├── .gitignore ├── README.md ├── addmodule.sh ├── authentication ├── authentication-mechanism │ ├── jaspic-cdi-interface │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ ├── javax │ │ │ └── security │ │ │ │ └── authentication │ │ │ │ └── mechanism │ │ │ │ └── http │ │ │ │ ├── AuthenticationParameters.java │ │ │ │ ├── HttpAuthenticationMechanism.java │ │ │ │ ├── HttpMessageContext.java │ │ │ │ └── annotation │ │ │ │ └── BasicAuthenticationMechanismDefinition.java │ │ │ └── org │ │ │ └── glassfish │ │ │ └── jsr375 │ │ │ ├── Utils.java │ │ │ ├── cdi │ │ │ ├── CdiExtension.java │ │ │ ├── CdiProducer.java │ │ │ ├── CdiUtils.java │ │ │ └── DefaultAnnotationLiteral.java │ │ │ ├── mechanisms │ │ │ ├── AuthenticationParametersImpl.java │ │ │ ├── BasicAuthenticationMechanism.java │ │ │ ├── DefaultAuthConfigProvider.java │ │ │ ├── DefaultServerAuthConfig.java │ │ │ ├── DefaultServerAuthContext.java │ │ │ ├── HttpBridgeServerAuthModule.java │ │ │ ├── HttpMessageContextImpl.java │ │ │ └── Jaspic.java │ │ │ └── servlet │ │ │ └── SamRegistrationInstaller.java │ ├── jaspic-http-sam │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ ├── javax │ │ │ └── security │ │ │ │ └── auth │ │ │ │ └── message │ │ │ │ └── http │ │ │ │ ├── HttpMessageContext.java │ │ │ │ └── HttpServerAuthModule.java │ │ │ └── org │ │ │ └── acme │ │ │ └── Provider.java │ └── pom.xml ├── identity-store │ ├── call-identity-store-via-cdi-events-style-a │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ ├── javax │ │ │ └── security │ │ │ │ └── auth │ │ │ │ └── event │ │ │ │ ├── BaseAuthentication.java │ │ │ │ ├── DigestAuthentication.java │ │ │ │ ├── FindSecurityConstraints.java │ │ │ │ ├── GssAuthentication.java │ │ │ │ ├── SslAuthentication.java │ │ │ │ └── UserPasswordAuthentication.java │ │ │ └── org │ │ │ └── acme │ │ │ ├── HelloServlet.java │ │ │ ├── LoginServlet.java │ │ │ ├── MyIdentityStore.java │ │ │ └── UserRolesPrincipal.java │ ├── call-identity-store-via-cdi-events-style-b │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ └── javax │ │ │ └── security │ │ │ └── auth │ │ │ └── event │ │ │ ├── Authentication.java │ │ │ ├── DigestAuthentication.java │ │ │ ├── GssAuthentication.java │ │ │ ├── PasswordAuthentication.java │ │ │ ├── SignatureAuthentication.java │ │ │ ├── SslAuthentication.java │ │ │ └── TokenAuthentication.java │ ├── identity-store-jndi-with-rolemapper │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ ├── javax │ │ │ └── security │ │ │ │ └── auth │ │ │ │ ├── AuthenticationMechanism.java │ │ │ │ ├── identitystore │ │ │ │ ├── CustomIdentityStoreDefinition.java │ │ │ │ ├── DataSourceIdentityStoreDefinition.java │ │ │ │ ├── IdentityStore.java │ │ │ │ ├── Jsr351IdentityStoreDefinition.java │ │ │ │ ├── LdapIdentityStoreDefinition.java │ │ │ │ ├── MemoryIdentityStoreDefinition.java │ │ │ │ ├── ServerIdentityStoreDefinition.java │ │ │ │ └── UserInfo.java │ │ │ │ └── rolemapper │ │ │ │ ├── CustomRoleMapperDefinition.java │ │ │ │ ├── DataSourceRoleMapperDefinition.java │ │ │ │ ├── GroupIsRoleMapperDefinition.java │ │ │ │ ├── LdapRoleMapperDefinition.java │ │ │ │ ├── MemoryRoleMapperDefinition.java │ │ │ │ ├── RoleMap.java │ │ │ │ ├── RoleService.java │ │ │ │ └── ServerRoleMapperDefinition.java │ │ │ └── org │ │ │ └── acme │ │ │ ├── MyAuthenticationMechanism.java │ │ │ └── MyServlet.java │ ├── identity-store-mutable │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ ├── main │ │ │ ├── java │ │ │ │ └── javax │ │ │ │ │ └── security │ │ │ │ │ ├── idm │ │ │ │ │ ├── CredentialValidationResult.java │ │ │ │ │ ├── IdentityStore.java │ │ │ │ │ ├── credential │ │ │ │ │ │ ├── AbstractBaseCredentials.java │ │ │ │ │ │ ├── Credentials.java │ │ │ │ │ │ ├── Password.java │ │ │ │ │ │ └── UsernamePasswordCredentials.java │ │ │ │ │ └── model │ │ │ │ │ │ ├── Caller.java │ │ │ │ │ │ ├── Grant.java │ │ │ │ │ │ ├── Group.java │ │ │ │ │ │ ├── GroupMembership.java │ │ │ │ │ │ ├── Helper.java │ │ │ │ │ │ ├── Realm.java │ │ │ │ │ │ ├── Role.java │ │ │ │ │ │ └── RoleAssignable.java │ │ │ │ │ └── package-info.java │ │ │ └── javadoc │ │ │ │ └── overview.html │ │ │ └── test │ │ │ └── java │ │ │ └── javax │ │ │ └── security │ │ │ └── idm │ │ │ └── model │ │ │ ├── CallerTest.java │ │ │ ├── GrantTest.java │ │ │ ├── GroupMembershipTest.java │ │ │ ├── GroupTest.java │ │ │ ├── HelperTest.java │ │ │ ├── RealmTest.java │ │ │ └── RoleTest.java │ ├── identity-store-readonly-simplified │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ └── javax │ │ │ └── security │ │ │ └── identitystore │ │ │ ├── CredentialValidationResult.java │ │ │ ├── IdentityStore.java │ │ │ ├── annotation │ │ │ ├── Credentials.java │ │ │ ├── DataBaseIdentityStoreDefinition.java │ │ │ ├── EmbeddedIdentityStoreDefinition.java │ │ │ └── LdapIdentityStoreDefinition.java │ │ │ └── credential │ │ │ ├── AbstractCredential.java │ │ │ ├── BasicAuthenticationCredential.java │ │ │ ├── Credential.java │ │ │ ├── Password.java │ │ │ ├── TokenCredential.java │ │ │ ├── UsernamePasswordCredential.java │ │ │ └── package-info.java │ ├── identity-store-readonly │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ ├── main │ │ │ ├── java │ │ │ │ └── javax │ │ │ │ │ └── security │ │ │ │ │ ├── identitystore │ │ │ │ │ ├── CredentialValidationResult.java │ │ │ │ │ ├── IdentityStore.java │ │ │ │ │ ├── annotation │ │ │ │ │ │ ├── Validator.java │ │ │ │ │ │ ├── ValidatorAnnotationLiteral.java │ │ │ │ │ │ ├── Validators.java │ │ │ │ │ │ └── package-info.java │ │ │ │ │ ├── credential │ │ │ │ │ │ ├── AbstractCredential.java │ │ │ │ │ │ ├── BasicAuthenticationCredential.java │ │ │ │ │ │ ├── Credential.java │ │ │ │ │ │ ├── CredentialValidator.java │ │ │ │ │ │ ├── Password.java │ │ │ │ │ │ ├── TokenCredential.java │ │ │ │ │ │ ├── UsernamePasswordCredential.java │ │ │ │ │ │ └── package-info.java │ │ │ │ │ ├── package-info.java │ │ │ │ │ ├── persistence │ │ │ │ │ │ ├── AbstractIdentityStore.java │ │ │ │ │ │ ├── CachedIdentityStore.java │ │ │ │ │ │ ├── DatabaseIdentityStore.java │ │ │ │ │ │ ├── JaasIdentityStore.java │ │ │ │ │ │ ├── JaasSubjectPrincipalResolver.java │ │ │ │ │ │ ├── LdapEntryMapping.java │ │ │ │ │ │ ├── LdapIdentityStore.java │ │ │ │ │ │ ├── cachedsource │ │ │ │ │ │ │ ├── CachedIdentityStoreSource.java │ │ │ │ │ │ │ ├── JsonFileIdentityStoreSource.java │ │ │ │ │ │ │ ├── MemoryIdentityStoreSource.java │ │ │ │ │ │ │ └── package-info.java │ │ │ │ │ │ └── package-info.java │ │ │ │ │ └── query │ │ │ │ │ │ ├── CallerRoleMap.java │ │ │ │ │ │ ├── CallerStore.java │ │ │ │ │ │ ├── GroupRoleMap.java │ │ │ │ │ │ ├── GroupStore.java │ │ │ │ │ │ ├── RoleStore.java │ │ │ │ │ │ └── package-info.java │ │ │ │ │ └── package-info.java │ │ │ └── javadoc │ │ │ │ └── overview.html │ │ │ └── test │ │ │ ├── java │ │ │ └── javax │ │ │ │ └── security │ │ │ │ └── identitystore │ │ │ │ ├── CredentialValidatorTest.java │ │ │ │ ├── ValidateCredentialTest_JaasStore.java │ │ │ │ ├── ValidateCredentialTest_JsonStore.java │ │ │ │ ├── ValidateCredentialTest_LdapStore.java │ │ │ │ ├── ValidateCredentialTest_MemoryStore.java │ │ │ │ └── persistence │ │ │ │ ├── CachedIdentityStoreTest.java │ │ │ │ ├── JaasIdentityStoreTest.java │ │ │ │ ├── JaasTestArtifacts.java │ │ │ │ ├── JsonFileIdentityStoreSourceTest.java │ │ │ │ ├── LdapIdentityStoreTest.java │ │ │ │ └── MemoryIdentityStoreSourceTest.java │ │ │ └── resources │ │ │ └── identitystore │ │ │ └── testIdStore.json │ ├── pom.xml │ ├── simple-annotated-identity-store-b │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ ├── javax │ │ │ └── security │ │ │ │ └── auth │ │ │ │ ├── IdentityStore.java │ │ │ │ ├── OnAuthentication.java │ │ │ │ ├── OnAuthorization.java │ │ │ │ └── UserService.java │ │ │ └── org │ │ │ └── acme │ │ │ └── MySecurityProvider.java │ └── simple-annotated-identity-store │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ └── main │ │ └── java │ │ ├── javax │ │ └── security │ │ │ └── auth │ │ │ ├── AppIdentityStore.java │ │ │ ├── PasswordIdentityStore.java │ │ │ ├── User.java │ │ │ └── UserService.java │ │ └── org │ │ └── acme │ │ └── MyIdentityStore.java └── pom.xml ├── authorization ├── interceptor │ ├── el-authorization │ │ ├── .gitignore │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ ├── javax │ │ │ └── security │ │ │ │ └── auth │ │ │ │ └── EvaluateSecured.java │ │ │ └── org │ │ │ └── acme │ │ │ └── MyCdiBean.java │ ├── jaxrs-http-constraints │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ └── org │ │ │ └── acme │ │ │ └── AccountResource.java │ ├── pom.xml │ ├── securitybindingtypeinterceptor │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ │ └── main │ │ │ └── java │ │ │ ├── javax │ │ │ └── security │ │ │ │ └── auth │ │ │ │ ├── Secures.java │ │ │ │ └── SecurityBindingType.java │ │ │ └── org │ │ │ └── acme │ │ │ ├── mysecurityhandler │ │ │ ├── PermissionRequired.java │ │ │ └── PermissionRequiredAuthorizer.java │ │ │ └── somesecuredapplication │ │ │ └── MySampleJsfBackingBean.java │ └── voter │ │ ├── README.adoc │ │ ├── pom.xml │ │ └── src │ │ └── main │ │ └── java │ │ ├── javax │ │ └── security │ │ │ └── auth │ │ │ ├── AccessDecisionVoter.java │ │ │ ├── Voter.java │ │ │ ├── VoterInterceptor.java │ │ │ └── VoterInterceptorBinding.java │ │ └── org │ │ └── acme │ │ ├── CheckCustomerInPortfolio.java │ │ ├── OrderRepository.java │ │ └── model │ │ ├── Customer.java │ │ └── Order.java ├── named-permissions │ ├── README.adoc │ ├── pom.xml │ └── src │ │ └── main │ │ └── java │ │ ├── javax │ │ └── security │ │ │ └── auth │ │ │ ├── NamedPermission.java │ │ │ ├── PermissionsRequired.java │ │ │ └── util │ │ │ ├── CollectionUtils.java │ │ │ └── StringUtils.java │ │ └── org │ │ └── acme │ │ ├── Order.java │ │ └── OrderBoundary.java ├── pom.xml └── sudo-like-runas │ ├── README.adoc │ ├── pom.xml │ └── src │ └── main │ └── java │ ├── javax │ └── security │ │ └── auth │ │ └── RunAs.java │ └── org │ └── acme │ ├── LogsBean.java │ └── MyCdiBean.java ├── overall ├── pom.xml ├── standard-caller-and-group-principals │ ├── README.adoc │ ├── pom.xml │ └── src │ │ └── main │ │ └── java │ │ └── javax │ │ └── security │ │ └── auth │ │ ├── CallerPrincipal.java │ │ └── GroupPrincipal.java └── standard-security-context │ ├── README.adoc │ ├── pom.xml │ └── src │ └── main │ └── java │ ├── javax │ └── security │ │ └── auth │ │ └── SecurityContext.java │ └── org │ └── acme │ ├── ee7 │ ├── MyCdiBean.java │ ├── MyEjb.java │ ├── MyService.java │ └── MyServlet.java │ └── ee8 │ └── MyFutureCdiBean.java ├── pom.xml └── src ├── README.md ├── call-identity-store-via-cdi-events-style-a license.launch └── license ├── header.txt └── headers.xml /.gitignore: -------------------------------------------------------------------------------- 1 | *.class 2 | .classpath 3 | .project 4 | 5 | # Mobile Tools for Java (J2ME) 6 | .mtj.tmp/ 7 | 8 | # Package Files # 9 | *.jar 10 | *.war 11 | *.ear 12 | 13 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 14 | hs_err_pid* 15 | 16 | .idea 17 | *.iml 18 | target 19 | 20 | # emacs 21 | *~ 22 | 23 | *.class 24 | *.jar 25 | target/ 26 | /bin/ 27 | /dist/ 28 | .settings/ 29 | /**/.classpath 30 | /**/.project 31 | /**/.gitignore 32 | 33 | /.project 34 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Project moved to Jakarta EE Security 2 | 3 | Please browse to the current EE security project at https://github.com/jakartaee/security/ 4 | This archive is read-only, for legacy review. 5 | 6 | # javaee-security-proposals 7 | Play area for possible Java EE Security Concepts 8 | 9 | Collecting all proposed security code from: 10 | 11 | - https://java.net/jira/browse/JAVAEE_SECURITY_SPEC 12 | - https://java.net/jira/browse/JAVAEE_SPEC 13 | 14 | Goal is to aggregate code snippets large or small into a single place. 15 | 16 | Watch, fork, play! 17 | -------------------------------------------------------------------------------- /addmodule.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | export name=${1?Specify a module name} 4 | 5 | mkdir $name && 6 | cat > $name/pom.xml < 8 | 10 | 4.0.0 11 | 12 | 13 | net.java.jsr375 14 | jsr375-proposals 15 | 1.0-SNAPSHOT 16 | 17 | 18 | $name 19 | 20 | 21 | EOF 22 | 23 | mkdir -p $name/src/main/java/javax/security/auth && 24 | mkdir -p $name/src/main/java/org/acme && 25 | perl -i -pe 's,^( *)(),$1 $ENV{name}\n$1$2,' pom.xml && 26 | echo "# $name" > $name/README.adoc 27 | git add $name && 28 | git commit -m "Add $name" $name pom.xml 29 | -------------------------------------------------------------------------------- /authentication/authentication-mechanism/jaspic-cdi-interface/README.adoc: -------------------------------------------------------------------------------- 1 | # jaspic-cdi-interface 2 | 3 | Proposed early draft of API and example implementation for the authentication mechanism. 4 | 5 | The API lives in javax.security.authentication.mechanism.http 6 | Implementation lives in org.glassfish.jsr375 7 | 8 | Main API class is javax.security.authentication.mechanism.http.HttpAuthenticationMechanism. 9 | 10 | The concept of this proposal is that a CDI extension detects the presence of an enabled bean that implements HttpAuthenticationMechanism, 11 | and if found installs a JASPIC bridge SAM. This bridge SAM uses CDI to obtain the HttpAuthenticationMechanism instance and delegate its methods 12 | to. 13 | 14 | This in effect causes CDI to be fully available in the HttpAuthenticationMechanism, but doesn't require the JASPIC SAM itself to 15 | be a CDI bean. 16 | 17 | HttpAuthenticationMechanism is based on the similarly named type from the jaspic-http-sam proposal, but here it's an interface and a type to which 18 | a SAM delegates, but is itself not a SAM. 19 | -------------------------------------------------------------------------------- /authentication/authentication-mechanism/jaspic-cdi-interface/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 20 | 4.0.0 21 | 22 | 23 | net.java.jsr375 24 | authentication-mechanism 25 | 1.0-SNAPSHOT 26 | 27 | 28 | jaspic-cdi-interface 29 | 30 | 31 | -------------------------------------------------------------------------------- /authentication/authentication-mechanism/jaspic-cdi-interface/src/main/java/javax/security/authentication/mechanism/http/annotation/BasicAuthenticationMechanismDefinition.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.authentication.mechanism.http.annotation; 41 | 42 | import static java.lang.annotation.ElementType.TYPE; 43 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 44 | 45 | import java.lang.annotation.Retention; 46 | import java.lang.annotation.Target; 47 | 48 | @Retention(RUNTIME) 49 | @Target(TYPE) 50 | public @interface BasicAuthenticationMechanismDefinition { 51 | String realmName() default ""; 52 | } 53 | -------------------------------------------------------------------------------- /authentication/authentication-mechanism/jaspic-cdi-interface/src/main/java/org/glassfish/jsr375/cdi/DefaultAnnotationLiteral.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.glassfish.jsr375.cdi; 41 | 42 | import javax.enterprise.inject.Default; 43 | import javax.enterprise.util.AnnotationLiteral; 44 | 45 | /** 46 | * An annotation literal for @Default. 47 | * 48 | */ 49 | @SuppressWarnings("all") 50 | class DefaultAnnotationLiteral extends AnnotationLiteral implements Default { 51 | private static final long serialVersionUID = 1L; 52 | } 53 | -------------------------------------------------------------------------------- /authentication/authentication-mechanism/jaspic-http-sam/README.adoc: -------------------------------------------------------------------------------- 1 | # jaspic-http-sam 2 | -------------------------------------------------------------------------------- /authentication/authentication-mechanism/jaspic-http-sam/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 20 | 4.0.0 21 | 22 | 23 | net.java.jsr375 24 | authentication-mechanism 25 | 1.0-SNAPSHOT 26 | 27 | 28 | jaspic-http-sam 29 | 30 | 31 | -------------------------------------------------------------------------------- /authentication/authentication-mechanism/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | 5 | 6 | net.java.jsr375 7 | authentication 8 | 1.0-SNAPSHOT 9 | ../pom.xml 10 | 11 | 12 | authentication-mechanism 13 | pom 14 | 15 | Java EE Security Proposals: Authentication - Authentication mechanism 16 | 17 | 18 | jaspic-cdi-interface 19 | jaspic-http-sam 20 | 21 | 22 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-a/README.adoc: -------------------------------------------------------------------------------- 1 | == CDI based authentication 2 | 3 | START Evaluation by Arjan Tijms 4 | 5 | This proposal models an identity store, where the store is called by throwing a CDI event (sub class of BaseAuthentication). 6 | 7 | The {credentials in} part of the {credentials in/identity out} function comes from the data provided by a specific sub class of the base CDI event. 8 | 9 | The {identity out} part of the {credentials in/identity out} function comes from setting the principal on the base CDI event. 10 | 11 | As such, BaseAuthentication is essentially the base interface of the generic identity store. Subclasses like UserPasswordAuthentication are essentially 12 | interfaces for credential specific identity stores. 13 | 14 | What happens when there are multiple observers for an event? 15 | 16 | END Evaluation by Arjan Tijms 17 | 18 | 19 | The idea of using CDI event came on a discussion we add on the Apache TomEE community. 20 | It was meant to made the Apache Tomcat realms more usable. 21 | 22 | For instance, the Apache Tomcat Realm javadoc API is available at https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/realm/RealmBase.html 23 | 24 | Indeed, this interface and the realm model have some drawbacks 25 | 26 | * the interface is pretty rigid. 27 | It defines a set of methods to basically map authentication method from the Java Servlet Specification. 28 | It means that first, if you need to add another authentication method like (Token for instance), you can't extend this interface. 29 | 30 | * then, event if you are only interested in the FORM based authentication, you have to implement anyway the other methods. 31 | 32 | * the realm needs to be in the container and of course, the authentication usually involves business logic. 33 | So it results in the business logic and all the webapp to being package within the container as well. 34 | 35 | The idea here is to really on CDI events to decouple the container boiler plate from the business logic involved to authenticate a user so that you don't need to 36 | push your entire application to the container. 37 | The other good side effect is that you can only observe the event you are interested in. 38 | 39 | The complete working example is available at https://github.com/apache/tomee/blob/tomee-1.7.x/examples/cdi-event-realm 40 | 41 | The idea can anyway provide us with some directions on how to use CDI events for authentication and authorization. 42 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-a/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4.0.0 3 | 4 | 5 | net.java.jsr375 6 | identity-store 7 | 1.0-SNAPSHOT 8 | 9 | 10 | call-identity-store-via-cdi-events-style-a 11 | 12 | 13 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-a/src/main/java/javax/security/auth/event/BaseAuthentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth.event; 41 | 42 | import java.security.Principal; 43 | 44 | public abstract class BaseAuthentication { 45 | 46 | private Principal principal; 47 | 48 | public Principal getPrincipal() { 49 | return principal; 50 | } 51 | 52 | public void setPrincipal(final Principal principal) { 53 | this.principal = principal; 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-a/src/main/java/javax/security/auth/event/GssAuthentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth.event; 41 | 42 | import org.ietf.jgss.GSSContext; 43 | 44 | public class GssAuthentication extends BaseAuthentication { 45 | 46 | private final GSSContext gssContext; 47 | private final boolean storeCreds; 48 | 49 | public GssAuthentication(final GSSContext gssContext, final boolean storeCreds) { 50 | this.gssContext = gssContext; 51 | this.storeCreds = storeCreds; 52 | } 53 | 54 | public GSSContext getGssContext() { 55 | return gssContext; 56 | } 57 | 58 | public boolean isStoreCreds() { 59 | return storeCreds; 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-a/src/main/java/javax/security/auth/event/SslAuthentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth.event; 41 | 42 | import java.security.cert.X509Certificate; 43 | 44 | public class SslAuthentication extends BaseAuthentication { 45 | 46 | private final X509Certificate[] certs; 47 | 48 | public SslAuthentication(final X509Certificate[] certs) { 49 | this.certs = certs; 50 | } 51 | 52 | public X509Certificate[] getCerts() { 53 | return certs; 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-a/src/main/java/javax/security/auth/event/UserPasswordAuthentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth.event; 41 | 42 | public class UserPasswordAuthentication extends BaseAuthentication { 43 | 44 | private final String username; 45 | private final String credential; 46 | 47 | 48 | public UserPasswordAuthentication(final String username, final String credential) { 49 | this.username = username; 50 | this.credential = credential; 51 | } 52 | 53 | public String getUsername() { 54 | return username; 55 | } 56 | 57 | public String getCredential() { 58 | return credential; 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-a/src/main/java/org/acme/UserRolesPrincipal.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme; 41 | 42 | import java.security.Principal; 43 | import java.util.List; 44 | 45 | public class UserRolesPrincipal implements Principal { 46 | private final String name; 47 | private final List roles; 48 | 49 | public UserRolesPrincipal(final String name, final List roles) { 50 | 51 | this.name = name; 52 | this.roles = roles; 53 | } 54 | 55 | @Override 56 | public String getName() { 57 | return name; 58 | } 59 | 60 | public List getRoles() { 61 | return roles; 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-b/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4.0.0 3 | 4 | 5 | net.java.jsr375 6 | identity-store 7 | 1.0-SNAPSHOT 8 | 9 | 10 | call-identity-store-via-cdi-events-style-b 11 | 12 | 13 | 14 | com.mycila 15 | license-maven-plugin 16 | 17 | 18 | 19 | 20 | 21 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-b/src/main/java/javax/security/auth/event/Authentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth.event; 41 | 42 | import java.security.Principal; 43 | 44 | public abstract class Authentication { 45 | 46 | private Principal principal; 47 | 48 | public Principal getPrincipal() { 49 | return principal; 50 | } 51 | 52 | public void setPrincipal(final Principal principal) { 53 | this.principal = principal; 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-b/src/main/java/javax/security/auth/event/GssAuthentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth.event; 41 | 42 | import org.ietf.jgss.GSSContext; 43 | 44 | public class GssAuthentication extends Authentication { 45 | 46 | private final GSSContext gssContext; 47 | private final boolean storeCreds; 48 | 49 | public GssAuthentication(final GSSContext gssContext, final boolean storeCreds) { 50 | this.gssContext = gssContext; 51 | this.storeCreds = storeCreds; 52 | } 53 | 54 | public GSSContext getGssContext() { 55 | return gssContext; 56 | } 57 | 58 | public boolean isStoreCreds() { 59 | return storeCreds; 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-b/src/main/java/javax/security/auth/event/SslAuthentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth.event; 41 | 42 | import java.security.cert.X509Certificate; 43 | 44 | public class SslAuthentication extends Authentication { 45 | 46 | private final X509Certificate[] certs; 47 | 48 | public SslAuthentication(final X509Certificate[] certs) { 49 | this.certs = certs; 50 | } 51 | 52 | public X509Certificate[] getCerts() { 53 | return certs; 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /authentication/identity-store/call-identity-store-via-cdi-events-style-b/src/main/java/javax/security/auth/event/TokenAuthentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth.event; 46 | 47 | public class TokenAuthentication extends Authentication { 48 | 49 | private final String token; 50 | 51 | public TokenAuthentication(String token) { 52 | this.token = token; 53 | } 54 | 55 | public String getToken() { 56 | return token; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-jndi-with-rolemapper/README.adoc: -------------------------------------------------------------------------------- 1 | # user-and-role-service 2 | 3 | https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-10 4 | 5 | From: Alex Kosowski (edited by Arjan Tijms) 6 | 7 | START Evaluation by Arjan Tijms 8 | 9 | This proposal models primarily a mutable identity store with many operations. Most of those operations go far beyond the minimal {credentials in/identity out} that containers themselves call. 10 | 11 | The identity store is represented by the IdentityStore interface. There are definition (factory) annotations for various standardized implementations. Usage of these annotations by 12 | applications will cause an IdentityStore implementation to be made available via JNDI. 13 | 14 | The {identity out} part of the {credentials in/identity out} function comes from the UserInfo class that is returned by IdentityStore#loadUserByUsername. 15 | 16 | The {credentials in} part of the {credentials in/identity out} function is not shown in this proposal. 17 | 18 | This proposal also models a role mapper, which largely follows the same pattern as the identity store. 19 | 20 | Finally, the proposal seems to model an authentication mechanism (orginally called authenticator). TODO: I'm not 100% if this indeed models an authentication mechanism such as a JASPIC SAM 21 | does. 22 | 23 | 24 | END Evaluation by Arjan Tijms 25 | 26 | 27 | The IdentityStore annotations would be an adapter between the repository and the IdentityStore interface. We would standardize IdentityStore implementations for various repository types (LDAP, DataSource, -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-jndi-with-rolemapper/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | 7 | net.java.jsr375 8 | identity-store 9 | 1.0-SNAPSHOT 10 | 11 | 12 | identity-store-jndi-with-rolemapper 13 | 14 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-jndi-with-rolemapper/src/main/java/javax/security/auth/AuthenticationMechanism.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth; 41 | 42 | public @interface AuthenticationMechanism { 43 | String userSourceName(); 44 | 45 | String roleMapperName(); 46 | } 47 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-jndi-with-rolemapper/src/main/java/javax/security/auth/identitystore/CustomIdentityStoreDefinition.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth.identitystore; 46 | 47 | import static java.lang.annotation.ElementType.TYPE; 48 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 49 | 50 | import java.lang.annotation.Retention; 51 | import java.lang.annotation.Target; 52 | 53 | /** 54 | * Application definable 55 | */ 56 | @Target({TYPE}) 57 | @Retention(RUNTIME) 58 | public @interface CustomIdentityStoreDefinition { 59 | String name(); 60 | } 61 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-jndi-with-rolemapper/src/main/java/javax/security/auth/identitystore/ServerIdentityStoreDefinition.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth.identitystore; 46 | 47 | import static java.lang.annotation.ElementType.TYPE; 48 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 49 | 50 | import java.lang.annotation.Retention; 51 | import java.lang.annotation.Target; 52 | 53 | @Target({TYPE}) 54 | @Retention(RUNTIME) 55 | public @interface ServerIdentityStoreDefinition { 56 | String name(); 57 | } 58 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-jndi-with-rolemapper/src/main/java/javax/security/auth/rolemapper/CustomRoleMapperDefinition.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth.rolemapper; 46 | 47 | /** 48 | * Application definable 49 | */ 50 | @java.lang.annotation.Target({java.lang.annotation.ElementType.TYPE}) 51 | @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.RUNTIME) 52 | public @interface CustomRoleMapperDefinition { 53 | String name(); 54 | } 55 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-jndi-with-rolemapper/src/main/java/javax/security/auth/rolemapper/RoleMap.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth.rolemapper; 46 | 47 | import static java.lang.annotation.ElementType.TYPE; 48 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 49 | 50 | import java.lang.annotation.Retention; 51 | import java.lang.annotation.Target; 52 | 53 | @Target({TYPE}) 54 | @Retention(RUNTIME) 55 | public @interface RoleMap { 56 | String user() default ""; 57 | 58 | String group() default ""; 59 | 60 | String[] roles(); 61 | } 62 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-jndi-with-rolemapper/src/main/java/javax/security/auth/rolemapper/ServerRoleMapperDefinition.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth.rolemapper; 46 | 47 | import static java.lang.annotation.ElementType.TYPE; 48 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 49 | 50 | import java.lang.annotation.Target; 51 | 52 | /** 53 | * Bridges to the server role mapper 54 | */ 55 | @Target({TYPE}) 56 | @java.lang.annotation.Retention(RUNTIME) 57 | public @interface ServerRoleMapperDefinition { 58 | String name(); 59 | } 60 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-mutable/README.adoc: -------------------------------------------------------------------------------- 1 | = Proposed Identity Store based on PicketLink IDM for JSR 375 EE Security API: Java API, and JavaDoc Generation 2 | 3 | The identity-store module contains the sources to generate the Java API jar, and the JavaDoc. The proposed identity-store is built upon PicketLink IDM. See http://picketlink.org/appsecurity/idm/ for more info about PicketLink IDM. 4 | 5 | 6 | == Generating the Java API and JavaDoc 7 | 8 | Just enter `mvn` at the command line in this directory. Maven will generate the following artifacts. 9 | 10 | API Jar:: 11 | * The jar containing the identity-store interfaces and classes 12 | * In the directory: `identity-store/target` 13 | 14 | API JavaDoc:: 15 | * The JavaDoc for the identity-store interfaces and classes, excluding PicketLink IDM 16 | * In the directory: `identity-store/target/site/apidocs` 17 | 18 | == Java Source 19 | 20 | API Source:: 21 | * The source code for the identity-store interfaces and classes 22 | * In the directory: `identity-store/src/main/java` 23 | 24 | Unit Test Source:: 25 | * The source code for the API unit tests 26 | * In the directory: `identity-store/src/test/java` 27 | 28 | 29 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-mutable/src/main/java/javax/security/idm/credential/AbstractBaseCredentials.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.idm.credential; 41 | 42 | /** 43 | * Abstract base class for Credentials 44 | */ 45 | public abstract class AbstractBaseCredentials implements Credentials { 46 | 47 | private volatile boolean cleared = false;; 48 | 49 | @Override 50 | public boolean isCleared() { 51 | return cleared; 52 | } 53 | 54 | protected void setCleared() { 55 | this.cleared = true; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-mutable/src/main/java/javax/security/idm/credential/Credentials.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.idm.credential; 41 | 42 | /** 43 | * Credentials represents the credentials the caller will use to authenticate. 44 | */ 45 | public interface Credentials { 46 | 47 | /** 48 | * Determines whether the credential has been cleared. 49 | * @return true if the credential has been cleared, otherwise false. 50 | */ 51 | boolean isCleared(); 52 | 53 | /** 54 | * Clears the credential. For example, if the credential was a Basic Authentication 55 | * char array, this method would clear username:password value. 56 | */ 57 | void clear(); 58 | } 59 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-mutable/src/main/java/javax/security/idm/credential/Password.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.idm.credential; 41 | 42 | /** 43 | * Represents a text-based password credential 44 | */ 45 | public class Password { 46 | 47 | private char[] value = new char[]{}; 48 | 49 | public Password(char[] value) { 50 | this.value = value; 51 | } 52 | public Password(String str) { 53 | this.value = str != null ? str.toCharArray() : value; 54 | } 55 | 56 | public char[] getValue() { 57 | return value; 58 | } 59 | 60 | public void clear() { 61 | for (int i = 0; i < value.length; i++) { 62 | value[i] = 0x00; 63 | } 64 | value = null; 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-mutable/src/main/java/javax/security/idm/model/RoleAssignable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.idm.model; 41 | 42 | import org.picketlink.idm.model.IdentityType; 43 | 44 | /** 45 | * RoleAssignable is an identity type which may be assigned roles. 46 | */ 47 | public interface RoleAssignable extends IdentityType { 48 | } 49 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-mutable/src/main/java/javax/security/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The root Security API package. 42 | * 43 | * @version 1.0 44 | */ 45 | package javax.security; 46 | 47 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-mutable/src/main/javadoc/overview.html: -------------------------------------------------------------------------------- 1 | 42 | 43 | 44 | 45 | 46 |

This is the EE Security API.

47 | 48 | 49 | 50 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-mutable/src/test/java/javax/security/idm/model/RealmTest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.idm.model; 41 | 42 | import org.junit.Test; 43 | 44 | import static org.junit.Assert.assertEquals; 45 | import static org.junit.Assert.assertNull; 46 | 47 | /** 48 | * Tests {@link Realm} 49 | */ 50 | public class RealmTest { 51 | 52 | @Test 53 | public void constructor_noArg() { 54 | Realm realm = new Realm(); 55 | assertNull("No arg constructor", realm.getName()); 56 | } 57 | 58 | @Test 59 | public void constructor_name() { 60 | Realm realm = new Realm("me"); 61 | assertEquals("me", realm.getName()); 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly-simplified/README.adoc: -------------------------------------------------------------------------------- 1 | = Proposed read-only simplified Identity Store 2 | 3 | A somewhat simplified variant of the the "identity-store-read-only" proposal. 4 | 5 | In particular, this proposal omits the persistence and query packages and adds 6 | "[storeType]Definition" annotations that in analogy to @DataSourceDefinition 7 | are intended to instruct the container to make an implementation of the requested type available. 8 | 9 | 10 | 11 | 12 | 13 | 14 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly-simplified/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | 7 | net.java.jsr375 8 | identity-store 9 | 1.0-SNAPSHOT 10 | 11 | 12 | identity-store-readonly-simplified 13 | 14 | 15 | 16 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly-simplified/src/main/java/javax/security/identitystore/annotation/Credentials.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.identitystore.annotation; 41 | 42 | import static java.lang.annotation.ElementType.FIELD; 43 | import static java.lang.annotation.ElementType.METHOD; 44 | import static java.lang.annotation.ElementType.PARAMETER; 45 | import static java.lang.annotation.ElementType.TYPE; 46 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 47 | 48 | import java.lang.annotation.Retention; 49 | import java.lang.annotation.Target; 50 | 51 | @Retention(RUNTIME) 52 | @Target({ TYPE, METHOD, FIELD, PARAMETER }) 53 | public @interface Credentials { 54 | String callerName(); 55 | 56 | String password(); 57 | 58 | String[] groups() default {}; 59 | } 60 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly-simplified/src/main/java/javax/security/identitystore/annotation/EmbeddedIdentityStoreDefinition.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.identitystore.annotation; 41 | 42 | import static java.lang.annotation.ElementType.FIELD; 43 | import static java.lang.annotation.ElementType.METHOD; 44 | import static java.lang.annotation.ElementType.PARAMETER; 45 | import static java.lang.annotation.ElementType.TYPE; 46 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 47 | 48 | import java.lang.annotation.Retention; 49 | import java.lang.annotation.Target; 50 | 51 | @Retention(RUNTIME) 52 | @Target({ TYPE, METHOD, FIELD, PARAMETER }) 53 | public @interface EmbeddedIdentityStoreDefinition { 54 | 55 | Credentials[] value() default {}; 56 | 57 | } -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly-simplified/src/main/java/javax/security/identitystore/credential/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The Identity Store Credential API package. This package 42 | * contains classes and interfaces associated with submitting and validating 43 | * credentials. 44 | * 45 | * @version 1.0 46 | */ 47 | package javax.security.identitystore.credential; 48 | 49 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/README.adoc: -------------------------------------------------------------------------------- 1 | = Proposed Read-only Identity Store for JSR 375 EE Security API: Java API, and JavaDoc Generation 2 | 3 | The identity-store-readonly module contains the sources to generate the Java API jar, and the JavaDoc. 4 | 5 | 6 | == Generating the Java API and JavaDoc 7 | 8 | Just enter `mvn` at the command line in this directory. Maven will generate the following artifacts. 9 | 10 | API Jar:: 11 | * The jar containing the identity-store-readonly interfaces and classes 12 | * In the directory: `identity-store-readonly/target` 13 | 14 | API JavaDoc:: 15 | * The JavaDoc for the identity-store-readonly interfaces and classes 16 | * In the directory: `identity-store-readonly/target/site/apidocs` 17 | 18 | == Java Source 19 | 20 | API Source:: 21 | * The source code for the identity-store-readonly interfaces and classes 22 | * In the directory: `identity-store-readonly/src/main/java` 23 | 24 | Unit Test Source:: 25 | * The source code for the API unit tests 26 | * In the directory: `identity-store-readonly/src/test/java` 27 | 28 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/java/javax/security/identitystore/annotation/Validators.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.identitystore.annotation; 41 | 42 | import java.lang.annotation.Retention; 43 | import java.lang.annotation.Target; 44 | 45 | import static java.lang.annotation.ElementType.*; 46 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 47 | 48 | 49 | /** 50 | * Validators supports repeating {@link Validator} annotations. 51 | */ 52 | @Retention(RUNTIME) 53 | @Target({TYPE, METHOD, FIELD, PARAMETER}) 54 | public @interface Validators { 55 | Validator[] value(); 56 | } 57 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/java/javax/security/identitystore/annotation/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The Identity Store Annotation API package. This package 42 | * contains annotations defined by and used within the Identity Store API. 43 | * 44 | * @version 1.0 45 | */ 46 | package javax.security.identitystore.annotation; 47 | 48 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/java/javax/security/identitystore/credential/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The Identity Store Credential API package. This package 42 | * contains classes and interfaces associated with submitting and validating 43 | * credentials. 44 | * 45 | * @version 1.0 46 | */ 47 | package javax.security.identitystore.credential; 48 | 49 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/java/javax/security/identitystore/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The Identity Store API package. 42 | *

43 | * An Identity Store is a mechanism for validating a Caller's credentials 44 | * and accessing a Caller's identity attributes, and would be used by 45 | * an authentication mechanism, such as JASPIC. 46 | * An Identity Store obtains identity data from a persistence 47 | * mechanism, such as a file, database, or LDAP. 48 | * 49 | * @version 1.0 50 | */ 51 | package javax.security.identitystore; 52 | 53 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/java/javax/security/identitystore/persistence/cachedsource/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The Identity Store Persistence Cached Source API package. This package 42 | * contains classes implementing {@link javax.security.identitystore.persistence.cachedsource.CachedIdentityStoreSource}, 43 | * which supplies data for the {@link javax.security.identitystore.persistence.CachedIdentityStore}. 44 | * Each source is associated with a persistence mechanism, such as a file, which would be read 45 | * in its entirety and cached in the CachedIdentityStore. 46 | * 47 | * @version 1.0 48 | */ 49 | package javax.security.identitystore.persistence.cachedsource; 50 | 51 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/java/javax/security/identitystore/persistence/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The Identity Store Persistence API package. This package contains classes 42 | * implementing {@link javax.security.identitystore.IdentityStore} and 43 | * {@link javax.security.identitystore.query} package interfaces using identity 44 | * data from specific persistence mechanisms. 45 | * 46 | * @version 1.0 47 | */ 48 | package javax.security.identitystore.persistence; 49 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/java/javax/security/identitystore/query/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The Identity Store Query API package. This package contains interfaces for 42 | * accessing extended query capability of identity store implementations. 43 | * 44 | * @version 1.0 45 | */ 46 | package javax.security.identitystore.query; 47 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/java/javax/security/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | /** 41 | * The root Security API package. 42 | * 43 | * @version 1.0 44 | */ 45 | package javax.security; 46 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/main/javadoc/overview.html: -------------------------------------------------------------------------------- 1 | 42 | 43 | 44 | 45 | 46 |

This is the EE Security API.

47 | 48 | 49 | 50 | -------------------------------------------------------------------------------- /authentication/identity-store/identity-store-readonly/src/test/resources/identitystore/testIdStore.json: -------------------------------------------------------------------------------- 1 | { 2 | "callers": [ 3 | { 4 | "name": "jsmith", 5 | "groups": ["admin", "user"], 6 | "roles": ["VIEW_ACCT", "EDIT_ACCT"], 7 | "credentials": [ 8 | { 9 | "type": "javax.security.identitystore.credential.UsernamePasswordCredential", 10 | "value": "70a5b4215270a19492788cf76c9e591a9334ac2363213765674e5181babbea1b", 11 | "hash-algorithm": "SHA-256", 12 | "hash-salt": "NaCl" 13 | }, 14 | { 15 | "type": "javax.security.identitystore.credential.TokenCredential", 16 | "value": "ASDJFWEJ;WKJQDSJKLDVJKVALS;KJ", 17 | "attributes": [ 18 | { 19 | "name": "expires", 20 | "value": "1440034787" 21 | } 22 | ] 23 | }, 24 | { 25 | "type": "javax.security.identitystore.CredentialValidatorTest$X509ClientCertCredential", 26 | "value": "" 27 | }, 28 | { 29 | "type": "javax.security.identitystore.ValidateCredentialTest_JsonStore$ByteCredential", 30 | "value": "d2VsY29tZTE=" 31 | } 32 | ], 33 | "attributes": [ 34 | { 35 | "name": "locked", 36 | "value": "true" 37 | }, 38 | { 39 | "name": "expired", 40 | "value": "true" 41 | } 42 | ] 43 | }, 44 | { 45 | "name": "jlee", 46 | "groups": ["deployer"], 47 | "roles": ["VIEW_ACCT"], 48 | "credentials": [ 49 | { 50 | "type": "javax.security.identitystore.credential.UsernamePasswordCredential", 51 | "value": "welcome1" 52 | }, 53 | { 54 | "type": "javax.security.identitystore.credential.TokenCredential", 55 | "value": "ASDJFWEJ;FGSKREJTEJ;KJ" 56 | } 57 | ] 58 | } 59 | ] 60 | } -------------------------------------------------------------------------------- /authentication/identity-store/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | 7 | net.java.jsr375 8 | authentication 9 | 1.0-SNAPSHOT 10 | 11 | 12 | identity-store 13 | pom 14 | 15 | Java EE Security Proposals: Authentication - Identity Store 16 | 17 | 18 | 30 | 31 | 32 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store-b/README.adoc: -------------------------------------------------------------------------------- 1 | # simple-annotated-security-provider 2 | 3 | https://java.net/jira/browse/JAVAEE_SPEC-25 4 | 5 | From: Reza Rahman 6 | 7 | I think in the bare minimum we need to have something as simple as this: 8 | 9 | ``` 10 | import javax.inject.Inject; 11 | import javax.security.auth.OnAuthentication; 12 | import javax.security.auth.OnAuthorization; 13 | import javax.security.auth.IdentityStore; 14 | import javax.security.auth.UserService; 15 | import java.security.Principal; 16 | 17 | @IdentityStore 18 | public class MyIdentityStore { 19 | 20 | @Inject 21 | private UserService userService; 22 | 23 | /** 24 | * The parameters could suit the credentials mechanism being used. 25 | */ 26 | @OnAuthentication 27 | public Principal getPrincipal(String username, String password) { 28 | // Construct the principal using the user service. 29 | return null; 30 | } 31 | 32 | @OnAuthorization 33 | public String[] getRoles(Principal principal) { 34 | // Construct an array of roles using the principal and user service. } 35 | return null; 36 | } 37 | } 38 | ``` 39 | 40 | The exact sematics here is not important, just the general concept. I would hope this could be sorted out in the relevant expert group/groups. I know this is easier said than done. However, if Resin can do it (kind of), it can't be that hard either. 41 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store-b/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 20 | 4.0.0 21 | 22 | 23 | net.java.jsr375 24 | identity-store 25 | 1.0-SNAPSHOT 26 | 27 | 28 | simple-annotated-identity-store-b 29 | 30 | 31 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store-b/src/main/java/javax/security/auth/IdentityStore.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | @java.lang.annotation.Target({java.lang.annotation.ElementType.TYPE}) 48 | @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.RUNTIME) 49 | public @interface IdentityStore { 50 | } 51 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store-b/src/main/java/javax/security/auth/OnAuthentication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | import static java.lang.annotation.ElementType.METHOD; 48 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 49 | 50 | @java.lang.annotation.Target({METHOD}) 51 | @java.lang.annotation.Retention(RUNTIME) 52 | public @interface OnAuthentication { 53 | } 54 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store-b/src/main/java/javax/security/auth/OnAuthorization.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | import static java.lang.annotation.ElementType.METHOD; 48 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 49 | 50 | @java.lang.annotation.Target({METHOD}) 51 | @java.lang.annotation.Retention(RUNTIME) 52 | public @interface OnAuthorization { 53 | } 54 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store-b/src/main/java/javax/security/auth/UserService.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | /** 48 | * As of yet, undefined User Store 49 | */ 50 | public class UserService { 51 | } 52 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store/README.adoc: -------------------------------------------------------------------------------- 1 | # simple-annotated-identity-store 2 | 3 | https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-10 4 | 5 | From: Arjan Tijms 6 | 7 | Following the presence of such simplified login module in the application, the following should hold: 8 | 9 | - The application is considered to be in a default security realm. 10 | - The application will make use of this security realm (no explicit mention in web.xml required). 11 | - Whenever a container login is triggered, MyAuthenticator is used for authentication (only username/password supported of course) 12 | - If authentication succeeds, the String returned by getUserName will be what HttpServletRequest#getUserPrincipal.getName() and corresponding methods in EJB etc return. 13 | - For each String inside the list returned by getApplicationRoles, methods like HttpServletRequest#isUserInRole will return true, and annotations like @RolesAllowed referencing those will be considered satisfied. 14 | - No upfront declaration of roles in any descriptor is required. 15 | - The roles returned by getApplicationRoles should be directly useable in the application. Specifically, things as (vendor specific) group to role mappings (such as what happens in GlassFish) should not be required. 16 | 17 | Example of standardized installation of a JASPI authentication module in application.xml or web.xml: 18 | 19 | ``` 20 | 21 | my.example.HTTPBasicServerAuthModule 22 | 23 | usersProperties 24 | somepath/users.properties 25 | 26 | 27 | ``` 28 | 29 | Alternatively, the presence of a JASPIC authentication module inside the application annotated with a special annotation (perhaps the same one as used for the simplified identity store), can have the same effect of having the module automatically installed. 30 | 31 | Like the simplified identity store, when such a JASPIC authentication module is declared in an application, no further configuration, role mapping or role declarations should be required, other than those that are specific for the authentication module itself. 32 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | 7 | net.java.jsr375 8 | identity-store 9 | 1.0-SNAPSHOT 10 | 11 | simple-annotated-identity-store 12 | 13 | 14 | 15 | com.mycila 16 | license-maven-plugin 17 | 18 | 19 | 20 | 21 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store/src/main/java/javax/security/auth/AppIdentityStore.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | import static java.lang.annotation.ElementType.TYPE; 48 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 49 | 50 | @java.lang.annotation.Target({TYPE}) 51 | @java.lang.annotation.Retention(RUNTIME) 52 | public @interface AppIdentityStore { 53 | } 54 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store/src/main/java/javax/security/auth/PasswordIdentityStore.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | import javax.security.auth.login.FailedLoginException; 48 | import java.util.List; 49 | 50 | public interface PasswordIdentityStore { 51 | 52 | public void authenticate(String name, String password) throws FailedLoginException; 53 | 54 | public String getUserName(); 55 | 56 | public List getApplicationRoles(); 57 | 58 | } 59 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store/src/main/java/javax/security/auth/User.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | import java.util.List; 48 | 49 | public interface User { 50 | 51 | public String getName(); 52 | 53 | public List getRoles(); 54 | } 55 | -------------------------------------------------------------------------------- /authentication/identity-store/simple-annotated-identity-store/src/main/java/javax/security/auth/UserService.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | public interface UserService { 48 | public User getByNameAndPassword(String name, String password); 49 | } 50 | -------------------------------------------------------------------------------- /authentication/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | 5 | 6 | net.java.jsr375 7 | jsr375-proposals 8 | 1.0-SNAPSHOT 9 | 10 | 11 | authentication 12 | pom 13 | 14 | Java EE Security Proposals: Authentication 15 | 16 | 17 | authentication-mechanism 18 | 19 | 20 | -------------------------------------------------------------------------------- /authorization/interceptor/el-authorization/.gitignore: -------------------------------------------------------------------------------- 1 | /.classpath 2 | /.project 3 | -------------------------------------------------------------------------------- /authorization/interceptor/el-authorization/README.adoc: -------------------------------------------------------------------------------- 1 | # el-authorization 2 | 3 | 4 | https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-7 5 | 6 | From: Reza Rahman 7 | -------------------------------------------------------------------------------- /authorization/interceptor/el-authorization/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 20 | 4.0.0 21 | 22 | 23 | net.java.jsr375 24 | interceptor 25 | 1.0-SNAPSHOT 26 | 27 | 28 | el-authorization 29 | 30 | 31 | -------------------------------------------------------------------------------- /authorization/interceptor/el-authorization/src/main/java/javax/security/auth/EvaluateSecured.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | public @interface EvaluateSecured { 48 | String value(); 49 | } 50 | -------------------------------------------------------------------------------- /authorization/interceptor/jaxrs-http-constraints/README.adoc: -------------------------------------------------------------------------------- 1 | # jaxrs-http-constraints 2 | -------------------------------------------------------------------------------- /authorization/interceptor/jaxrs-http-constraints/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 20 | 4.0.0 21 | 22 | 23 | net.java.jsr375 24 | interceptor 25 | 1.0-SNAPSHOT 26 | 27 | 28 | jaxrs-http-constraints 29 | 30 | 31 | -------------------------------------------------------------------------------- /authorization/interceptor/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | 5 | 6 | net.java.jsr375 7 | authorization 8 | 1.0-SNAPSHOT 9 | ../pom.xml 10 | 11 | 12 | interceptor 13 | pom 14 | 15 | Java EE Security Proposals: Authorization - Interceptor 16 | 17 | 18 | el-authorization 19 | jaxrs-http-constraints 20 | securitybindingtypeinterceptor 21 | voter 22 | 23 | 24 | -------------------------------------------------------------------------------- /authorization/interceptor/securitybindingtypeinterceptor/README.adoc: -------------------------------------------------------------------------------- 1 | # securitybindingtypeinterceptor 2 | -------------------------------------------------------------------------------- /authorization/interceptor/securitybindingtypeinterceptor/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 20 | 4.0.0 21 | 22 | 23 | net.java.jsr375 24 | interceptor 25 | 1.0-SNAPSHOT 26 | 27 | 28 | securitybindingtypeinterceptor 29 | 30 | 31 | -------------------------------------------------------------------------------- /authorization/interceptor/securitybindingtypeinterceptor/src/main/java/javax/security/auth/SecurityBindingType.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth; 41 | 42 | import static java.lang.annotation.ElementType.TYPE; 43 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 44 | 45 | import java.lang.annotation.Documented; 46 | import java.lang.annotation.Retention; 47 | import java.lang.annotation.Target; 48 | 49 | /** 50 | * Applied to an annotation to indicate that it is a security binding type 51 | * @author The Apache DeltaSpike Team 52 | */ 53 | @Target(TYPE) 54 | @Retention(RUNTIME) 55 | @Documented 56 | public @interface SecurityBindingType { 57 | } 58 | -------------------------------------------------------------------------------- /authorization/interceptor/securitybindingtypeinterceptor/src/main/java/org/acme/mysecurityhandler/PermissionRequired.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme.mysecurityhandler; 41 | 42 | import javax.enterprise.util.Nonbinding; 43 | import javax.security.auth.SecurityBindingType; 44 | 45 | /** 46 | * Sample for a custom permission annotation. 47 | * 48 | * @author Mark Struberg 49 | */ 50 | @SecurityBindingType 51 | public @interface PermissionRequired { 52 | /** 53 | * List of permissions. Execution should be permitted if the user has 54 | * any of these permissions. 55 | * 56 | * @return the list of permissions 57 | */ 58 | @Nonbinding 59 | String[] value() default {}; 60 | } 61 | -------------------------------------------------------------------------------- /authorization/interceptor/voter/README.adoc: -------------------------------------------------------------------------------- 1 | # voter 2 | -------------------------------------------------------------------------------- /authorization/interceptor/voter/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 20 | 4.0.0 21 | 22 | 23 | net.java.jsr375 24 | interceptor 25 | 1.0-SNAPSHOT 26 | 27 | 28 | voter 29 | 30 | 31 | -------------------------------------------------------------------------------- /authorization/interceptor/voter/src/main/java/javax/security/auth/AccessDecisionVoter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth; 41 | 42 | import javax.interceptor.InvocationContext; 43 | 44 | /** 45 | * 46 | */ 47 | public interface AccessDecisionVoter { 48 | 49 | // Throws EJBAccessException when voter determines the subject/principal has no access. 50 | void checkPermission(InvocationContext context); 51 | } 52 | -------------------------------------------------------------------------------- /authorization/interceptor/voter/src/main/java/javax/security/auth/Voter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth; 41 | 42 | import javax.interceptor.InterceptorBinding; 43 | import java.lang.annotation.ElementType; 44 | import java.lang.annotation.Inherited; 45 | import java.lang.annotation.Target; 46 | 47 | /** 48 | * 49 | */ 50 | @Inherited 51 | @InterceptorBinding 52 | @Target({ElementType.TYPE, ElementType.METHOD}) 53 | public @interface Voter { 54 | 55 | Class value(); 56 | } 57 | -------------------------------------------------------------------------------- /authorization/interceptor/voter/src/main/java/javax/security/auth/VoterInterceptorBinding.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth; 41 | 42 | import javax.interceptor.InterceptorBinding; 43 | import java.lang.annotation.*; 44 | 45 | /** 46 | * 47 | */ 48 | @Inherited 49 | @InterceptorBinding 50 | @Target({ElementType.TYPE, ElementType.METHOD}) 51 | @Retention(RetentionPolicy.RUNTIME) 52 | public @interface VoterInterceptorBinding { 53 | } 54 | -------------------------------------------------------------------------------- /authorization/interceptor/voter/src/main/java/org/acme/OrderRepository.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme; 41 | 42 | import org.acme.model.Order; 43 | 44 | import javax.ejb.Stateless; 45 | import javax.security.auth.Voter; 46 | 47 | /** 48 | * 49 | */ 50 | @Stateless 51 | public class OrderRepository { 52 | 53 | 54 | @Voter(CheckCustomerInPortfolio.class) 55 | public void placeOrder(Order order) { 56 | 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /authorization/interceptor/voter/src/main/java/org/acme/model/Customer.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme.model; 41 | 42 | /** 43 | * 44 | */ 45 | public class Customer { 46 | } 47 | -------------------------------------------------------------------------------- /authorization/interceptor/voter/src/main/java/org/acme/model/Order.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme.model; 41 | 42 | /** 43 | * 44 | */ 45 | public class Order { 46 | 47 | private Customer customer; 48 | 49 | public Customer getCustomer() { 50 | return customer; 51 | } 52 | 53 | public void setCustomer(Customer customer) { 54 | this.customer = customer; 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /authorization/named-permissions/README.adoc: -------------------------------------------------------------------------------- 1 | # named-permissions 2 | 3 | Named Permissions are defined in the [Octopus](https://bitbucket.org/contribute-bitbucket/javaeesecurityfirst) framework and are an extension to the DomainPermissions of Apache Shiro (see [Permissions in shiro](https://shiro.apache.org/permissions.html). 4 | 5 | The name is just an nicer way to refer to a permission (_OrderCreate_ instead of _order:create_ but more descriptive name can be given for some less saying permissions. 6 | 7 | This corresponds to the Jira issue 14 [Introduce Concept of Permissions in Authorization](https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-14) 8 | 9 | ## Implied permissions 10 | 11 | An important aspect of the *DomainPermission*s in Shiro are the possibility to have implied permissions through the use of wild cards. 12 | 13 | So a user who has the permission _order_ has also the permission _oder:create_. 14 | 15 | ## PermissionsRequired 16 | 17 | This is like the *RolesAllowed* annotation but then based on the NamedPermission concept. 18 | 19 | ## Scenario how it can work. 20 | 21 | There needs to be a list of all permissions which are available in the application (just like for the roles). The can be defined by configuration (XML) but also pragmatically. 22 | 23 | When the code encounters the @PermissionsRequired annotation, it retrieves from the central location the permissions object. And verifies if the Caller/Subject has the permission (implied or directly, this doesn't matter). 24 | 25 | The implementation of this check is done in javax.security.auth.NamedPermission#implies(NamedPermission) 26 | 27 | 28 | -------------------------------------------------------------------------------- /authorization/named-permissions/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | 7 | net.java.jsr375 8 | authorization 9 | 1.0-SNAPSHOT 10 | 11 | 12 | named-permissions 13 | 14 | 15 | -------------------------------------------------------------------------------- /authorization/named-permissions/src/main/java/javax/security/auth/PermissionsRequired.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth; 41 | 42 | import java.lang.annotation.*; 43 | 44 | 45 | /** 46 | * 47 | */ 48 | 49 | 50 | @Documented 51 | @Retention(RetentionPolicy.RUNTIME) 52 | @Target({ElementType.TYPE, ElementType.METHOD}) 53 | public @interface PermissionsRequired { 54 | String[] value(); 55 | } -------------------------------------------------------------------------------- /authorization/named-permissions/src/main/java/org/acme/Order.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme; 41 | 42 | /** 43 | * The order model class 44 | */ 45 | public class Order { 46 | } 47 | -------------------------------------------------------------------------------- /authorization/named-permissions/src/main/java/org/acme/OrderBoundary.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme; 41 | 42 | import javax.ejb.Stateless; 43 | import javax.ejb.TransactionAttribute; 44 | import javax.ejb.TransactionAttributeType; 45 | import javax.security.auth.PermissionsRequired; 46 | 47 | /** 48 | * 49 | */ 50 | @Stateless 51 | @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW) 52 | public class OrderBoundary { 53 | 54 | @PermissionsRequired("OrderCreate") 55 | public void createOrder(Order order) { 56 | // Do with the order what you need to do. ... 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /authorization/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | 5 | 6 | net.java.jsr375 7 | jsr375-proposals 8 | 1.0-SNAPSHOT 9 | ../pom.xml 10 | 11 | 12 | authorization 13 | pom 14 | 15 | Java EE Security Proposals: Authorization 16 | 17 | 18 | interceptor 19 | named-permissions 20 | sudo-like-runas 21 | 22 | 23 | -------------------------------------------------------------------------------- /authorization/sudo-like-runas/README.adoc: -------------------------------------------------------------------------------- 1 | # sudo-like-runas 2 | 3 | JAVAEE_SECURITY_SPEC-16 - @RolesAllowed and @RunAs combinations 4 | 5 | From: David Blevins 6 | -------------------------------------------------------------------------------- /authorization/sudo-like-runas/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 20 | 4.0.0 21 | 22 | 23 | net.java.jsr375 24 | authorization 25 | 1.0-SNAPSHOT 26 | 27 | 28 | sudo-like-runas 29 | 30 | 31 | -------------------------------------------------------------------------------- /authorization/sudo-like-runas/src/main/java/javax/security/auth/RunAs.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package javax.security.auth; 41 | 42 | import java.lang.annotation.ElementType; 43 | 44 | @java.lang.annotation.Documented 45 | @java.lang.annotation.Retention(java.lang.annotation.RetentionPolicy.RUNTIME) 46 | @java.lang.annotation.Target({java.lang.annotation.ElementType.TYPE, ElementType.METHOD}) 47 | public @interface RunAs { 48 | java.lang.String value(); 49 | } -------------------------------------------------------------------------------- /authorization/sudo-like-runas/src/main/java/org/acme/LogsBean.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme; 41 | 42 | import javax.annotation.security.RolesAllowed; 43 | import javax.enterprise.context.RequestScoped; 44 | import java.io.File; 45 | 46 | @RequestScoped 47 | @RolesAllowed("root") 48 | public class LogsBean { 49 | 50 | public void delete(File file) { 51 | // 52 | } 53 | 54 | public void add(File file) { 55 | // 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /overall/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | 5 | 6 | net.java.jsr375 7 | jsr375-proposals 8 | 1.0-SNAPSHOT 9 | ../pom.xml 10 | 11 | 12 | overall 13 | pom 14 | 15 | Java EE Security Proposals: Overall 16 | 17 | 18 | standard-caller-and-group-principals 19 | standard-security-context 20 | 21 | 22 | -------------------------------------------------------------------------------- /overall/standard-caller-and-group-principals/README.adoc: -------------------------------------------------------------------------------- 1 | # standard-caller-and-group-principals 2 | 3 | https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-11 4 | 5 | From: Arjan Tijms 6 | -------------------------------------------------------------------------------- /overall/standard-caller-and-group-principals/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 12 | 14 | 4.0.0 15 | 16 | 17 | net.java.jsr375 18 | overall 19 | 1.0-SNAPSHOT 20 | 21 | 22 | standard-caller-and-group-principals 23 | 24 | 25 | 26 | 27 | com.mycila 28 | license-maven-plugin 29 | 30 |
../../src/license/header.txt
31 | 32 | ../../src/license/headers.xml 33 | 34 | 35 | 36 | 37 | 38 | 39 | -------------------------------------------------------------------------------- /overall/standard-caller-and-group-principals/src/main/java/javax/security/auth/CallerPrincipal.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | import java.security.Principal; 48 | 49 | /** 50 | * A javax.security.auth.Subject would be allowed to have 51 | * exactly one CallerPrincipal in the Subject.principals list 52 | */ 53 | public interface CallerPrincipal extends Principal { 54 | 55 | } 56 | -------------------------------------------------------------------------------- /overall/standard-caller-and-group-principals/src/main/java/javax/security/auth/GroupPrincipal.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | // 41 | // This source code implements specifications defined by the Java 42 | // Community Process. In order to remain compliant with the specification 43 | // DO NOT add / change / or delete method signatures! 44 | // 45 | package javax.security.auth; 46 | 47 | import java.security.Principal; 48 | 49 | /** 50 | * A javax.security.auth.Subject would be allowed to have 51 | * zero to many GroupPrincipal in the Subject.principals list 52 | */ 53 | public interface GroupPrincipal extends Principal { 54 | 55 | } 56 | -------------------------------------------------------------------------------- /overall/standard-security-context/README.adoc: -------------------------------------------------------------------------------- 1 | # standard-security-context 2 | 3 | https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-12 4 | 5 | From: Arjan Tijms 6 | -------------------------------------------------------------------------------- /overall/standard-security-context/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | 7 | net.java.jsr375 8 | overall 9 | 1.0-SNAPSHOT 10 | 11 | 12 | standard-security-context 13 | 14 | 15 | 16 | 17 | com.mycila 18 | license-maven-plugin 19 | 20 |
../../src/license/header.txt
21 | 22 | ../../src/license/headers.xml 23 | 24 | 25 | 26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /overall/standard-security-context/src/main/java/org/acme/ee7/MyCdiBean.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme.ee7; 41 | 42 | import javax.enterprise.context.RequestScoped; 43 | 44 | @RequestScoped 45 | public class MyCdiBean { 46 | 47 | // Oh snap! No SecurityContext class for CDI 48 | } 49 | -------------------------------------------------------------------------------- /overall/standard-security-context/src/main/java/org/acme/ee7/MyEjb.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme.ee7; 41 | 42 | import javax.annotation.Resource; 43 | import javax.ejb.SessionContext; 44 | import javax.ejb.Singleton; 45 | 46 | @Singleton 47 | public class MyEjb { 48 | 49 | @Resource 50 | private SessionContext sessionContext; 51 | 52 | public String sayHello() { 53 | 54 | if (sessionContext.isCallerInRole("admin")) { 55 | return "Hello World!"; 56 | } 57 | 58 | throw new SecurityException("User is unauthorized."); 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /overall/standard-security-context/src/main/java/org/acme/ee7/MyService.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme.ee7; 41 | 42 | import javax.ws.rs.GET; 43 | import javax.ws.rs.Path; 44 | import javax.ws.rs.Produces; 45 | import javax.ws.rs.core.Context; 46 | import javax.ws.rs.core.SecurityContext; 47 | 48 | public class MyService { 49 | 50 | @GET 51 | @Produces("text/plain;charset=UTF-8") 52 | @Path("/hello") 53 | public String sayHello(@Context SecurityContext sc) { 54 | 55 | if (sc.isUserInRole("admin")) { 56 | return "Hello World!"; 57 | } 58 | 59 | throw new SecurityException("User is unauthorized."); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /overall/standard-security-context/src/main/java/org/acme/ee7/MyServlet.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme.ee7; 41 | 42 | import javax.annotation.Resource; 43 | import javax.servlet.ServletException; 44 | import javax.servlet.http.HttpServlet; 45 | import javax.servlet.http.HttpServletRequest; 46 | import javax.servlet.http.HttpServletResponse; 47 | import java.io.IOException; 48 | 49 | public class MyServlet extends HttpServlet { 50 | 51 | @Override 52 | protected void doGet(HttpServletRequest request, HttpServletResponse resp) throws ServletException, IOException { 53 | 54 | if (request.isUserInRole("admin")) { 55 | // do something 56 | } 57 | 58 | throw new ServletException("User is unauthorized."); 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /overall/standard-security-context/src/main/java/org/acme/ee8/MyFutureCdiBean.java: -------------------------------------------------------------------------------- 1 | /* 2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 | * 4 | * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. 5 | * 6 | * The contents of this file are subject to the terms of either the GNU 7 | * General Public License Version 2 only ("GPL") or the Common Development 8 | * and Distribution License("CDDL") (collectively, the "License"). You 9 | * may not use this file except in compliance with the License. You can 10 | * obtain a copy of the License at 11 | * http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 12 | * or packager/legal/LICENSE.txt. See the License for the specific 13 | * language governing permissions and limitations under the License. 14 | * 15 | * When distributing the software, include this License Header Notice in each 16 | * file and include the License file at packager/legal/LICENSE.txt. 17 | * 18 | * GPL Classpath Exception: 19 | * Oracle designates this particular file as subject to the "Classpath" 20 | * exception as provided by Oracle in the GPL Version 2 section of the License 21 | * file that accompanied this code. 22 | * 23 | * Modifications: 24 | * If applicable, add the following below the License Header, with the fields 25 | * enclosed by brackets [] replaced by your own identifying information: 26 | * "Portions Copyright [year] [name of copyright owner]" 27 | * 28 | * Contributor(s): 29 | * If you wish your version of this file to be governed by only the CDDL or 30 | * only the GPL Version 2, indicate your decision by adding "[Contributor] 31 | * elects to include this software in this distribution under the [CDDL or GPL 32 | * Version 2] license." If you don't indicate a single choice of license, a 33 | * recipient has the option to distribute your version of this file under 34 | * either the CDDL, the GPL Version 2 or to extend the choice of license to 35 | * its licensees as provided above. However, if you add GPL Version 2 code 36 | * and therefore, elected the GPL Version 2 license, then the option applies 37 | * only if the new code is made subject to such option by the copyright 38 | * holder. 39 | */ 40 | package org.acme.ee8; 41 | 42 | import javax.ejb.Singleton; 43 | import javax.inject.Inject; 44 | import javax.security.auth.SecurityContext; 45 | 46 | @Singleton 47 | public class MyFutureCdiBean { 48 | 49 | @Inject 50 | private SecurityContext securityContext; 51 | 52 | public String sayHello() { 53 | if (securityContext.isUserInRole("admin")) { 54 | return "Hello World!"; 55 | } 56 | 57 | throw new SecurityException("User is unauthorized."); 58 | } 59 | 60 | } 61 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4.0.0 3 | 4 | net.java.jsr375 5 | jsr375-proposals 6 | 1.0-SNAPSHOT 7 | pom 8 | 2015 9 | 10 | 11 | 12 | javax 13 | javaee-api 14 | 7.0 15 | 16 | 17 | 18 | 19 | authorization 20 | authentication 21 | overall 22 | 23 | 24 | 25 | 26 | 27 | 28 | org.apache.maven.plugins 29 | maven-surefire-plugin 30 | 2.18.1 31 | 32 | 33 | 34 | 35 | 36 | 37 | com.mycila 38 | license-maven-plugin 39 | 3.0 40 | 41 | 42 | 43 | check 44 | 45 | 46 | 47 | 48 |
src/license/header.txt
49 | 50 | Oracle 51 | 2016 52 | 53 | 54 | **/*.adoc 55 | **/*.launch 56 | **/*.sh 57 | **/pom.xml 58 | **/README 59 | **/settings.xml 60 | src/license/** 61 | src/test/resources/** 62 | src/main/resources/** 63 | 64 | 65 | src/license/headers.xml 66 | 67 | 68 | JAVA_STYLE 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | org.apache.maven.plugins 78 | maven-compiler-plugin 79 | 80 | true 81 | 1.8 82 | 1.8 83 | 84 | 85 | 86 | 87 | 88 | 89 | -------------------------------------------------------------------------------- /src/README.md: -------------------------------------------------------------------------------- 1 | # License Maven Plugin 2 | To treat license headers in a unified and compliant way, this project uses the Mycila Licnse Maven Plugin 3 | http://code.mycila.com/license-maven-plugin/ 4 | 5 | In a (non-POM) project simply add: 6 | 7 | ``` 8 | 9 | 10 | 11 | com.mycila 12 | license-maven-plugin 13 | 14 | 15 | 16 | ``` 17 | 18 | to the project's POM. 19 | 20 | Templates and settings defined in [license](license) are based on the entire project cloned. 21 | 22 | Should modules have a different hierarchy, it may be necessary to adjust the configuration of ``header`` and ``headerDefinition`` from the parent POM. -------------------------------------------------------------------------------- /src/call-identity-store-via-cdi-events-style-a license.launch: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /src/license/header.txt: -------------------------------------------------------------------------------- 1 | DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 2 | 3 | Copyright (c) ${project.inceptionYear}, ${currentYear} ${owner} and/or its affiliates. All rights reserved. 4 | 5 | The contents of this file are subject to the terms of either the GNU 6 | General Public License Version 2 only ("GPL") or the Common Development 7 | and Distribution License("CDDL") (collectively, the "License"). You 8 | may not use this file except in compliance with the License. You can 9 | obtain a copy of the License at 10 | http://glassfish.dev.java.net/public/CDDL+GPL_1_1.html 11 | or packager/legal/LICENSE.txt. See the License for the specific 12 | language governing permissions and limitations under the License. 13 | 14 | When distributing the software, include this License Header Notice in each 15 | file and include the License file at packager/legal/LICENSE.txt. 16 | 17 | GPL Classpath Exception: 18 | ${owner} designates this particular file as subject to the "Classpath" 19 | exception as provided by ${owner} in the GPL Version 2 section of the License 20 | file that accompanied this code. 21 | 22 | Modifications: 23 | If applicable, add the following below the License Header, with the fields 24 | enclosed by brackets [] replaced by your own identifying information: 25 | "Portions Copyright [year] [name of copyright owner]" 26 | 27 | Contributor(s): 28 | If you wish your version of this file to be governed by only the CDDL or 29 | only the GPL Version 2, indicate your decision by adding "[Contributor] 30 | elects to include this software in this distribution under the [CDDL or GPL 31 | Version 2] license." If you don't indicate a single choice of license, a 32 | recipient has the option to distribute your version of this file under 33 | either the CDDL, the GPL Version 2 or to extend the choice of license to 34 | its licensees as provided above. However, if you add GPL Version 2 code 35 | and therefore, elected the GPL Version 2 license, then the option applies 36 | only if the new code is made subject to such option by the copyright 37 | holder. 38 | -------------------------------------------------------------------------------- /src/license/headers.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | /* 5 | * 6 | */ 7 | 8 | 9 | (\s|\t)*/\*.*$ 10 | .*\*/(\s|\t)*$ 11 | false 12 | true 13 | false 14 | 15 | 16 | --------------------------------------------------------------------------------