diff --git a/ivy.xml b/ivy.xml
index 98a1cdc..753521a 100644
--- a/ivy.xml
+++ b/ivy.xml
@@ -44,7 +44,10 @@
-
+
+
+
+
@@ -55,12 +58,17 @@
-
+
+
+
+
+
+
diff --git a/src/java/log4j.properties b/src/java/log4j.properties
index f93c65b..23c393e 100644
--- a/src/java/log4j.properties
+++ b/src/java/log4j.properties
@@ -1,5 +1,5 @@
-log4j.rootLogger=DEBUG, A1
+log4j.rootLogger=INFO, A1
log4j.appender.A1=org.apache.log4j.ConsoleAppender
log4j.appender.A1.layout=org.apache.log4j.PatternLayout
@@ -8,7 +8,7 @@ log4j.appender.A1.layout.ConversionPattern=%d [%t] %-5p %c{2} - %m%n
# Print only messages of level WARN or above in the package com.foo.
log4j.logger.net.brutex.xservices=INFO
-log4j.logger.net.brutex.xservices.ws.rs=INFO
+log4j.logger.net.brutex.xservices.ws.rs=DEBUG
log4j.logger.org.springframework=INFO
@@ -17,3 +17,6 @@ log4j.logger.org.apache.jcs=INFO
log4j.logger.org.apache.commons=INFO
log4j.logger.org.apache.axiom=INFO
+
+log4j.logger.org.apache.shiro=INFO
+
diff --git a/src/java/net/brutex/xservices/security/DirectoryPermission.java b/src/java/net/brutex/xservices/security/DirectoryPermission.java
new file mode 100644
index 0000000..8138146
--- /dev/null
+++ b/src/java/net/brutex/xservices/security/DirectoryPermission.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2013 Brian Rosenberger (Brutex Network)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+package net.brutex.xservices.security;
+
+import org.apache.log4j.Logger;
+import org.apache.shiro.authz.Permission;
+import org.apache.shiro.util.AntPathMatcher;
+
+/**
+ * @author Brian Rosenberger, bru(at)brutex.de
+ *
+ */
+public class DirectoryPermission implements Permission {
+
+ private final Logger logger = Logger.getLogger(DirectoryPermission.class);
+ private final String path;
+
+ public DirectoryPermission(String antlikepath) {
+ path = antlikepath;
+ }
+
+ @Override
+ public boolean implies(Permission p) {
+ boolean result = false;
+
+ /* is of same type */
+ if(! (p instanceof DirectoryPermission)) {
+ logger.debug(String.format("Testing if permission of type '%s' implies permission of type '%s'. Result was '%s'" , this.getClass(), p.getClass(), result));
+ return result;
+ }
+
+ /* comparing to non null directory */
+ if( ((DirectoryPermission)p).getPath() == null) {
+ logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to 'null'. Result was '%s'" , this.getPath(), result));
+ return result;
+ }
+
+ /* directory pattern implies other */
+ if( (new AntPathMatcher()).matches(path, ((DirectoryPermission)p).getPath()) ) {
+ result = true;
+ }
+ logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to '%s'. Result was '%s'" , this.getPath(), ((DirectoryPermission) p).getPath(), result));
+
+ return result;
+ }
+
+ public String getPath() {
+ return path;
+ }
+
+}
diff --git a/src/java/net/brutex/xservices/security/Identity.java b/src/java/net/brutex/xservices/security/PermissionResolver.java
similarity index 51%
rename from src/java/net/brutex/xservices/security/Identity.java
rename to src/java/net/brutex/xservices/security/PermissionResolver.java
index 67bdede..04d2f7b 100644
--- a/src/java/net/brutex/xservices/security/Identity.java
+++ b/src/java/net/brutex/xservices/security/PermissionResolver.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2012 Brian Rosenberger (Brutex Network)
+ * Copyright 2013 Brian Rosenberger (Brutex Network)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -16,8 +16,20 @@
package net.brutex.xservices.security;
-import java.util.UUID;
+import org.apache.log4j.Logger;
+import org.apache.shiro.authz.Permission;
-public abstract interface Identity {
- public abstract UUID getUUID();
+/**
+ * @author Brian Rosenberger, bru(at)brutex.de
+ *
+ */
+public class PermissionResolver implements org.apache.shiro.authz.permission.PermissionResolver {
+
+ final Logger logger = Logger.getLogger(PermissionResolver.class);
+
+ @Override
+ public Permission resolvePermission(String permissionString) {
+ logger.debug(String.format("Creating new Permission '%s'", permissionString));
+ return new DirectoryPermission(permissionString);
+ }
}
diff --git a/src/java/net/brutex/xservices/security/SecurityManager.java b/src/java/net/brutex/xservices/security/SecurityManager.java
deleted file mode 100644
index 2dd9f57..0000000
--- a/src/java/net/brutex/xservices/security/SecurityManager.java
+++ /dev/null
@@ -1,11 +0,0 @@
-package net.brutex.xservices.security;
-
-public abstract interface SecurityManager
-{
- public abstract boolean canExecute(String paramString, Identity paramIdentity);
-}
-
-/* Location: C:\Users\brosenberger\Documents\My Box Files\XBridgeNG-download\XServices-20130131 - Kopie\WEB-INF\classes\net.zip
- * Qualified Name: net.brutex.xservices.security.SecurityManager
- * JD-Core Version: 0.6.2
- */
\ No newline at end of file
diff --git a/src/java/net/brutex/xservices/security/StandardSecurityManager.java b/src/java/net/brutex/xservices/security/StandardSecurityManager.java
deleted file mode 100644
index 098d862..0000000
--- a/src/java/net/brutex/xservices/security/StandardSecurityManager.java
+++ /dev/null
@@ -1,18 +0,0 @@
-/* */ package net.brutex.xservices.security;
-/* */
-/* */ import java.io.PrintStream;
-/* */
-/* */ public class StandardSecurityManager
-/* */ implements SecurityManager
-/* */ {
-/* */ public boolean canExecute(String method, Identity identity)
-/* */ {
-/* 9 */ System.out.println("User '" + identity.getUUID() + "' accesses '" + method + "'");
-/* 10 */ return true;
-/* */ }
-/* */ }
-
-/* Location: C:\Users\brosenberger\Documents\My Box Files\XBridgeNG-download\XServices-20130131 - Kopie\WEB-INF\classes\net.zip
- * Qualified Name: net.brutex.xservices.security.StandardSecurityManager
- * JD-Core Version: 0.6.2
- */
\ No newline at end of file
diff --git a/src/java/net/brutex/xservices/security/UserIdentity.java b/src/java/net/brutex/xservices/security/UserIdentity.java
deleted file mode 100644
index 6392bb1..0000000
--- a/src/java/net/brutex/xservices/security/UserIdentity.java
+++ /dev/null
@@ -1,17 +0,0 @@
-/* */ package net.brutex.xservices.security;
-/* */
-/* */ import java.util.UUID;
-/* */
-/* */ public class UserIdentity
-/* */ implements Identity
-/* */ {
-/* */ public UUID getUUID()
-/* */ {
-/* 9 */ return UUID.randomUUID();
-/* */ }
-/* */ }
-
-/* Location: C:\Users\brosenberger\Documents\My Box Files\XBridgeNG-download\XServices-20130131 - Kopie\WEB-INF\classes\net.zip
- * Qualified Name: net.brutex.xservices.security.UserIdentity
- * JD-Core Version: 0.6.2
- */
\ No newline at end of file
diff --git a/src/java/net/brutex/xservices/security/XServicesRealm.java b/src/java/net/brutex/xservices/security/XServicesRealm.java
new file mode 100644
index 0000000..c8758df
--- /dev/null
+++ b/src/java/net/brutex/xservices/security/XServicesRealm.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2013 Brian Rosenberger (Brutex Network)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+
+package net.brutex.xservices.security;
+
+import java.text.ParseException;
+import java.util.Collection;
+import java.util.Map;
+
+import org.apache.log4j.Logger;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.Permission;
+import org.apache.shiro.authz.permission.PermissionResolver;
+import org.apache.shiro.config.Ini;
+import org.apache.shiro.io.ResourceUtils;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.realm.text.IniRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.apache.shiro.util.Nameable;
+import org.apache.shiro.util.PermissionUtils;
+
+// TODO: Auto-generated Javadoc
+/*
+ * For later use. A Realm connects to a DS where Users/ Passes are defined
+ * and allows Shiro to transparently work against different user/pass stores
+ * (i.e. LDAP, Custom, etc.)
+ *
+ * @author Brian Rosenberger, bru(at)brutex.de
+ *
+ */
+/**
+ * The Class XServicesRealm.
+ */
+public class XServicesRealm extends IniRealm implements Nameable {
+
+ /** The logger. */
+ private static Logger logger = Logger.getLogger(XServicesRealm.class);
+
+ /** The name. */
+ private String name;
+
+ /* (non-Javadoc)
+ * @see org.apache.shiro.realm.AuthorizingRealm#setName(java.lang.String)
+ */
+ @Override
+ public void setName(String name) {
+ this.name = name;
+ }
+
+
+ /**
+ * Instantiates a new x services realm with default
+ * 'shiro.ini' in classpath and {@link net.brutex.xservices.security.PermissionResolver PermissionResolver}.
+ *
+ */
+ public XServicesRealm() {
+ super();
+ this.setIni(Ini.fromResourcePath(ResourceUtils.CLASSPATH_PREFIX+"shiro.ini"));
+ this.setPermissionResolver(new net.brutex.xservices.security.PermissionResolver());
+ //this.setRolePermissionResolver(new RolePermissionResolver());
+ init();
+ }
+}
diff --git a/src/java/shiro.ini b/src/java/shiro.ini
new file mode 100644
index 0000000..cfdd8b9
--- /dev/null
+++ b/src/java/shiro.ini
@@ -0,0 +1,52 @@
+# =======================
+# Shiro INI configuration
+# =======================
+
+[main]
+# Objects and their properties are defined here,
+# Such as the securityManager, Realms and anything
+# else needed to build the SecurityManager
+
+realm = net.brutex.xservices.security.XServicesRealm
+securityManager.realms = $realm
+
+#authc = org.apache.shiro.web.filter.authc.FormAuthenticationFilter
+
+[users]
+# The 'users' section is for simple deployments
+# when you only need a small number of statically-defined
+# set of User accounts.
+# Format: user = password, role1, role2, ...
+
+admin = password
+brian = password, Administrator
+
+
+[roles]
+# The 'roles' section is for simple deployments
+# when you only need a small number of statically-defined
+# roles.
+
+Administrator = c:/t*/*, c:/windows/*, d:/**/VIDEO, C:/Users/brosenberger/**, d:/data/**, c:/**
+
+[urls]
+# The 'urls' section is used for url-based security
+# in web applications. We'll discuss this section in the
+# Web documentation
+
+/** = authcBasic
+
+
+#Default filters
+#Filter Name Class
+#anon org.apache.shiro.web.filter.authc.AnonymousFilter
+#authc org.apache.shiro.web.filter.authc.FormAuthenticationFilter
+#authcBasic org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
+#logout org.apache.shiro.web.filter.authc.LogoutFilter
+#noSessionCreation org.apache.shiro.web.filter.session.NoSessionCreationFilter
+#perms org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter
+#port org.apache.shiro.web.filter.authz.PortFilter
+#rest org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
+#roles org.apache.shiro.web.filter.authz.RolesAuthorizationFilter
+#ssl org.apache.shiro.web.filter.authz.SslFilter
+#user org.apache.shiro.web.filter.authc.UserFilter
\ No newline at end of file
diff --git a/web/WEB-INF/cxf-beans.xml b/web/WEB-INF/cxf-beans.xml
index 67f3e47..a86d9fa 100644
--- a/web/WEB-INF/cxf-beans.xml
+++ b/web/WEB-INF/cxf-beans.xml
@@ -83,6 +83,31 @@
+
+
+
+
+