mharindu 9 years ago
commit 1903b375f3

@ -71,7 +71,8 @@
org.wso2.carbon.user.api.*,
org.wso2.carbon.device.mgt.core.*,
org.wso2.carbon.device.mgt.common.*,
org.wso2.carbon.ntask.*
org.wso2.carbon.ntask.*,
org.wso2.carbon.caching.*
</Import-Package>
<Export-Package>
!org.wso2.carbon.policy.mgt.core.internal,

@ -21,26 +21,28 @@ package org.wso2.carbon.policy.mgt.core.cache.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.policy.mgt.common.Policy;
import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
import org.wso2.carbon.policy.mgt.core.cache.PolicyCacheManager;
import org.wso2.carbon.policy.mgt.core.mgt.PolicyManager;
import org.wso2.carbon.policy.mgt.core.mgt.impl.PolicyManagerImpl;
import org.wso2.carbon.policy.mgt.core.util.PolicyManagementConstants;
import org.wso2.carbon.policy.mgt.core.util.PolicyManagerUtil;
import java.util.ArrayList;
import java.util.HashMap;
import javax.cache.Cache;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
public class PolicyCacheManagerImpl implements PolicyCacheManager {
private static final Log log = LogFactory.getLog(PolicyCacheManagerImpl.class);
private static HashMap<Integer, HashMap<Integer, Policy>> tenantedPolicyMap = new HashMap<>();
private static PolicyCacheManagerImpl policyCacheManager;
private static Cache<Integer, List<Policy>> getPolicyListCache() {
return PolicyManagerUtil.getPolicyListCache(PolicyManagementConstants.DM_CACHE_LIST);
}
private PolicyCacheManagerImpl() {
}
@ -57,43 +59,36 @@ public class PolicyCacheManagerImpl implements PolicyCacheManager {
@Override
public void addAllPolicies(List<Policy> policies) {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
if (map.isEmpty()) {
for (Policy policy : policies) {
map.put(policy.getId(), policy);
}
}
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
lCache.put(1, policies);
}
@Override
public void updateAllPolicies(List<Policy> policies) {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
map.clear();
if (map.isEmpty()) {
for (Policy policy : policies) {
map.put(policy.getId(), policy);
}
}
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
lCache.removeAll();
lCache.put(1, policies);
}
@Override
public List<Policy> getAllPolicies() throws PolicyManagementException {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
if (map.isEmpty()) {
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
if (!lCache.containsKey(1)) {
PolicyManager policyManager = new PolicyManagerImpl();
this.addAllPolicies(policyManager.getPolicies());
}
if (log.isDebugEnabled()) {
log.debug("No of policies stored in the cache .. : " + map.size());
Set<Integer> keySet = map.keySet();
for (Integer x : keySet) {
log.debug("Policy id in maps .. : " + map.get(x).getId() + " policy name : " + map.get(x).
getPolicyName() + " Activated : " + map.get(x).isActive());
List<Policy> cachedPolicy = lCache.get(1);
for (Policy policy : cachedPolicy) {
log.debug("Policy id in cache .. : " + policy.getId() + " policy name : " + policy.
getPolicyName() + " Activated : " + policy.isActive());
}
}
return new ArrayList<>(map.values());
return lCache.get(1);
}
@Override
@ -105,59 +100,97 @@ public class PolicyCacheManagerImpl implements PolicyCacheManager {
@Override
public void removeAllPolicies() {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
map.clear();
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
lCache.removeAll();
}
@Override
public void addPolicy(Policy policy) {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
if (!map.containsKey(policy.getId())) {
map.put(policy.getId(), policy);
} else {
log.warn("Policy id (" + policy.getId() + ") already exist in the map. hence not attempted to store.");
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
if (lCache.containsKey(1)) {
List<Policy> cachedPolicy = lCache.get(1);
for (Policy pol : cachedPolicy) {
if (pol.getId() == policy.getId()) {
return;
}
}
cachedPolicy.add(policy);
}
}
@Override
public void updatePolicy(Policy policy) {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
if (map.containsKey(policy.getId())) {
map.remove(policy.getId());
map.put(policy.getId(), policy);
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
if (lCache.containsKey(1)) {
List<Policy> cachedPolicy = lCache.get(1);
Iterator iterator = cachedPolicy.iterator();
while (iterator.hasNext()) {
Policy pol = (Policy) iterator.next();
if (pol.getId() == policy.getId()) {
iterator.remove();
break;
}
}
cachedPolicy.add(policy);
lCache.replace(1, cachedPolicy);
}
}
@Override
public void updatePolicy(int policyId) throws PolicyManagementException {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
if (map.containsKey(policyId)) {
this.removePolicy(policyId);
}
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
if (lCache.containsKey(1)) {
PolicyManager policyManager = new PolicyManagerImpl();
Policy policy = policyManager.getPolicy(policyId);
map.put(policyId, policy);
this.updatePolicy(policy);
}
}
@Override
public void removePolicy(int policyId) {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
if (map.containsKey(policyId)) {
map.remove(policyId);
} else {
log.warn("Policy id (" + policyId + ") does not exist in the cache. Hence not removed.");
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
if (lCache.containsKey(1)) {
List<Policy> cachedPolicy = lCache.get(1);
Iterator iterator = cachedPolicy.iterator();
while (iterator.hasNext()) {
Policy pol = (Policy) iterator.next();
if (pol.getId() == policyId) {
iterator.remove();
break;
}
}
lCache.replace(1, cachedPolicy);
}
}
@Override
public Policy getPolicy(int policyId) throws PolicyManagementException {
HashMap<Integer, Policy> map = this.getTenantRelatedMap();
if (!map.containsKey(policyId)) {
Cache<Integer, List<Policy>> lCache = getPolicyListCache();
if (!lCache.containsKey(1)) {
this.removeAllPolicies();
this.getAllPolicies();
}
return map.get(policyId);
Policy policy = null;
List<Policy> cachedPolicy = lCache.get(1);
Iterator iterator = cachedPolicy.iterator();
while (iterator.hasNext()) {
Policy pol = (Policy) iterator.next();
if (pol.getId() == policyId) {
policy = pol;
}
}
return policy;
}
@Override
@ -175,13 +208,4 @@ public class PolicyCacheManagerImpl implements PolicyCacheManager {
return 0;
}
private HashMap<Integer, Policy> getTenantRelatedMap(){
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
if(!tenantedPolicyMap.containsKey(tenantId)){
HashMap<Integer, Policy> policyMap = new HashMap<>();
tenantedPolicyMap.put(tenantId, policyMap);
}
return tenantedPolicyMap.get(tenantId);
}
}

@ -39,6 +39,7 @@ public final class PolicyManagementConstants {
public static final String DM_CACHE_MANAGER = "DM_CACHE_MANAGER";
public static final String DM_CACHE = "DM_CACHE";
public static final String DM_CACHE_LIST = "DM_CACHE_LIST";
public static final String DELEGATION_TASK_TYPE = "DELEGATION__TASK";

@ -152,10 +152,28 @@ public class PolicyManagerUtil {
}
public static Cache getCacheManagerImpl() {
return Caching.getCacheManagerFactory()
.getCacheManager(PolicyManagementConstants.DM_CACHE_MANAGER).getCache(PolicyManagementConstants
.DM_CACHE);
// public static Cache getCacheManagerImpl() {
// return Caching.getCacheManagerFactory()
// .getCacheManager(PolicyManagementConstants.DM_CACHE_MANAGER).getCache(PolicyManagementConstants
// .DM_CACHE);
// }
public static Cache<Integer, Policy> getPolicyCache(String name){
CacheManager manager = getCacheManager();
return (manager != null) ? manager.<Integer, Policy>getCache(name) :
Caching.getCacheManager().<Integer, Policy>getCache(name);
}
public static Cache<Integer, List<Policy>> getPolicyListCache(String name){
CacheManager manager = getCacheManager();
return (manager != null) ? manager.<Integer, List<Policy>>getCache(name) :
Caching.getCacheManager().<Integer, List<Policy>>getCache(name);
}
private static CacheManager getCacheManager() {
return Caching.getCacheManagerFactory().getCacheManager(
PolicyManagementConstants.DM_CACHE_MANAGER);
}

@ -1,24 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.webapp.authenticator.framework;
public class APIInfo {
}

@ -1,33 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.webapp.authenticator.framework;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
public class APIMapperContextListener implements LifecycleListener {
@Override
public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
if (Lifecycle.AFTER_INIT_EVENT.equals(lifecycleEvent.getType())) {
}
}
}

@ -0,0 +1,87 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.webapp.authenticator.framework;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
import javax.servlet.http.HttpServletResponse;
public class WebappAuthenticationHandler extends CarbonTomcatValve {
private static final Log log = LogFactory.getLog(WebappAuthenticationHandler.class);
@Override
public void invoke(Request request, Response response, CompositeValve compositeValve) {
if (this.isNonAdminService(request) || this.skipAuthentication(request) || this.isContextSkipped(request)) {
this.getNext().invoke(request, response, compositeValve);
return;
}
WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(request);
if (authenticator == null) {
String msg = "Failed to load an appropriate authenticator to authenticate the request";
AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
return;
}
WebappAuthenticator.Status status = authenticator.authenticate(request, response);
this.processResponse(request, response, compositeValve, status);
}
private boolean isNonAdminService(Request request) {
String param = request.getContext().findParameter("isAdminService");
return !(param != null && Boolean.parseBoolean(param));
}
private boolean skipAuthentication(Request request) {
String param = request.getContext().findParameter("doAuthentication");
return (param == null || !Boolean.parseBoolean(param));
}
private boolean isContextSkipped(Request request) {
String ctx = request.getContext().getPath();
if (ctx == null) {
ctx = request.getContextPath();
if (ctx == null) {
return false;
}
}
return ctx.equals("/Carbon") || ctx.equals("/Services");
}
private void processResponse(Request request, Response response, CompositeValve compositeValve,
WebappAuthenticator.Status status) {
switch (status) {
case SUCCESS:
case CONTINUE:
this.getNext().invoke(request, response, compositeValve);
break;
case FAILURE:
String msg = "Failed to authorize incoming request";
log.error(msg);
AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
break;
}
}
}

@ -18,9 +18,26 @@
*/
package org.wso2.carbon.webapp.authenticator.framework;
import org.apache.catalina.connector.Request;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
import java.util.Map;
public class WebappAuthenticatorFactory {
public static WebappAuthenticator getAuthenticator(String authScheme) {
return DataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticator(authScheme);
}
public static WebappAuthenticator getAuthenticator(Request request) {
Map<String, WebappAuthenticator> authenticators =
DataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticators();
for (WebappAuthenticator authenticator : authenticators.values()) {
if (authenticator.canHandle(request)) {
return authenticator;
}
}
return null;
}
}

@ -24,6 +24,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
import javax.servlet.http.HttpServletResponse;

@ -18,15 +18,18 @@
*/
package org.wso2.carbon.webapp.authenticator.framework;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
public class WebappAuthenticatorRepository {
private Map<String, WebappAuthenticator> authenticators;
public WebappAuthenticatorRepository() {
this.authenticators = new HashMap<String, WebappAuthenticator>();
this.authenticators = new ConcurrentHashMap<>();
}
public void addAuthenticator(WebappAuthenticator authenticator) {
@ -37,4 +40,8 @@ public class WebappAuthenticatorRepository {
return authenticators.get(name);
}
public Map<String, WebappAuthenticator> getAuthenticators() {
return authenticators;
}
}

@ -24,14 +24,24 @@ import org.apache.catalina.util.Base64;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.CharChunk;
import org.apache.tomcat.util.buf.MessageBytes;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
import org.wso2.carbon.webapp.authenticator.framework.Constants;
public class BasicAuthAuthenticator implements WebappAuthenticator {
private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth";
private static final String HEADER_BASIC_AUTH = "authorization";
@Override
public boolean isAuthenticated(Request request) {
public boolean canHandle(Request request) {
MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
if (authorization != null) {
authorization.toBytes();
ByteChunk authBC = authorization.getByteChunk();
if (authBC.startsWithIgnoreCase("basic ", 0)) {
return true;
}
}
return false;
}
@ -47,7 +57,8 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
private Credentials getCredentials(Request request) {
Credentials credentials = null;
MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("authorization");
MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
if (authorization != null) {
authorization.toBytes();
ByteChunk authBC = authorization.getByteChunk();

@ -36,7 +36,6 @@ import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
@ -52,7 +51,7 @@ public class JWTAuthenticator implements WebappAuthenticator {
private static final String JWT_AUTHENTICATOR = "JWT";
@Override
public boolean isAuthenticated(Request request) {
public boolean canHandle(Request request) {
return false;
}

@ -30,7 +30,6 @@ import org.wso2.carbon.apimgt.core.gateway.APITokenAuthenticator;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil;
import org.wso2.carbon.webapp.authenticator.framework.Constants;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
import java.util.StringTokenizer;
import java.util.regex.Matcher;
@ -39,13 +38,28 @@ import java.util.regex.Pattern;
public class OAuthAuthenticator implements WebappAuthenticator {
private static final String OAUTH_AUTHENTICATOR = "OAuth";
private static APITokenAuthenticator authenticator = new APITokenAuthenticator();
private static final String REGEX_BEARER_PATTERN = "[B|b]earer\\s";
private static final Pattern PATTERN = Pattern.compile(REGEX_BEARER_PATTERN);
private static APITokenAuthenticator authenticator = new APITokenAuthenticator();
private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
@Override
public boolean isAuthenticated(Request request) {
public boolean canHandle(Request request) {
MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().
getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
String tokenValue = null;
if (authorization != null) {
authorization.toBytes();
ByteChunk authBC = authorization.getByteChunk();
tokenValue = authBC.toString();
Matcher matcher = PATTERN.matcher(tokenValue);
if (matcher.find()) {
return true;
}
}
return false;
}
@ -93,19 +107,15 @@ public class OAuthAuthenticator implements WebappAuthenticator {
}
private String getBearerToken(Request request) {
MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().
getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
String tokenValue = null;
if (authorization != null) {
authorization.toBytes();
ByteChunk authBC = authorization.getByteChunk();
tokenValue = authBC.toString();
Pattern pattern = Pattern.compile(REGEX_BEARER_PATTERN);
Matcher matcher = pattern.matcher(tokenValue);
Matcher matcher = PATTERN.matcher(tokenValue);
if (matcher.find()) {
tokenValue = tokenValue.substring(matcher.end());
}

@ -16,7 +16,7 @@
* under the License.
*
*/
package org.wso2.carbon.webapp.authenticator.framework;
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
@ -27,7 +27,7 @@ public interface WebappAuthenticator {
SUCCESS, FAILURE, CONTINUE
}
boolean isAuthenticated(Request request);
boolean canHandle(Request request);
Status authenticate(Request request, Response response);

@ -25,7 +25,8 @@ import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
import org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticationHandler;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorFrameworkValve;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository;
import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig;
@ -64,7 +65,7 @@ public class WebappAuthenticatorFrameworkServiceComponent {
DataHolder.getInstance().setWebappAuthenticatorRepository(repository);
List<CarbonTomcatValve> valves = new ArrayList<CarbonTomcatValve>();
valves.add(new WebappAuthenticatorFrameworkValve());
valves.add(new WebappAuthenticationHandler());
TomcatValveContainer.addValves(valves);
if (log.isDebugEnabled()) {

@ -4,5 +4,13 @@
<Name>OAuth</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthenticator</ClassName>
</Authenticator>
<Authenticator>
<Name>BasicAuth</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.BasicAuthAuthenticator</ClassName>
</Authenticator>
<Authenticator>
<Name>JWT</Name>
<ClassName>org.wso2.carbon.webapp.authenticator.framework.authenticator.JWTAuthenticator</ClassName>
</Authenticator>
</Authenticators>
</WebappAuthenticatorConfig>

Loading…
Cancel
Save