From 6c59ed578400e5aa304a585815a8f0e11e23490d Mon Sep 17 00:00:00 2001 From: Heng Sin Low Date: Fri, 25 May 2007 06:38:28 +0000 Subject: [PATCH] * [ adempiere-Bugs-1719617 ] Server bean allows remote unauthenticated queries - Implemented jaas authentication for server bean --- base/src/org/compiere/db/CConnection.java | 39 ++++++++++++++++++- base/src/org/compiere/interfaces/Server.java | 7 ++++ .../org/compiere/interfaces/ServerLocal.java | 6 +++ base/src/org/compiere/model/MTable.java | 25 ++++++++---- base/src/org/compiere/util/Env.java | 2 + base/src/org/compiere/util/Login.java | 33 +++++++++------- 6 files changed, 89 insertions(+), 23 deletions(-) diff --git a/base/src/org/compiere/db/CConnection.java b/base/src/org/compiere/db/CConnection.java index 55b49b88c5..63f986647c 100644 --- a/base/src/org/compiere/db/CConnection.java +++ b/base/src/org/compiere/db/CConnection.java @@ -27,6 +27,8 @@ import javax.swing.JOptionPane; import org.compiere.*; import org.compiere.interfaces.*; import org.compiere.util.*; +import org.jboss.security.SecurityAssociation; +import org.jboss.security.SimplePrincipal; /** * Adempiere Connection Descriptor @@ -236,6 +238,11 @@ public class CConnection implements Serializable /** Had application server been query **/ private boolean m_queryAppsServer = false; + /** application server authentication principal **/ + private String m_principal = null; + /** application server authentication password **/ + private String m_credential = null; + /************************************************************************* * Get Name @@ -1408,7 +1415,7 @@ public class CConnection implements Serializable // Set Environment if (m_env == null || !useCache) - m_env = getInitialEnvironment(getAppsHost(), getAppsPort(), isRMIoverHTTP()); + m_env = getInitialEnvironment(getAppsHost(), getAppsPort(), isRMIoverHTTP(), m_principal, m_credential); String connect = (String)m_env.get(Context.PROVIDER_URL); Env.setContext(Env.getCtx(), Context.PROVIDER_URL, connect); @@ -1433,15 +1440,23 @@ public class CConnection implements Serializable return m_iContext; } // getInitialContext + public static Hashtable getInitialEnvironment (String AppsHost, int AppsPort, + boolean RMIoverHTTP) + { + return getInitialEnvironment(AppsHost, AppsPort, RMIoverHTTP, null, null); + } + /** * Get Initial Environment * @param AppsHost host * @param AppsPort port * @param RMIoverHTTP true if tunnel through HTTP + * @param principal + * @param credential * @return environment */ public static Hashtable getInitialEnvironment (String AppsHost, int AppsPort, - boolean RMIoverHTTP) + boolean RMIoverHTTP, String principal, String credential) { // Set Environment Hashtable env = new Hashtable(); @@ -1467,6 +1482,18 @@ public class CConnection implements Serializable env.put (org.jnp.interfaces.TimedSocketFactory.JNP_SO_TIMEOUT, "5000"); // JNP - default timeout 5 sec env.put(org.jnp.interfaces.NamingContext.JNP_DISCOVERY_TIMEOUT, "5000"); + + if (principal != null && credential != null) + { + SecurityAssociation.setPrincipal(new SimplePrincipal(principal)); + SecurityAssociation.setCredential(credential); + } + else + { + SecurityAssociation.setPrincipal(null); + SecurityAssociation.setCredential(null); + } + return env; } // getInitialEnvironment @@ -1643,6 +1670,14 @@ public class CConnection implements Serializable return ""; } // getTransactionIsolationInfo + public void setAppServerCredential(String principal, String credential) + { + m_principal = principal; + m_credential = credential; + m_iContext = null; + m_env = null; + m_server = null; + } /************************************************************************** * Testing diff --git a/base/src/org/compiere/interfaces/Server.java b/base/src/org/compiere/interfaces/Server.java index ad105d6704..e49427494b 100644 --- a/base/src/org/compiere/interfaces/Server.java +++ b/base/src/org/compiere/interfaces/Server.java @@ -193,4 +193,11 @@ public interface Server public java.util.ArrayList getFields( org.compiere.model.GridTabVO gridTabVO ) throws java.rmi.RemoteException; + /** + * Get table id from ad_table by table name + * @param tableName + * @return tableName */ + public int getTableID( java.lang.String tableName ) + throws java.rmi.RemoteException; + } diff --git a/base/src/org/compiere/interfaces/ServerLocal.java b/base/src/org/compiere/interfaces/ServerLocal.java index 393ff145aa..cbf3da1ecc 100644 --- a/base/src/org/compiere/interfaces/ServerLocal.java +++ b/base/src/org/compiere/interfaces/ServerLocal.java @@ -172,4 +172,10 @@ public interface ServerLocal * @return ArrayList */ public java.util.ArrayList getFields( org.compiere.model.GridTabVO gridTabVO ) ; + /** + * Get table id from ad_table by table name + * @param tableName + * @return tableName */ + public int getTableID( java.lang.String tableName ) ; + } diff --git a/base/src/org/compiere/model/MTable.java b/base/src/org/compiere/model/MTable.java index 9099317402..dd3af9b748 100644 --- a/base/src/org/compiere/model/MTable.java +++ b/base/src/org/compiere/model/MTable.java @@ -21,6 +21,9 @@ import java.lang.reflect.*; import java.sql.*; import java.util.*; import java.util.logging.*; + +import org.compiere.db.CConnection; +import org.compiere.interfaces.Server; import org.compiere.util.*; /** @@ -667,13 +670,21 @@ public class MTable extends X_AD_Table String SQL = "SELECT AD_Table_ID FROM AD_Table WHERE tablename = ?"; try { - PreparedStatement pstmt = DB.prepareStatement(SQL, null); - pstmt.setString(1, tableName); - ResultSet rs = pstmt.executeQuery(); - if (rs.next()) - retValue = rs.getInt(1); - rs.close(); - pstmt.close(); + if (DB.isRemoteObjects()) + { + Server server = CConnection.get().getServer(); + retValue = server.getTableID(tableName); + } + else + { + PreparedStatement pstmt = DB.prepareStatement(SQL, null); + pstmt.setString(1, tableName); + ResultSet rs = pstmt.executeQuery(); + if (rs.next()) + retValue = rs.getInt(1); + rs.close(); + pstmt.close(); + } } catch (Exception e) { diff --git a/base/src/org/compiere/util/Env.java b/base/src/org/compiere/util/Env.java index 728e997eb7..e729338c37 100644 --- a/base/src/org/compiere/util/Env.java +++ b/base/src/org/compiere/util/Env.java @@ -85,6 +85,8 @@ public final class Env // reset(true); // final cache reset // + + CConnection.get().setAppServerCredential(null, null); } /** diff --git a/base/src/org/compiere/util/Login.java b/base/src/org/compiere/util/Login.java index 2f58b3f7a3..ae56aabace 100644 --- a/base/src/org/compiere/util/Login.java +++ b/base/src/org/compiere/util/Login.java @@ -216,7 +216,9 @@ public class Login } // Authentification - boolean authenticated = false; + boolean authenticated = false; + if (Ini.isClient()) + CConnection.get().setAppServerCredential(app_user, app_pwd); MSystem system = MSystem.get(m_ctx); if (system == null) throw new IllegalStateException("No System Info"); @@ -286,21 +288,24 @@ public class Login Env.setContext(m_ctx, "#AD_User_Name", app_user); Env.setContext(m_ctx, "#AD_User_ID", rs.getInt(1)); Env.setContext(m_ctx, "#SalesRep_ID", rs.getInt(1)); - // - Ini.setProperty(Ini.P_UID, app_user); - if (Ini.isPropertyBool(Ini.P_STORE_PWD)) - Ini.setProperty(Ini.P_PWD, app_pwd); - - m_connectionProfile = rs.getString(4); // User Based - if (m_connectionProfile != null) + // + if (Ini.isClient()) { - CConnection cc = CConnection.get(); - if (!cc.getConnectionProfile().equals(m_connectionProfile)) + Ini.setProperty(Ini.P_UID, app_user); + if (Ini.isPropertyBool(Ini.P_STORE_PWD)) + Ini.setProperty(Ini.P_PWD, app_pwd); + + m_connectionProfile = rs.getString(4); // User Based + if (m_connectionProfile != null) { - cc.setConnectionProfile(m_connectionProfile); - Ini.setProperty(Ini.P_CONNECTION, cc.toStringLong()); - Ini.saveProperties(false); - } + CConnection cc = CConnection.get(); + if (!cc.getConnectionProfile().equals(m_connectionProfile)) + { + cc.setConnectionProfile(m_connectionProfile); + Ini.setProperty(Ini.P_CONNECTION, cc.toStringLong()); + Ini.saveProperties(false); + } + } } do // read all roles