Featherweight compatible now.

Need to integrate the new security model.

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/application-support-layer/applicationSupportLayerCore@82407 82a268e6-3cf1-43bd-a215-b396298e98cf

pom.xml

@@ -37,11 +37,14 @@
 			<artifactId>iscache</artifactId>
 			<version>[1.2.0-SNAPSHOT,2.0.0-SNAPSHOT)</version>
 		</dependency>
+		
+<!-- 		
 		<dependency>
 			<groupId>org.gcube.dvos</groupId>
 			<artifactId>voms-admin-stubs</artifactId>
 			<version>[2.0.0-SNAPSHOT,3.0.0-SNAPSHOT)</version>
 		</dependency>
+ -->
 		<dependency>
 			<groupId>org.gcube.dvos</groupId>
 			<artifactId>usermanagement-stub</artifactId>
@@ -52,16 +55,25 @@
 			<artifactId>ehcache-core</artifactId>
 			<version>2.5.1</version>
 		</dependency>
+<!--
 		<dependency>
 			<groupId>org.gcube.dvos</groupId>
 			<artifactId>voms-api</artifactId>
 			<version>[3.1.0-SNAPSHOT, 4.0.0)</version>
 		</dependency>
+ 	
 		<dependency>
 			<groupId>org.gcube.distribution</groupId>
 			<artifactId>ghn-core-runtime</artifactId>
 			<version>[1.0.0-SNAPSHOT,2.0.0-SNAPSHOT)</version>
 		</dependency>
+ -->	
+ 		<dependency>
+		  <groupId>org.glassfish</groupId>
+		  <artifactId>javax.xml.rpc</artifactId>
+		  <version>3.1.1</version>
+		</dependency>
+ 		
 		<dependency>
 			<groupId>org.gcube.personalisation</groupId>
 			<artifactId>profileadministration-client-library</artifactId>
@@ -97,11 +109,18 @@
 			<version>1.6.4</version>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+		  <groupId>xerces</groupId>
+		  <artifactId>xerces</artifactId>
+		  <version>2.4.0</version>
+		</dependency>
+<!-- 
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-jdk14</artifactId>
 			<version>1.6.1</version>
 		</dependency>
+ -->
 		<dependency>
 			<groupId>backport-util-concurrent</groupId>
 			<artifactId>backport-util-concurrent</artifactId>
@@ -160,6 +179,21 @@
 		  <artifactId>kxml2</artifactId>
 		  <version>2.3.0</version>
 		</dependency>
+		<dependency>
+		  <groupId>xalan</groupId>
+		  <artifactId>xalan</artifactId>
+		  <version>2.7.1</version>
+		</dependency>
+		<dependency>
+		  <groupId>org.apache.axis</groupId>
+		  <artifactId>axis</artifactId>
+		  <version>1.4</version>
+		</dependency>
+		<dependency>
+		  <groupId>net.sourceforge.addressing</groupId>
+		  <artifactId>addressing</artifactId>
+		  <version>1.1.1</version>
+		</dependency>
 		
 		
 	</dependencies>

src/main/java/org/gcube/application/framework/core/cache/CachesManager.java

@@ -39,8 +39,6 @@ public class CachesManager {
 	 */
 	protected CachesManager() {
 		
-		
-		
 		manager = CacheManager.create(CachesManager.class.getResource("/ehcache.xml"));
 		
 		caches = new HashMap<String, Ehcache>();

src/main/java/org/gcube/application/framework/core/cache/RIsManager.java

@@ -36,7 +36,7 @@ public class RIsManager {
 	
 //	protected HashMap<String, ISCache> isCaches;
 	
-	protected HashMap<String, Cache> caches;  //(scope,iccache) pairs
+	protected HashMap<String, ISCache> caches;  //(scope,iccache) pairs
 
 	/** Object logger. */
 	
@@ -46,7 +46,7 @@ public class RIsManager {
 	 * Initializes RIsManager 
 	 */
 	private RIsManager() { 
-		caches = new HashMap<String, Cache>();
+		caches = new HashMap<String, ISCache>();
 	}
 
 	/**
@@ -60,19 +60,21 @@ public class RIsManager {
 	}
 	
 	
-	// TODO: UNCOMMENT AND FIX THIS FUNCTION TO COMPLY WITH THE FeatherWeight Stack 
 	/**
 	 * @param scope the GGUBEScope for which the RIs are requested
 	 * @return the ISCache for this specific scope
 	 */
-//	public synchronized Cache getISCache(String scope)
+	public synchronized ISCache getISCache(String scope)
-//	{
+	{
-//		ISCache info = caches.get(scope);
+		ISCache info = caches.get(scope);
+		
+// TODO: UNCOMMENT when ISCache is FeatherWeight Stack compatible
+		
 //		if(info == null)
 //		{
 //			// If the ISCache in not already created, then it creates a new instance and adds it to the HashMap 
 //			try {
-//				CacheManager.addManager(scope);
+//				ISCacheManager.addManager(scope);
 //				info = ISCacheManager.getCacheManager(scope).getManager(scope).getCache();
 //				caches.put(scope, info);
 //				try {
@@ -84,7 +86,11 @@ public class RIsManager {
 //				logger.error("", e);
 //			}
 //		}
-//		return info;
+		
-//	}
+		logger.debug("RI in cache is probably null");
+		logger.info("RI in cache is probably null");
+		
+		return info;
+	}
 
 }

src/main/java/org/gcube/application/framework/core/cache/factories/ApplicationCredentials.java

@@ -8,106 +8,112 @@ import org.gcube.application.framework.core.util.UserCredential;
 //import org.gcube.common.core.scope.GCUBEScope;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.gcube.vomanagement.vomsapi.VOMSAdmin;
+//import org.gcube.vomanagement.vomsapi.VOMSAdmin;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
-import org.gcube.vomanagement.vomsapi.util.VOMSAttributesReader;
+//import org.gcube.vomanagement.vomsapi.util.VOMSAttributesReader;
-import org.glite.wsdl.services.org_glite_security_voms.User;
+//import org.glite.wsdl.services.org_glite_security_voms.User;
-import org.gridforum.jgss.ExtendedGSSCredential;
+//import org.gridforum.jgss.ExtendedGSSCredential;
 
 /**
+ *
  * This class is used for retrieving and updating the portal credential that is needed by the caches in order to retrieve information form gCube services
+ * IT'S FOR THE MOMENT DISABLED... IT WILL INTEGRATE THE NEW SECURITY MODEL, WHEN IT'S COMPLETED. 
  * @author Valia Tsagkalidou (NKUA)
  *
  */
 public class ApplicationCredentials {
-	private static ApplicationCredentials applCredentials = new ApplicationCredentials();
-	private HashMap<String, ExtendedGSSCredential> creds;
-	protected static String userDN = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN=";
-	protected static String userCA =  "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA";
 	
-	/** The logger. */
-	private static final Logger logger = LoggerFactory.getLogger(ApplicationCredentials.class);
 	
-	/**
+//	private static ApplicationCredentials applCredentials = new ApplicationCredentials();
-	 * The basic constructor
+//	private HashMap<String, ExtendedGSSCredential> creds;
-	 */
+//	protected static String userDN = "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/OU=eng.it/CN=";
-	protected ApplicationCredentials()
+//	protected static String userCA =  "/O=Grid/OU=GlobusTest/OU=simpleCA-gauss.eng.it/CN=Globus Simple CA";
-	{
+//	
-		creds = new HashMap<String, ExtendedGSSCredential>();
+//	/** The logger. */
-	}
+//	private static final Logger logger = LoggerFactory.getLogger(ApplicationCredentials.class);
-	
+//	
-	/**
+//	/**
-	 * @return  the sigleton of ApplicationCredentials
+//	 * The basic constructor
-	 */
+//	 */
-	public static ApplicationCredentials getInstance()
+//	protected ApplicationCredentials()
-	{
+//	{
-		return applCredentials;
+//		creds = new HashMap<String, ExtendedGSSCredential>();
-	}
+//	}
-
+//	
-	/**
+//	/**
-	 * @param VREname the of the VRE for which you want to get the "portal" credential
+//	 * @return  the sigleton of ApplicationCredentials
-	 * @return the grid credential
+//	 */
-	 */
+//	public static ApplicationCredentials getInstance()
-	public ExtendedGSSCredential getCredential(String VREname)
+//	{
-	{
+//		return applCredentials;
-		PortalSecurityManager secMan = new PortalSecurityManager(VREname);//GCUBEScope.getScope(VREname));
+//	}
-		if(!secMan.isSecurityEnabled())
+//
-			return null;
+//	/**
-		ExtendedGSSCredential cred = creds.get(VREname);
+//	 * @param VREname the of the VRE for which you want to get the "portal" credential
-		if(cred == null)
+//	 * @return the grid credential
-		{
+//	 */
-			// If the credential is not available, it retrieves it from myProxy
+//	public ExtendedGSSCredential getCredential(String VREname)
-			cred = UserCredential.getCredential("application", VREname);
+//	{
-			if(cred == null)
+//		PortalSecurityManager secMan = new PortalSecurityManager(VREname);//GCUBEScope.getScope(VREname));
-			{
+//		if(!secMan.isSecurityEnabled())
-				//user "application" does not exist on this VRE, so we add him and try to get credential again
+//			return null;
-				VOMSAdmin vomsA;
+//		ExtendedGSSCredential cred = creds.get(VREname);
-				VOMSAPIFactory factory;
+//		if(cred == null)
-				try {
+//		{
-					factory = VOMSAdminManager.getVOMSFactory();
+//			// If the credential is not available, it retrieves it from myProxy
-					vomsA = factory.getVOMSAdmin();
+//			cred = UserCredential.getCredential("application", VREname);
+//			if(cred == null)
+//			{
+//				//user "application" does not exist on this VRE, so we add him and try to get credential again
+//				VOMSAdmin vomsA;
+//				VOMSAPIFactory factory;
+//				try {
+//					factory = VOMSAdminManager.getVOMSFactory();
+//					vomsA = factory.getVOMSAdmin();
+//				//	String[] roles = vomsA.listRoles();
+//				//	vomsA.createUser("application", userDN+"application", userCA, "application@gcube.org");
+//				//	vomsA.addMember(VREname, userDN+"application", userCA);
+//				//	vomsA.assignRole(VREname, roles[0], userDN+"application", userCA);
+//				//	vomsA =  new VOMSAdminImpl();
 //					String[] roles = vomsA.listRoles();
-				//	vomsA.createUser("application", userDN+"application", userCA, "application@gcube.org");
+//					User myUser = new User();
+//					myUser.setCN("application");
+//					myUser.setDN(userDN+"application");
+//					myUser.setCA(userCA);
+//					myUser.setMail("application@gcube.org");
+//					//vomsA.getExtendedPortType().createUser("application", userDN+"application", userCA, "application@gcube.org");
+//					vomsA.createUser(myUser);
+//					//vomsA.getExtendedPortType().addOnlineCAMember(VREname, userDN+"application");
+//					//vomsA.getExtendedPortType().assignOnlineCARole(VREname, roles[0], userDN+"application");
 //					vomsA.addMember(VREname, userDN + "application", userCA);
 //					vomsA.assignRole(VREname, roles[0], userDN + "application", userCA);
-				//	vomsA =  new VOMSAdminImpl();
+//				} 
-					String[] roles = vomsA.listRoles();
+//				catch (Exception e) {
-					User myUser = new User();
+//					vomsA = null;
-					myUser.setCN("application");
+//					logger.error("", e);
-					myUser.setDN(userDN+"application");
+//				}
-					myUser.setCA(userCA);
+//				cred = UserCredential.getCredential("application", VREname);
-					myUser.setMail("application@gcube.org");
+//			}
-					//vomsA.getExtendedPortType().createUser("application", userDN+"application", userCA, "application@gcube.org");
+//			creds.put(VREname, cred);
-					vomsA.createUser(myUser);
+//		}
-					//vomsA.getExtendedPortType().addOnlineCAMember(VREname, userDN+"application");
+//		else
-					//vomsA.getExtendedPortType().assignOnlineCARole(VREname, roles[0], userDN+"application");
+//		{
-					vomsA.addMember(VREname, userDN + "application", userCA);
+//			// credential already available
-					vomsA.assignRole(VREname, roles[0], userDN + "application", userCA);
+//			VOMSAttributesReader vomsReader = null;
-				} 
+//			try {
-				catch (Exception e) {
+//				vomsReader = new VOMSAttributesReader(cred);
-					vomsA = null;
+//				//Check if it's gonna expire in the next minute, and refresh it
-					logger.error("", e);
+//				if(vomsReader.getRefreshPeriod() < 60000)
-				}
+//				{
-				cred = UserCredential.getCredential("application", VREname);
+//					cred = UserCredential.getCredential("application", VREname);
-			}
+//					creds.put(VREname, cred);
-			creds.put(VREname, cred);
+//				}
-		}
+//			} catch (Exception e1) {
-		else
+//				logger.error("", e1);
-		{
+//			}
-			// credential already available
+//		}
-			VOMSAttributesReader vomsReader = null;
+//		return cred;
-			try {
+//	}
-				vomsReader = new VOMSAttributesReader(cred);
+	
-				//Check if it's gonna expire in the next minute, and refresh it
+	
-				if(vomsReader.getRefreshPeriod() < 60000)
-				{
-					cred = UserCredential.getCredential("application", VREname);
-					creds.put(VREname, cred);
-				}
-			} catch (Exception e1) {
-				logger.error("", e1);
-			}
-		}
-		return cred;
-	}
 }

src/main/java/org/gcube/application/framework/core/security/JaasCallbackHandler.java

@@ -8,15 +8,16 @@ import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 
-import org.apache.commons.logging.Log;
+import org.slf4j.Logger;
-import org.apache.commons.logging.LogFactory;
+import org.slf4j.LoggerFactory;
+
 
 public class JaasCallbackHandler implements CallbackHandler{
 	
 	protected String username = null;
     protected String password = null;
 
-    private Log log = LogFactory.getLog(JaasCallbackHandler.class);
+    private static final Logger logger = LoggerFactory.getLogger(JaasCallbackHandler.class);
     
     public JaasCallbackHandler(String username, String password) {
         super();
@@ -28,13 +29,13 @@ public class JaasCallbackHandler implements CallbackHandler{
             throws IOException, UnsupportedCallbackException {
         for (int i = 0; i < callbacks.length; i++) {
             if (callbacks[i] instanceof NameCallback) {
-                if (log.isDebugEnabled()) log.debug("responding to NameCallback");
+                logger.debug("responding to NameCallback");
                 ((NameCallback) callbacks[i]).setName(username);
             } else if (callbacks[i] instanceof PasswordCallback) {
-                if (log.isDebugEnabled()) log.debug("responding to PasswordCallback");
+                logger.debug("responding to PasswordCallback");
                 ((PasswordCallback) callbacks[i]).setPassword(password != null ? password.toCharArray() : new char[0]);
             } else {
-                if (log.isDebugEnabled()) log.debug("unsupported callback: " + callbacks[i].getClass());
+                logger.debug("unsupported callback: " + callbacks[i].getClass());
                 throw new UnsupportedCallbackException(callbacks[i]);
             }
         }

src/main/java/org/gcube/application/framework/core/security/LDAPAuthenticationModule.java

@@ -8,12 +8,17 @@ import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
 import org.gcube.application.framework.core.util.UserCredential;
-import org.gridforum.jgss.ExtendedGSSCredential;
+//import org.gridforum.jgss.ExtendedGSSCredential;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-
+/**
+ * FOR THE MOMENT IT'S SOMEWHAT DUMMY... WAITING FOR THE NEW SECURITY MODEL TO BE COMPLETED AND THEN INTEGRATE IT HERE
+ * 
+ * @author nikolas
+ *
+ */
 public class LDAPAuthenticationModule {
 	
 	/** The logger. */
@@ -34,6 +39,12 @@ public class LDAPAuthenticationModule {
 	
 	public boolean checkAuthentication(String username, String password) throws Exception {
 		
+		logger.debug("USER authentication is disabled ! THE NEW SECURITY MODEL SHOULD BE INTEGRATED IN ASL");
+		logger.info("USER authentication is disabled ! THE NEW SECURITY MODEL SHOULD BE INTEGRATED IN ASL");
+		return true;
+		
+		
+/*
         logger.info("beginning authentication for " + username);
 
         LoginContext loginContext;
@@ -142,6 +153,7 @@ public class LDAPAuthenticationModule {
 //    		return true;
 //    	}
 
+*/
     }
 	
 

src/main/java/org/gcube/application/framework/core/security/ServiceContextManager.java

@@ -23,8 +23,7 @@ public class ServiceContextManager<PORTTYPE extends Remote> {
 	//TODO: SHOULD RECODE THE FUNCTIONS, USING THE NEW FEATHERWEIGHT SECURITY MODEL
 	/*  
 	public static <PORTTYPE extends Remote> PORTTYPE applySecurity(PORTTYPE stub, ASLSession session) throws Exception{
-		Credentials credentials = CredentialManager.instance.get();
+		PortalSecurityManager secManager = new PortalSecurityManager(session);
-		GCUBESecurityManager secManager = new PortalSecurityManager(session);
 		if(secManager.isSecurityEnabled())
 			secManager.useCredentials(session.getCredential());
 		return GCUBERemotePortTypeContext.getProxy(stub , session.getScope(), secManager);

src/main/java/org/gcube/application/framework/core/security/VOMSAdminManager.java

@@ -5,12 +5,14 @@ import java.io.File;
 
 import javax.xml.rpc.ServiceException;
 
+//import javax.xml.rpc.ServiceException;
+
 import org.gcube.application.framework.core.util.Settings;
-import org.gcube.vomanagement.vomsapi.ExtendedVOMSAdmin;
+//import org.gcube.vomanagement.vomsapi.ExtendedVOMSAdmin;
-import org.gcube.vomanagement.vomsapi.VOMSAdmin;
+//import org.gcube.vomanagement.vomsapi.VOMSAdmin;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfiguration;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfiguration;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfigurationException;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfigurationException;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -21,19 +23,16 @@ import org.slf4j.LoggerFactory;
  */
 public class VOMSAdminManager {
 	
-	/** The logger. */
+
 	private static final Logger logger = LoggerFactory.getLogger(VOMSAdminManager.class);
 
-	/**
+
-	 * 
+	/*
-	 */
 	protected static VOMSAPIFactory factory = null;
 	protected static VOMSAdmin vomsAdmin = null;
 	protected static ExtendedVOMSAdmin extendedVomsAdmin = null;
 	
-	/**
+
-	 * @return
-	 */
 	public static VOMSAPIFactory getVOMSFactory()
 	{
 		if(factory == null)
@@ -115,5 +114,6 @@ public class VOMSAdminManager {
 		}
 		return extendedVomsAdmin; 
 	}
+	*/
 	
 }

src/main/java/org/gcube/application/framework/core/session/ASLSession.java

@@ -24,7 +24,7 @@ import org.gcube.application.framework.core.util.SessionConstants;
 import org.gcube.application.framework.core.util.UserCredential;
 //import org.gcube.common.core.scope.GCUBEScope;
 import org.gcube.common.scope.api.ScopeProvider;
-import org.gridforum.jgss.ExtendedGSSCredential;
+//import org.gridforum.jgss.ExtendedGSSCredential;
 
 /**
  * @author Valia Tsagkalidou (NKUA)
@@ -40,8 +40,7 @@ public class ASLSession{
 	private long lastUsedTime;
 	private String externalSessionID;
 	private String username;
-	private ExtendedGSSCredential credential;
+//	private ExtendedGSSCredential credential;
-//	private GCUBEScope scope; //to be deleted 
 	private String scope;
 	private HashMap<String, Notifier> notifiers;
 	String scopeName;
@@ -251,10 +250,15 @@ public class ASLSession{
 	/**
 	 * @return the credential
 	 */
+/*	
+	DO NOT FORGET TO COMMENT OUT THIS WHEN THE NEW SECURITY MODEL IS AVAILABLE
+	
 	public ExtendedGSSCredential getCredential() {
 		return credential;
 	}
 	
+*/	
+
 	/**
 	 * @return the external session id (passed to the constructor)
 	 */
@@ -312,9 +316,13 @@ public class ASLSession{
 		this.scope = scope;
 		this.scopeName = scope;
 		ScopeProvider.instance.set(scope);
+		
+/*   DO NOT FORGET TO ADD THIS WHEN THE NEW SECURITY MODEL IS AVAILABLE !
+		
 		if(new PortalSecurityManager(this.scope).isSecurityEnabled())
 			this.credential = UserCredential.getCredential(username, scope);
 	
+*/
 		// get the attribute that indicates of log in has been done from the login portlet - or if the user logs in from a bookmark
 		if (loggedIn == true) {
 			// don't log

src/main/java/org/gcube/application/framework/core/util/ServiceUtils.java

@@ -4,8 +4,8 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Random;
 
-import org.apache.axis.message.addressing.EndpointReference;
+//import org.apache.axis.message.addressing.EndpointReference;
-import org.apache.axis.types.URI.MalformedURIException;
+//import org.apache.axis.types.URI.MalformedURIException;
 //import org.gcube.application.framework.core.cache.RIsManager;
 import org.gcube.application.framework.core.session.ASLSession;
 import org.gcube.common.resources.gcore.GCoreEndpoint;

src/main/java/org/gcube/application/framework/core/util/UserCredential.java

@@ -2,11 +2,11 @@ package org.gcube.application.framework.core.util;
 
 import java.io.File;
 
-import org.gcube.vomanagement.vomsapi.CredentialsManager;
+//import org.gcube.vomanagement.vomsapi.CredentialsManager;
-import org.gcube.vomanagement.vomsapi.VOMSAdmin;
+//import org.gcube.vomanagement.vomsapi.VOMSAdmin;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfiguration;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfiguration;
-import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
+//import org.gcube.vomanagement.vomsapi.impl.VOMSAPIFactory;
-import org.gridforum.jgss.ExtendedGSSCredential;
+//import org.gridforum.jgss.ExtendedGSSCredential;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -25,6 +25,9 @@ public class UserCredential {
 	 * @param DLname DLname
 	 * @return the GSS Credential
 	 */
+	
+	//UNCOMMENT ABOVE CODE WHEN THE SECURITY BECOMES AVAILABLE.
+/*
 	public static ExtendedGSSCredential getCredential(String username, String DLname)
 	{	
 		CredentialsManager man = null;
@@ -73,7 +76,7 @@ public class UserCredential {
 		return cred;
 	}
 	
-	
+	*/
 	
 
 }