Unverified 提交 f3bc4ccf authored 作者: Evgenij Ryazanov's avatar Evgenij Ryazanov 提交者: GitHub

Merge pull request #1221 from mysinmyc/xml_issue

Fix for issue #1220
......@@ -14,8 +14,6 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.xml.bind.JAXB;
import org.h2.api.CredentialsValidator;
import org.h2.api.UserToRolesMapper;
import org.h2.engine.Database;
......@@ -237,7 +235,7 @@ public class DefaultAuthenticator implements Authenticator {
* @throws Exception
*/
public void configureFromUrl(URL configUrl) throws Exception {
H2AuthConfig config = JAXB.unmarshal(configUrl, H2AuthConfig.class);
H2AuthConfig config = H2AuthConfigXml.parseFrom(configUrl);
configureFrom(config);
}
......
......@@ -8,20 +8,11 @@ package org.h2.security.auth;
import java.util.ArrayList;
import java.util.List;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Describe configuration of H2 DefaultAuthenticator
*/
@XmlRootElement(name = "h2Auth")
@XmlAccessorType(XmlAccessType.FIELD)
public class H2AuthConfig {
@XmlAttribute
private boolean allowUserRegistration=true;
public boolean isAllowUserRegistration() {
......@@ -31,8 +22,7 @@ public class H2AuthConfig {
public void setAllowUserRegistration(boolean allowUserRegistration) {
this.allowUserRegistration = allowUserRegistration;
}
@XmlAttribute
boolean createMissingRoles=true;
public boolean isCreateMissingRoles() {
......@@ -43,7 +33,6 @@ public class H2AuthConfig {
this.createMissingRoles = createMissingRoles;
}
@XmlElement(name = "realm")
List<RealmConfig> realms;
public List<RealmConfig> getRealms() {
......@@ -57,7 +46,6 @@ public class H2AuthConfig {
this.realms = realms;
}
@XmlElement(name = "userToRolesMapper")
List<UserToRolesMapperConfig> userToRolesMappers;
public List<UserToRolesMapperConfig> getUserToRolesMappers() {
......
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package org.h2.security.auth;
import java.io.InputStream;
import java.net.URL;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import org.xml.sax.Attributes;
import org.xml.sax.SAXException;
import org.xml.sax.helpers.DefaultHandler;
/**
* Parser of external authentication XML configuration file
*/
public class H2AuthConfigXml extends DefaultHandler{
H2AuthConfig result;
HasConfigProperties lastConfigProperties;
@Override
public void startElement(String uri, String localName, String qName, Attributes attributes) throws SAXException {
switch (qName) {
case "h2Auth":
result = new H2AuthConfig();
result.setAllowUserRegistration("true".equals(
getAttributeValueOr("allowUserRegistration",attributes,"false")));
result.setCreateMissingRoles("true".equals(
getAttributeValueOr("createMissingRoles",attributes, "true")));
break;
case "realm":
RealmConfig realmConfig = new RealmConfig();
realmConfig.setName(getMandatoryAttributeValue("name", attributes));
realmConfig.setValidatorClass(getMandatoryAttributeValue("validatorClass", attributes));
result.getRealms().add(realmConfig);
lastConfigProperties=realmConfig;
break;
case "userToRolesMapper":
UserToRolesMapperConfig userToRolesMapperConfig = new UserToRolesMapperConfig();
userToRolesMapperConfig.setClassName(getMandatoryAttributeValue("className", attributes));
result.getUserToRolesMappers().add(userToRolesMapperConfig);
lastConfigProperties=userToRolesMapperConfig;
break;
case "property":
if (lastConfigProperties==null) {
throw new SAXException("property element in the wrong place");
}
lastConfigProperties.getProperties().add(new PropertyConfig(
getMandatoryAttributeValue("name", attributes),
getMandatoryAttributeValue("value", attributes)));
break;
default:
throw new SAXException("unexpected element "+qName);
}
}
@Override
public void endElement(String uri, String localName, String qName) throws SAXException {
if (lastConfigProperties!=null && qName.equals("property")==false) {
lastConfigProperties=null;
}
}
static String getMandatoryAttributeValue(String attributeName, Attributes attributes) throws SAXException {
String attributeValue=attributes.getValue(attributeName);
if (attributeValue==null || attributeValue.trim().equals("")) {
throw new SAXException("missing attribute "+attributeName);
}
return attributeValue;
}
static String getAttributeValueOr(String attributeName, Attributes attributes, String defaultValue) {
String attributeValue=attributes.getValue(attributeName);
if (attributeValue==null || attributeValue.trim().equals("")) {
return defaultValue;
}
return attributeValue;
}
public H2AuthConfig getResult() {
return result;
}
/**
* Parse the xml
* @param url
* @return
* @throws Exception
*/
public static H2AuthConfig parseFrom(URL url) throws Exception{
try (InputStream inputStream= url.openStream()) {
return parseFrom(inputStream);
}
}
public static H2AuthConfig parseFrom(InputStream inputStream) throws Exception{
SAXParser saxParser = SAXParserFactory.newInstance().newSAXParser();
H2AuthConfigXml xmlHandler = new H2AuthConfigXml();
saxParser.parse(inputStream,xmlHandler);
return xmlHandler.getResult();
}
}
/*
* Copyright 2004-2018 H2 Group. Multiple-Licensed under the MPL 2.0,
* and the EPL 1.0 (http://h2database.com/html/license.html).
* Initial Developer: Alessandro Ventura
*/
package org.h2.security.auth;
import java.util.List;
public interface HasConfigProperties {
List<PropertyConfig> getProperties();
}
......@@ -5,20 +5,13 @@
*/
package org.h2.security.auth;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
/**
* Configuration property
*/
@XmlAccessorType(XmlAccessType.FIELD)
public class PropertyConfig {
@XmlAttribute(required = true)
private String name;
@XmlAttribute
private String value;
public PropertyConfig() {
......
......@@ -8,18 +8,8 @@ package org.h2.security.auth;
import java.util.ArrayList;
import java.util.List;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
public class RealmConfig implements HasConfigProperties{
/**
* Configuration for authentication realm.
*/
@XmlAccessorType(XmlAccessType.FIELD)
public class RealmConfig {
@XmlAttribute(required = true)
private String name;
public String getName() {
......@@ -30,7 +20,6 @@ public class RealmConfig {
this.name = name;
}
@XmlAttribute(required = true)
String validatorClass;
public String getValidatorClass() {
......@@ -41,7 +30,6 @@ public class RealmConfig {
this.validatorClass = validatorClass;
}
@XmlElement(name = "property")
List<PropertyConfig> properties;
public List<PropertyConfig> getProperties() {
......
......@@ -8,21 +8,10 @@ package org.h2.security.auth;
import java.util.ArrayList;
import java.util.List;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
public class UserToRolesMapperConfig implements HasConfigProperties{
/**
* Configuration for class that maps users to roles.
*/
@XmlAccessorType(XmlAccessType.FIELD)
public class UserToRolesMapperConfig {
@XmlAttribute(required = true, name="class")
private String className;
@XmlElement(name = "property")
private List<PropertyConfig> properties;
public String getClassName() {
......
......@@ -5,6 +5,7 @@
*/
package org.h2.test.auth;
import java.io.ByteArrayInputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
......@@ -25,6 +26,8 @@ import org.h2.engine.Session;
import org.h2.engine.User;
import org.h2.jdbcx.JdbcConnectionPool;
import org.h2.security.auth.DefaultAuthenticator;
import org.h2.security.auth.H2AuthConfig;
import org.h2.security.auth.H2AuthConfigXml;
import org.h2.security.auth.impl.AssignRealmNameRole;
import org.h2.security.auth.impl.JaasCredentialsValidator;
import org.h2.security.auth.impl.StaticRolesMapper;
......@@ -134,6 +137,7 @@ public class TestAuthentication extends TestBase {
testUserRegistration();
testSet();
testDatasource();
testXmlConfig();
}
protected void testInvalidPassword() throws Exception {
......@@ -274,4 +278,28 @@ public class TestAuthentication extends TestBase {
}
testExternalUser();
}
static final String TESTXML="<h2Auth allowUserRegistration=\"true\" createMissingRoles=\"false\">"
+ "<realm name=\"ciao\" validatorClass=\"myclass\"/>"
+ "<realm name=\"miao\" validatorClass=\"myclass1\">"
+ "<property name=\"prop1\" value=\"value1\"/>"
+ "<userToRolesMapper className=\"class1\">"
+ "<property name=\"prop2\" value=\"value2\"/>"
+ "</userToRolesMapper>"
+ "</realm>"
+ "</h2Auth>";
protected void testXmlConfig() throws Exception {
ByteArrayInputStream inputStream = new ByteArrayInputStream(TESTXML.getBytes());
H2AuthConfig config = H2AuthConfigXml.parseFrom(inputStream);
assertTrue(config.isAllowUserRegistration());
assertFalse(config.isCreateMissingRoles());
assertEquals("ciao",config.getRealms().get(0).getName());
assertEquals("myclass",config.getRealms().get(0).getValidatorClass());
assertEquals("prop1",config.getRealms().get(1).getProperties().get(0).getName());
assertEquals("value1",config.getRealms().get(1).getProperties().get(0).getValue());
assertEquals("class1",config.getUserToRolesMappers().get(0).getClassName());
assertEquals("prop2",config.getUserToRolesMappers().get(0).getProperties().get(0).getName());
assertEquals("value2",config.getUserToRolesMappers().get(0).getProperties().get(0).getValue());
}
}
\ No newline at end of file
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论