum.jgss.ExtendedGSSCredential;
/**
+ *
* This class is used for retrieving and updating the portal credential that is needed by the caches in order to retrieve information form gCube services
+ * IT'S FOR THE MOMENT DISABLED... IT WILL INTEGRATE THE NEW SECURITY MODEL, WHEN IT'S COMPLETED.
* @author Valia Tsagkalidou (NKUA)
*
*/
public class ApplicationCredentials {
- private static ApplicationCredentials applCredentials = new ApplicationCredentials();
- private HashMap creds;
- protected static String userDN = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN=";
- protected static String userCA = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA";
- /** The logger. */
- private static final Logger logger = LoggerFactory.getLogger(ApplicationCredentials.class);
- /**
- * The basic constructor
- */
- protected ApplicationCredentials()
- {
- creds = new HashMap();
- }
+// private static ApplicationCredentials applCredentials = new ApplicationCredentials();
+// private HashMap creds;
+// protected static String userDN = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN=";
+// protected static String userCA = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA";
+//
+// /** The logger. */
+// private static final Logger logger = LoggerFactory.getLogger(ApplicationCredentials.class);
+//
+// /**
+// * The basic constructor
+// */
+// protected ApplicationCredentials()
+// {
+// creds = new HashMap();
+// }
+//
+// /**
+// * @return the sigleton of ApplicationCredentials
+// */
+// public static ApplicationCredentials getInstance()
+// {
+// return applCredentials;
+// }
+//
+// /**
+// * @param VREname the of the VRE for which you want to get the "portal" credential
+// * @return the grid credential
+// */
+// public ExtendedGSSCredential getCredential(String VREname)
+// {
+// PortalSecurityManager secMan = new PortalSecurityManager(VREname);//GCUBEScope.getScope(VREname));
+// if(!secMan.isSecurityEnabled())
+// return null;
+// ExtendedGSSCredential cred = creds.get(VREname);
+// if(cred == null)
+// {
+// // If the credential is not available, it retrieves it from myProxy
+// cred = UserCredential.getCredential("application", VREname);
+// if(cred == null)
+// {
+// //user "application" does not exist on this VRE, so we add him and try to get credential again
+// VOMSAdmin vomsA;
+// VOMSAPIFactory factory;
+// try {
+// factory = VOMSAdminManager.getVOMSFactory();
+// vomsA = factory.getVOMSAdmin();
+// // String[] roles = vomsA.listRoles();
+// // vomsA.createUser("application", userDN+"application", userCA, "application@gcube.org");
+// // vomsA.addMember(VREname, userDN+"application", userCA);
+// // vomsA.assignRole(VREname, roles[0], userDN+"application", userCA);
+// // vomsA = new VOMSAdminImpl();
+// String[] roles = vomsA.listRoles();
+// User myUser = new User();
+// myUser.setCN("application");
+// myUser.setDN(userDN+"application");
+// myUser.setCA(userCA);
+// myUser.setMail("application@gcube.org");
+// //vomsA.getExtendedPortType().createUser("application", userDN+"application", userCA, "application@gcube.org");
+// vomsA.createUser(myUser);
+// //vomsA.getExtendedPortType().addOnlineCAMember(VREname, userDN+"application");
+// //vomsA.getExtendedPortType().assignOnlineCARole(VREname, roles[0], userDN+"application");
+// vomsA.addMember(VREname, userDN + "application", userCA);
+// vomsA.assignRole(VREname, roles[0], userDN + "application", userCA);
+// }
+// catch (Exception e) {
+// vomsA = null;
+// logger.error("", e);
+// }
+// cred = UserCredential.getCredential("application", VREname);
+// }
+// creds.put(VREname, cred);
+// }
+// else
+// {
+// // credential already available
+// VOMSAttributesReader vomsReader = null;
+// try {
+// vomsReader = new VOMSAttributesReader(cred);
+// //Check if it's gonna expire in the next minute, and refresh it
+// if(vomsReader.getRefreshPeriod() < 60000)
+// {
+// cred = UserCredential.getCredential("application", VREname);
+// creds.put(VREname, cred);
+// }
+// } catch (Exception e1) {
+// logger.error("", e1);
+// }
+// }
+// return cred;
+// }
+
- /**
- * @return the sigleton of ApplicationCredentials
- */
- public static ApplicationCredentials getInstance()
- {
- return applCredentials;
- }
-
- /**
- * @param VREname the of the VRE for which you want to get the "portal" credential
- * @return the grid credential
- */
- public ExtendedGSSCredential getCredential(String VREname)
- {
- PortalSecurityManager secMan = new PortalSecurityManager(VREname);//GCUBEScope.getScope(VREname));
- if(!secMan.isSecurityEnabled())
- return null;
- ExtendedGSSCredential cred = creds.get(VREname);
- if(cred == null)
- {
- // If the credential is not available, it retrieves it from myProxy
- cred = UserCredential.getCredential("application", VREname);
- if(cred == null)
- {
- //user "application" does not exist on this VRE, so we add him and try to get credential again
- VOMSAdmin vomsA;
- VOMSAPIFactory factory;
- try {
- factory = VOMSAdminManager.getVOMSFactory();
- vomsA = factory.getVOMSAdmin();
- // String[] roles = vomsA.listRoles();
- // vomsA.createUser("application", userDN+"application", userCA, "application@gcube.org");
- // vomsA.addMember(VREname, userDN+"application", userCA);
- // vomsA.assignRole(VREname, roles[0], userDN+"application", userCA);
- // vomsA = new VOMSAdminImpl();
- String[] roles = vomsA.listRoles();
- User myUser = new User();
- myUser.setCN("application");
- myUser.setDN(userDN+"application");
- myUser.setCA(userCA);
- myUser.setMail("application@gcube.org");
- //vomsA.getExtendedPortType().createUser("application", userDN+"application", userCA, "application@gcube.org");
- vomsA.createUser(myUser);
- //vomsA.getExtendedPortType().addOnlineCAMember(VREname, userDN+"application");
- //vomsA.getExtendedPortType().assignOnlineCARole(VREname, roles[0], userDN+"application");
- vomsA.addMember(VREname, userDN + "application", userCA);
- vomsA.assignRole(VREname, roles[0], userDN + "application", userCA);
- }
- catch (Exception e) {
- vomsA = null;
- logger.error("", e);
- }
- cred = UserCredential.getCredential("application", VREname);
- }
- creds.put(VREname, cred);
- }
- else
- {
- // credential already available
- VOMSAttributesReader vomsReader = null;
- try {
- vomsReader = new VOMSAttributesReader(cred);
- //Check if it's gonna expire in the next minute, and refresh it
- if(vomsReader.getRefreshPeriod() < 60000)
- {
- cred = UserCredential.getCredential("application", VREname);
- creds.put(VREname, cred);
- }
- } catch (Exception e1) {
- logger.error("", e1);
- }
- }
- return cred;
- }
}
diff --git a/src/main/java/org/gcube/application/framework/core/security/JaasCallbackHandler.java b/src/main/java/org/gcube/application/framework/core/security/JaasCallbackHandler.java
index 3704f84..78173b9 100644
--- a/src/main/java/org/gcube/application/framework/core/security/JaasCallbackHandler.java
+++ b/src/main/java/org/gcube/application/framework/core/security/JaasCallbackHandler.java
@@ -8,16 +8,17 @@ import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
public class JaasCallbackHandler implements CallbackHandler{
protected String username = null;
protected String password = null;
- private Log log = LogFactory.getLog(JaasCallbackHandler.class);
-
+ private static final Logger logger = LoggerFactory.getLogger(JaasCallbackHandler.class);
+
public JaasCallbackHandler(String username, String password) {
super();
this.username = username;
@@ -28,13 +29,13 @@ public class JaasCallbackHandler implements CallbackHandler{
throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
- if (log.isDebugEnabled()) log.debug("responding to NameCallback");
+ logger.debug("responding to NameCallback");
((NameCallback) callbacks[i]).setName(username);
} else if (callbacks[i] instanceof PasswordCallback) {
- if (log.isDebugEnabled()) log.debug("responding to PasswordCallback");
+ logger.debug("responding to PasswordCallback");
((PasswordCallback) callbacks[i]).setPassword(password != null ? password.toCharArray() : new char[0]);
} else {
- if (log.isDebugEnabled()) log.debug("unsupported callback: " + callbacks[i].getClass());
+ logger.debug("unsupported callback: " + callbacks[i].getClass());
throw new UnsupportedCallbackException(callbacks[i]);
}
}
diff --git a/src/main/java/org/gcube/application/framework/core/security/LDAPAuthenticationModule.java b/src/main/java/org/gcube/application/framework/core/security/LDAPAuthenticationModule.java
index d2b380e..cc027a9 100644
--- a/src/main/java/org/gcube/application/framework/core/security/LDAPAuthenticationModule.java
+++ b/src/main/java/org/gcube/application/framework/core/security/LDAPAuthenticationModule.java
@@ -8,12 +8,17 @@ import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.gcube.application.framework.core.util.UserCredential;
-import org.gridforum.jgss.ExtendedGSSCredential;
+//import org.gridforum.jgss.ExtendedGSSCredential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
+/**
+ * FOR THE MOMENT IT'S SOMEWHAT DUMMY... WAITING FOR THE NEW SECURITY MODEL TO BE COMPLETED AND THEN INTEGRATE IT HERE
+ *
+ * @author nikolas
+ *
+ */
public class LDAPAuthenticationModule {
/** The logger. */
@@ -33,7 +38,13 @@ public class LDAPAuthenticationModule {
public boolean checkAuthentication(String username, String password) throws Exception {
-
+
+ logger.debug("USER authentication is disabled ! THE NEW SECURITY MODEL SHOULD BE INTEGRATED IN ASL");
+ logger.info("USER authentication is disabled ! THE NEW SECURITY MODEL SHOULD BE INTEGRATED IN ASL");
+ return true;
+
+
+/*
logger.info("beginning authentication for " + username);
LoginContext loginContext;
@@ -142,6 +153,7 @@ public class LDAPAuthenticationModule {
// return true;
// }
+*/
}
diff --git a/src/main/java/org/gcube/application/framework/core/security/ServiceContextManager.java b/src/main/java/org/gcube/application/framework/core/security/ServiceContextManager.java
index 7930941..740f2c1 100644
--- a/src/main/java/org/gcube/application/framework/core/security/ServiceContextManager.java
+++ b/src/main/java/org/gcube/application/framework/core/security/ServiceContextManager.java
@@ -21,10 +21,9 @@ import org.ietf.jgss.GSSCredential;
public class ServiceContextManager {
//TODO: SHOULD RECODE THE FUNCTIONS, USING THE NEW FEATHERWEIGHT SECURITY MODEL
- /*
+ /*
public static PORTTYPE applySecurity(PORTTYPE stub, ASLSession session) throws Exception{
- Credentials credentials = CredentialManager.instance.get();
- GCUBESecurityManager secManager = new PortalSecurityManager(session);
+ PortalSecurityManager secManager = new PortalSecurityManager(session);
if(secManager.isSecurityEnabled())
secManager.useCredentials(session.getCredential());
return GCUBERemotePortTypeContext.getProxy(stub , session.getScope(), secManager);
diff --git a/src/main/java/org/gcube/application/framework/core/security/VOMSAdminManager.java b/src/main/java/org/gcube/application/framework/core/security/VOMSAdminManager.java
index 169c0c9..261ca9b 100644
--- a/src/main/java/org/gcube/application/framework/core/security/VOMSAdminManager.java
+++ b/src/main/java/org/gcube/application/framework/core/security/VOMSAdminManager.java
@@ -5,12 +5,14 @@ import java.io.File;
import javax.xml.rpc.ServiceException;
+//import javax.xml.rpc.ServiceException;
+
import org.gcube.application.framework.core.util.Settings;
-import org.gcube.vomanagement.vomsapi.ExtendedVOMSAdmin;
-import org.gcube.vomanagement.vomsapi.VOMSAdmin;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfiguration;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfigurationException;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
+//import org.gcube.vomanagement.vomsapi.ExtendedVOMSAdmin;
+//import org.gcube.vomanagement.vomsapi.VOMSAdmin;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfiguration;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfigurationException;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -21,19 +23,16 @@ import org.slf4j.LoggerFactory;
*/
public class VOMSAdminManager {
- /** The logger. */
+
private static final Logger logger = LoggerFactory.getLogger(VOMSAdminManager.class);
- /**
- *
- */
+
+ /*
protected static VOMSAPIFactory factory = null;
protected static VOMSAdmin vomsAdmin = null;
protected static ExtendedVOMSAdmin extendedVomsAdmin = null;
- /**
- * @return
- */
+
public static VOMSAPIFactory getVOMSFactory()
{
if(factory == null)
@@ -115,5 +114,6 @@ public class VOMSAdminManager {
}
return extendedVomsAdmin;
}
+ */
}
diff --git a/src/main/java/org/gcube/application/framework/core/session/ASLSession.java b/src/main/java/org/gcube/application/framework/core/session/ASLSession.java
index 25fc873..5e9ddaf 100644
--- a/src/main/java/org/gcube/application/framework/core/session/ASLSession.java
+++ b/src/main/java/org/gcube/application/framework/core/session/ASLSession.java
@@ -24,7 +24,7 @@ import org.gcube.application.framework.core.util.SessionConstants;
import org.gcube.application.framework.core.util.UserCredential;
//import org.gcube.common.core.scope.GCUBEScope;
import org.gcube.common.scope.api.ScopeProvider;
-import org.gridforum.jgss.ExtendedGSSCredential;
+//import org.gridforum.jgss.ExtendedGSSCredential;
/**
* @author Valia Tsagkalidou (NKUA)
@@ -40,8 +40,7 @@ public class ASLSession{
private long lastUsedTime;
private String externalSessionID;
private String username;
- private ExtendedGSSCredential credential;
-// private GCUBEScope scope; //to be deleted
+// private ExtendedGSSCredential credential;
private String scope;
private HashMap notifiers;
String scopeName;
@@ -251,9 +250,14 @@ public class ASLSession{
/**
* @return the credential
*/
+/*
+ DO NOT FORGET TO COMMENT OUT THIS WHEN THE NEW SECURITY MODEL IS AVAILABLE
+
public ExtendedGSSCredential getCredential() {
return credential;
}
+
+*/
/**
* @return the external session id (passed to the constructor)
@@ -312,9 +316,13 @@ public class ASLSession{
this.scope = scope;
this.scopeName = scope;
ScopeProvider.instance.set(scope);
+
+/* DO NOT FORGET TO ADD THIS WHEN THE NEW SECURITY MODEL IS AVAILABLE !
+
if(new PortalSecurityManager(this.scope).isSecurityEnabled())
this.credential = UserCredential.getCredential(username, scope);
-
+
+*/
// get the attribute that indicates of log in has been done from the login portlet - or if the user logs in from a bookmark
if (loggedIn == true) {
// don't log
diff --git a/src/main/java/org/gcube/application/framework/core/util/ServiceUtils.java b/src/main/java/org/gcube/application/framework/core/util/ServiceUtils.java
index 07c8740..691e477 100644
--- a/src/main/java/org/gcube/application/framework/core/util/ServiceUtils.java
+++ b/src/main/java/org/gcube/application/framework/core/util/ServiceUtils.java
@@ -4,8 +4,8 @@ import java.util.ArrayList;
import java.util.List;
import java.util.Random;
-import org.apache.axis.message.addressing.EndpointReference;
-import org.apache.axis.types.URI.MalformedURIException;
+//import org.apache.axis.message.addressing.EndpointReference;
+//import org.apache.axis.types.URI.MalformedURIException;
//import org.gcube.application.framework.core.cache.RIsManager;
import org.gcube.application.framework.core.session.ASLSession;
import org.gcube.common.resources.gcore.GCoreEndpoint;
diff --git a/src/main/java/org/gcube/application/framework/core/util/UserCredential.java b/src/main/java/org/gcube/application/framework/core/util/UserCredential.java
index 5ff8e66..135fe4d 100644
--- a/src/main/java/org/gcube/application/framework/core/util/UserCredential.java
+++ b/src/main/java/org/gcube/application/framework/core/util/UserCredential.java
@@ -2,11 +2,11 @@ package org.gcube.application.framework.core.util;
import java.io.File;
-import org.gcube.vomanagement.vomsapi.CredentialsManager;
-import org.gcube.vomanagement.vomsapi.VOMSAdmin;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfiguration;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
-import org.gridforum.jgss.ExtendedGSSCredential;
+//import org.gcube.vomanagement.vomsapi.CredentialsManager;
+//import org.gcube.vomanagement.vomsapi.VOMSAdmin;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfiguration;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
+//import org.gridforum.jgss.ExtendedGSSCredential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -25,6 +25,9 @@ public class UserCredential {
* @param DLname DLname
* @return the GSS Credential
*/
+
+ //UNCOMMENT ABOVE CODE WHEN THE SECURITY BECOMES AVAILABLE.
+/*
public static ExtendedGSSCredential getCredential(String username, String DLname)
{
CredentialsManager man = null;
@@ -73,7 +76,7 @@ public class UserCredential {
return cred;
}
-
+ */
}