We cannot quite inject Jersey in OSGi environment. Make sure we indirect
through ServletSupport, which provides the proper binding.
Change-Id: I132d55f4fa4e9d853e96cf3e299e241df730cb00
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
package org.opendaylight.aaa.shiro.realm;
import static com.google.common.base.Preconditions.checkArgument;
package org.opendaylight.aaa.shiro.realm;
import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Verify.verifyNotNull;
+import static java.util.Objects.requireNonNull;
import com.google.common.collect.ImmutableSet;
import com.google.gson.JsonParser;
import java.net.MalformedURLException;
import java.net.URL;
import com.google.common.collect.ImmutableSet;
import com.google.gson.JsonParser;
import java.net.MalformedURLException;
import java.net.URL;
-import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.MediaType;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.opendaylight.aaa.shiro.moon.MoonPrincipal;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.opendaylight.aaa.shiro.moon.MoonPrincipal;
+import org.opendaylight.aaa.web.servlet.ServletSupport;
+import org.opendaylight.yangtools.concepts.Registration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
*/
public class MoonRealm extends AuthorizingRealm {
private static final Logger LOG = LoggerFactory.getLogger(MoonRealm.class);
*/
public class MoonRealm extends AuthorizingRealm {
private static final Logger LOG = LoggerFactory.getLogger(MoonRealm.class);
+ private static final ThreadLocal<ServletSupport> SERVLET_SUPPORT_TL = new ThreadLocal<>();
private static final String MOON_DEFAULT_DOMAIN = "sdn";
private static final String MOON_DEFAULT_DOMAIN = "sdn";
+ private final ServletSupport servletSupport;
private volatile WebTarget moonServer;
private volatile WebTarget moonServer;
+ public MoonRealm() {
+ this(verifyNotNull(SERVLET_SUPPORT_TL.get(), "MoonRealm loading not prepared"));
+ }
+
+ public MoonRealm(final ServletSupport servletSupport) {
+ this.servletSupport = requireNonNull(servletSupport);
+ }
+
+ public static Registration prepareForLoad(final ServletSupport jaxrsSupport) {
+ SERVLET_SUPPORT_TL.set(requireNonNull(jaxrsSupport));
+ return SERVLET_SUPPORT_TL::remove;
+ }
+
@Override
protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principalCollection) {
return null;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principalCollection) {
return null;
// FIXME: allow authentication: and that really means configuring a Client!
final var server = String.format("http://%s:%s/moon/auth/tokens", uriHost, port);
LOG.debug("Moon server is at: {}:{} and will be accessed through {}", uriHost, port, server);
// FIXME: allow authentication: and that really means configuring a Client!
final var server = String.format("http://%s:%s/moon/auth/tokens", uriHost, port);
LOG.debug("Moon server is at: {}:{} and will be accessed through {}", uriHost, port, server);
- moonServer = ClientBuilder.newClient().target(server);
+ moonServer = servletSupport.newClientBuilder().build().target(server);
import org.opendaylight.aaa.api.TokenStore;
import org.opendaylight.aaa.api.password.service.PasswordHashService;
import org.opendaylight.aaa.cert.api.ICertificateManager;
import org.opendaylight.aaa.api.TokenStore;
import org.opendaylight.aaa.api.password.service.PasswordHashService;
import org.opendaylight.aaa.cert.api.ICertificateManager;
+import org.opendaylight.aaa.shiro.realm.MoonRealm;
import org.opendaylight.aaa.tokenauthrealm.auth.TokenAuthenticators;
import org.opendaylight.aaa.tokenauthrealm.auth.TokenAuthenticators;
+import org.opendaylight.aaa.web.servlet.ServletSupport;
import org.opendaylight.mdsal.binding.api.DataBroker;
import org.opendaylight.yang.gen.v1.urn.opendaylight.aaa.app.config.rev170619.ShiroConfiguration;
import org.opendaylight.yang.gen.v1.urn.opendaylight.aaa.app.config.rev170619.shiro.configuration.Main;
import org.opendaylight.mdsal.binding.api.DataBroker;
import org.opendaylight.yang.gen.v1.urn.opendaylight.aaa.app.config.rev170619.ShiroConfiguration;
import org.opendaylight.yang.gen.v1.urn.opendaylight.aaa.app.config.rev170619.shiro.configuration.Main;
private final TokenAuthenticators tokenAuthenticators;
private final TokenStore tokenStore;
private final PasswordHashService passwordHashService;
private final TokenAuthenticators tokenAuthenticators;
private final TokenStore tokenStore;
private final PasswordHashService passwordHashService;
+ private final ServletSupport servletSupport;
AAAIniWebEnvironment(final ShiroConfiguration shiroConfiguration, final DataBroker dataBroker,
final ICertificateManager certificateManager,
final AuthenticationService authenticationService,
final TokenAuthenticators tokenAuthenticators, final TokenStore tokenStore,
AAAIniWebEnvironment(final ShiroConfiguration shiroConfiguration, final DataBroker dataBroker,
final ICertificateManager certificateManager,
final AuthenticationService authenticationService,
final TokenAuthenticators tokenAuthenticators, final TokenStore tokenStore,
- final PasswordHashService passwordHashService) {
+ final PasswordHashService passwordHashService, final ServletSupport servletSupport) {
this.shiroConfiguration = shiroConfiguration;
this.dataBroker = dataBroker;
this.certificateManager = certificateManager;
this.shiroConfiguration = shiroConfiguration;
this.dataBroker = dataBroker;
this.certificateManager = certificateManager;
this.tokenAuthenticators = tokenAuthenticators;
this.tokenStore = tokenStore;
this.passwordHashService = passwordHashService;
this.tokenAuthenticators = tokenAuthenticators;
this.tokenStore = tokenStore;
this.passwordHashService = passwordHashService;
+ this.servletSupport = servletSupport;
LOG.debug("AAAIniWebEnvironment created");
}
LOG.debug("AAAIniWebEnvironment created");
}
ThreadLocals.TOKEN_AUTHENICATORS_TL.set(tokenAuthenticators);
ThreadLocals.TOKEN_STORE_TL.set(tokenStore);
ThreadLocals.PASSWORD_HASH_SERVICE_TL.set(passwordHashService);
ThreadLocals.TOKEN_AUTHENICATORS_TL.set(tokenAuthenticators);
ThreadLocals.TOKEN_STORE_TL.set(tokenStore);
ThreadLocals.PASSWORD_HASH_SERVICE_TL.set(passwordHashService);
+ try (var moonLoad = MoonRealm.prepareForLoad(servletSupport)) {
// Initialize the Shiro environment from clustered-app-config
final Ini ini = createIniFromClusteredAppConfig(shiroConfiguration);
setIni(ini);
// Initialize the Shiro environment from clustered-app-config
final Ini ini = createIniFromClusteredAppConfig(shiroConfiguration);
setIni(ini);
import org.opendaylight.aaa.api.password.service.PasswordHashService;
import org.opendaylight.aaa.cert.api.ICertificateManager;
import org.opendaylight.aaa.tokenauthrealm.auth.TokenAuthenticators;
import org.opendaylight.aaa.api.password.service.PasswordHashService;
import org.opendaylight.aaa.cert.api.ICertificateManager;
import org.opendaylight.aaa.tokenauthrealm.auth.TokenAuthenticators;
+import org.opendaylight.aaa.web.servlet.ServletSupport;
import org.opendaylight.mdsal.binding.api.DataBroker;
import org.opendaylight.yang.gen.v1.urn.opendaylight.aaa.app.config.rev170619.ShiroConfiguration;
import org.slf4j.Logger;
import org.opendaylight.mdsal.binding.api.DataBroker;
import org.opendaylight.yang.gen.v1.urn.opendaylight.aaa.app.config.rev170619.ShiroConfiguration;
import org.slf4j.Logger;
private final TokenAuthenticators tokenAuthenticators;
private final TokenStore tokenStore;
private final PasswordHashService passwordHashService;
private final TokenAuthenticators tokenAuthenticators;
private final TokenStore tokenStore;
private final PasswordHashService passwordHashService;
+ private final ServletSupport servletSupport;
// FIXME: @Inject for CDI, except we have ShiroConfiguration injected
// FIXME: @Activate for OSGi @Component
// FIXME: @Inject for CDI, except we have ShiroConfiguration injected
// FIXME: @Activate for OSGi @Component
final ICertificateManager certificateManager,
final AuthenticationService authenticationService,
final TokenAuthenticators tokenAuthenticators, final TokenStore tokenStore,
final ICertificateManager certificateManager,
final AuthenticationService authenticationService,
final TokenAuthenticators tokenAuthenticators, final TokenStore tokenStore,
- final PasswordHashService passwordHashService) {
+ final PasswordHashService passwordHashService,
+ final ServletSupport servletSupport) {
this.shiroConfiguration = shiroConfiguration;
this.dataBroker = dataBroker;
this.certificateManager = certificateManager;
this.shiroConfiguration = shiroConfiguration;
this.dataBroker = dataBroker;
this.certificateManager = certificateManager;
this.tokenAuthenticators = tokenAuthenticators;
this.tokenStore = tokenStore;
this.passwordHashService = passwordHashService;
this.tokenAuthenticators = tokenAuthenticators;
this.tokenStore = tokenStore;
this.passwordHashService = passwordHashService;
+ this.servletSupport = servletSupport;
LOG.debug("ShiroWebEnvironmentLoaderListenerImpl created");
}
@Override
protected WebEnvironment determineWebEnvironment(final ServletContext servletContext) {
return new AAAIniWebEnvironment(shiroConfiguration, dataBroker, certificateManager, authenticationService,
LOG.debug("ShiroWebEnvironmentLoaderListenerImpl created");
}
@Override
protected WebEnvironment determineWebEnvironment(final ServletContext servletContext) {
return new AAAIniWebEnvironment(shiroConfiguration, dataBroker, certificateManager, authenticationService,
- tokenAuthenticators, tokenStore, passwordHashService);
+ tokenAuthenticators, tokenStore, passwordHashService, servletSupport);
<odl:clustered-app-config
binding-class="org.opendaylight.yang.gen.v1.urn.opendaylight.aaa.app.config.rev170619.ShiroConfiguration"
<odl:clustered-app-config
binding-class="org.opendaylight.yang.gen.v1.urn.opendaylight.aaa.app.config.rev170619.ShiroConfiguration"
- id="shiroConfiguration" default-config-file-name="aaa-app-config.xml" />
+ id="shiroConfiguration"
+ default-config-file-name="aaa-app-config.xml"/>
<odl:clustered-app-config id="datastoreConfig"
default-config-file-name="aaa-datastore-config.xml"
<odl:clustered-app-config id="datastoreConfig"
default-config-file-name="aaa-datastore-config.xml"
<reference id="certManager" interface="org.opendaylight.aaa.cert.api.ICertificateManager"/>
<bean id="provider" class="org.opendaylight.aaa.AAAShiroProvider" init-method="init" destroy-method="close">
<reference id="certManager" interface="org.opendaylight.aaa.cert.api.ICertificateManager"/>
<bean id="provider" class="org.opendaylight.aaa.AAAShiroProvider" init-method="init" destroy-method="close">
- <argument ref="passwordCredentialAuth" />
- <argument ref="datastoreConfig" />
- <argument ref="idmStore" />
+ <argument ref="passwordCredentialAuth"/>
+ <argument ref="datastoreConfig"/>
+ <argument ref="idmStore"/>
+ <reference id="servletSupport" interface="org.opendaylight.aaa.web.servlet.ServletSupport"/>
+
<bean id="shiroWebEnvLoader" class="org.opendaylight.aaa.shiro.web.env.ShiroWebEnvironmentLoaderListener">
<argument ref="shiroConfiguration"/>
<argument ref="dataBroker"/>
<argument ref="certManager"/>
<bean id="shiroWebEnvLoader" class="org.opendaylight.aaa.shiro.web.env.ShiroWebEnvironmentLoaderListener">
<argument ref="shiroConfiguration"/>
<argument ref="dataBroker"/>
<argument ref="certManager"/>
- <argument ref="authService" />
+ <argument ref="authService"/>
<argument>
<bean factory-ref="provider" factory-method="getTokenAuthenticators"/>
</argument>
<argument>
<bean factory-ref="provider" factory-method="getTokenStore"/>
</argument>
<argument>
<bean factory-ref="provider" factory-method="getTokenAuthenticators"/>
</argument>
<argument>
<bean factory-ref="provider" factory-method="getTokenStore"/>
</argument>
- <argument ref="passwordService" />
+ <argument ref="passwordService"/>
+ <argument ref="servletSupport"/>
</bean>
<service ref="shiroWebEnvLoader" interface="javax.servlet.ServletContextListener"/>
</bean>
<service ref="shiroWebEnvLoader" interface="javax.servlet.ServletContextListener"/>
<reference id="webServer" interface="org.opendaylight.aaa.web.WebServer" />
<reference id="webServer" interface="org.opendaylight.aaa.web.WebServer" />
- <reference id="servletSupport" interface="org.opendaylight.aaa.web.servlet.ServletSupport" />
-
<bean id="webInitializer" class="org.opendaylight.aaa.shiro.web.env.WebInitializer" destroy-method="close">
<argument ref="webServer"/>
<argument ref="claimCache"/>
<bean id="webInitializer" class="org.opendaylight.aaa.shiro.web.env.WebInitializer" destroy-method="close">
<argument ref="webServer"/>
<argument ref="claimCache"/>