Examples with CombinedRealm - org.apache.catalina.realm.CombinedRealm

Example 1 with CombinedRealm

use of org.apache.catalina.realm.CombinedRealm in project tomcat by apache.

the class TestRegistration method testMBeanDeregistration.

/*
     * Test verifying that Tomcat correctly de-registers the MBeans it has
     * registered.
     * @author Marc Guillemot
     */
@Test
public void testMBeanDeregistration() throws Exception {
    final MBeanServer mbeanServer = Registry.getRegistry(null, null).getMBeanServer();
    // Verify there are no Catalina or Tomcat MBeans
    Set<ObjectName> onames = mbeanServer.queryNames(new ObjectName("Catalina:*"), null);
    log.info(MBeanDumper.dumpBeans(mbeanServer, onames));
    assertEquals("Unexpected: " + onames, 0, onames.size());
    onames = mbeanServer.queryNames(new ObjectName("Tomcat:*"), null);
    log.info(MBeanDumper.dumpBeans(mbeanServer, onames));
    assertEquals("Unexpected: " + onames, 0, onames.size());
    final Tomcat tomcat = getTomcatInstance();
    final File contextDir = new File(getTemporaryDirectory(), "webappFoo");
    addDeleteOnTearDown(contextDir);
    if (!contextDir.mkdirs() && !contextDir.isDirectory()) {
        fail("Failed to create: [" + contextDir.toString() + "]");
    }
    Context ctx = tomcat.addContext(contextName, contextDir.getAbsolutePath());
    CombinedRealm combinedRealm = new CombinedRealm();
    Realm nullRealm = new NullRealm();
    combinedRealm.addRealm(nullRealm);
    ctx.setRealm(combinedRealm);
    tomcat.start();
    getUrl("http://localhost:" + getPort());
    // Verify there are no Catalina MBeans
    onames = mbeanServer.queryNames(new ObjectName("Catalina:*"), null);
    log.info(MBeanDumper.dumpBeans(mbeanServer, onames));
    assertEquals("Found: " + onames, 0, onames.size());
    // Verify there are the correct Tomcat MBeans
    onames = mbeanServer.queryNames(new ObjectName("Tomcat:*"), null);
    ArrayList<String> found = new ArrayList<>(onames.size());
    for (ObjectName on : onames) {
        found.add(on.toString());
    }
    // Create the list of expected MBean names
    String protocol = tomcat.getConnector().getProtocolHandlerClassName();
    if (protocol.indexOf("Nio2") > 0) {
        protocol = "nio2";
    } else if (protocol.indexOf("Apr") > 0) {
        protocol = "apr";
    } else {
        protocol = "nio";
    }
    String index = tomcat.getConnector().getProperty("nameIndex").toString();
    ArrayList<String> expected = new ArrayList<>(Arrays.asList(basicMBeanNames()));
    expected.addAll(Arrays.asList(hostMBeanNames("localhost")));
    expected.addAll(Arrays.asList(contextMBeanNames("localhost", contextName)));
    expected.addAll(Arrays.asList(connectorMBeanNames("auto-" + index, protocol)));
    expected.addAll(Arrays.asList(optionalMBeanNames("localhost")));
    expected.addAll(Arrays.asList(requestMBeanNames("auto-" + index + "-" + getPort(), protocol)));
    // Did we find all expected MBeans?
    ArrayList<String> missing = new ArrayList<>(expected);
    missing.removeAll(found);
    assertTrue("Missing Tomcat MBeans: " + missing, missing.isEmpty());
    // Did we find any unexpected MBeans?
    List<String> additional = found;
    additional.removeAll(expected);
    assertTrue("Unexpected Tomcat MBeans: " + additional, additional.isEmpty());
    tomcat.stop();
    // There should still be some Tomcat MBeans
    onames = mbeanServer.queryNames(new ObjectName("Tomcat:*"), null);
    assertTrue("No Tomcat MBeans", onames.size() > 0);
    // add a new host
    StandardHost host = new StandardHost();
    host.setName("otherhost");
    tomcat.getEngine().addChild(host);
    final File contextDir2 = new File(getTemporaryDirectory(), "webappFoo2");
    addDeleteOnTearDown(contextDir2);
    if (!contextDir2.mkdirs() && !contextDir2.isDirectory()) {
        fail("Failed to create: [" + contextDir2.toString() + "]");
    }
    tomcat.addContext(host, contextName + "2", contextDir2.getAbsolutePath());
    tomcat.start();
    tomcat.stop();
    tomcat.destroy();
    // There should be no Catalina MBeans and no Tomcat MBeans
    onames = mbeanServer.queryNames(new ObjectName("Catalina:*"), null);
    log.info(MBeanDumper.dumpBeans(mbeanServer, onames));
    assertEquals("Remaining: " + onames, 0, onames.size());
    onames = mbeanServer.queryNames(new ObjectName("Tomcat:*"), null);
    log.info(MBeanDumper.dumpBeans(mbeanServer, onames));
    assertEquals("Remaining: " + onames, 0, onames.size());
}

Also used : Context(org.apache.catalina.Context) Tomcat(org.apache.catalina.startup.Tomcat) CombinedRealm(org.apache.catalina.realm.CombinedRealm) ArrayList(java.util.ArrayList) NullRealm(org.apache.catalina.realm.NullRealm) ObjectName(javax.management.ObjectName) StandardHost(org.apache.catalina.core.StandardHost) File(java.io.File) CombinedRealm(org.apache.catalina.realm.CombinedRealm) NullRealm(org.apache.catalina.realm.NullRealm) Realm(org.apache.catalina.Realm) MBeanServer(javax.management.MBeanServer) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 2 with CombinedRealm

use of org.apache.catalina.realm.CombinedRealm in project fru-paqx-parent by dellemc-symphony.

the class ContextConfig method servletContainer.

@Bean
public /**
     * This container is required in order to implement the redirect from http 8080 to https 18443 in spring boot.
     * This means that http can continue to be used but will automatically redirect to https
     * The responses from FRU will be https regardless of the protocol/port used by the cli.
     */
EmbeddedServletContainerFactory servletContainer() {
    TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {

        @Override
        protected void postProcessContext(Context context) {
            SecurityConstraint securityConstraint = new SecurityConstraint();
            securityConstraint.setUserConstraint("CONFIDENTIAL");
            SecurityCollection collection = new SecurityCollection();
            collection.addPattern("/*");
            securityConstraint.addCollection(collection);
            context.addConstraint(securityConstraint);
        }

        @Override
        protected /**
             * This is the method where ssl is configured in the tomcat container.
             * We want to override this in order to be able to take an encrypted-base64-encoded password from
             * application.properties and to decode+decrypt it and provide it to the Ssl object before ssl configuration begins.
             */
        void configureSsl(AbstractHttp11JsseProtocol<?> protocol, Ssl ssl) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("ContextConfig: servletContainer: encoded password = " + ssl.getKeyStorePassword());
            }
            byte[] decodedBytes = Base64.getDecoder().decode(ssl.getKeyStorePassword());
            ssl.setKeyStorePassword(new String(decodedBytes));
            super.configureSsl(protocol, ssl);
        }
    };
    //Setup the redirection
    tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
    //Setup the custom realm, which sets the custom redirect code.
    //By default the redirect is 302.  But if the request to be redirected is a post,
    //then the post is converted to a get and therefore the post's body is removed in the redirect. (e.g. using CURL)
    //We need to set the redirection with code 307 so that the origin method is used in the redirect
    //e.g. get uses get on redirect and post uses post on redirect.
    //This conforms to standard RFC 2616
    tomcat.addContextCustomizers((TomcatContextCustomizer) context -> {
        RealmBase base = new CombinedRealm();
        base.setTransportGuaranteeRedirectStatus(307);
        context.setRealm(base);
    });
    return tomcat;
}

Also used : Context(org.apache.catalina.Context) CombinedRealm(org.apache.catalina.realm.CombinedRealm) Logger(org.slf4j.Logger) TomcatContextCustomizer(org.springframework.boot.context.embedded.tomcat.TomcatContextCustomizer) SecurityCollection(org.apache.tomcat.util.descriptor.web.SecurityCollection) LoggerFactory(org.slf4j.LoggerFactory) Connector(org.apache.catalina.connector.Connector) Context(org.apache.catalina.Context) EmbeddedServletContainerFactory(org.springframework.boot.context.embedded.EmbeddedServletContainerFactory) RealmBase(org.apache.catalina.realm.RealmBase) Configuration(org.springframework.context.annotation.Configuration) Ssl(org.springframework.boot.context.embedded.Ssl) TomcatEmbeddedServletContainerFactory(org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory) Base64(java.util.Base64) ConsumerContextConfig(com.dell.cpsd.service.common.client.context.ConsumerContextConfig) AbstractHttp11JsseProtocol(org.apache.coyote.http11.AbstractHttp11JsseProtocol) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) Bean(org.springframework.context.annotation.Bean) AbstractHttp11JsseProtocol(org.apache.coyote.http11.AbstractHttp11JsseProtocol) CombinedRealm(org.apache.catalina.realm.CombinedRealm) TomcatEmbeddedServletContainerFactory(org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory) RealmBase(org.apache.catalina.realm.RealmBase) Ssl(org.springframework.boot.context.embedded.Ssl) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) SecurityCollection(org.apache.tomcat.util.descriptor.web.SecurityCollection) Bean(org.springframework.context.annotation.Bean)

Example 3 with CombinedRealm

use of org.apache.catalina.realm.CombinedRealm in project tomcat by apache.

the class RealmSF method storeChildren.

/**
     * Store the specified Realm properties and child (Realm)
     *
     * @param aWriter
     *            PrintWriter to which we are storing
     * @param indent
     *            Number of spaces to indent this element
     * @param aRealm
     *            Realm whose properties are being stored
     *
     * @exception Exception
     *                if an exception occurs while storing
     */
@Override
public void storeChildren(PrintWriter aWriter, int indent, Object aRealm, StoreDescription parentDesc) throws Exception {
    if (aRealm instanceof CombinedRealm) {
        CombinedRealm combinedRealm = (CombinedRealm) aRealm;
        // Store nested <Realm> element
        Realm[] realms = combinedRealm.getNestedRealms();
        storeElementArray(aWriter, indent, realms);
    }
    // Store nested <CredentialHandler> element
    CredentialHandler credentialHandler = ((Realm) aRealm).getCredentialHandler();
    if (credentialHandler != null) {
        storeElement(aWriter, indent, credentialHandler);
    }
}

Also used : CombinedRealm(org.apache.catalina.realm.CombinedRealm) CredentialHandler(org.apache.catalina.CredentialHandler) CombinedRealm(org.apache.catalina.realm.CombinedRealm) Realm(org.apache.catalina.Realm)

Aggregations

CombinedRealm (org.apache.catalina.realm.CombinedRealm)3 Context (org.apache.catalina.Context)2 Realm (org.apache.catalina.Realm)2 ConsumerContextConfig (com.dell.cpsd.service.common.client.context.ConsumerContextConfig)1 File (java.io.File)1 ArrayList (java.util.ArrayList)1 Base64 (java.util.Base64)1 MBeanServer (javax.management.MBeanServer)1 ObjectName (javax.management.ObjectName)1 CredentialHandler (org.apache.catalina.CredentialHandler)1 Connector (org.apache.catalina.connector.Connector)1 StandardHost (org.apache.catalina.core.StandardHost)1 NullRealm (org.apache.catalina.realm.NullRealm)1 RealmBase (org.apache.catalina.realm.RealmBase)1 Tomcat (org.apache.catalina.startup.Tomcat)1 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)1 AbstractHttp11JsseProtocol (org.apache.coyote.http11.AbstractHttp11JsseProtocol)1 SecurityCollection (org.apache.tomcat.util.descriptor.web.SecurityCollection)1 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)1 Test (org.junit.Test)1