diff --git a/cadcAccessControl-Server/build.xml b/cadcAccessControl-Server/build.xml
index 413541216146fd16b1d2667761ff36d726e2c37d..af1c7bbb5632e2a0573033db47ffd830fa1ba514 100644
--- a/cadcAccessControl-Server/build.xml
+++ b/cadcAccessControl-Server/build.xml
@@ -115,6 +115,9 @@
<mkdir dir="${user.home}/config" />
<copy overwrite="true" file="test/LdapConfig.test.properties"
todir="${user.home}/config/"/>
+ <copy overwrite="true"
+ file="${env.CADC_PREFIX}/etc/LocalAuthority.properties"
+ tofile="${build}/class/LocalAuthority.properties"/>
</target>
<!-- JAR files needed to run the test suite -->
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
index 8dcebdcf9d46fae9011bf47cb6132ed63051008b..9ebf865785f07b009c00586a316aff69c59262b4 100755
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -86,7 +86,6 @@ import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;
-import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.InternalID;
import ca.nrc.cadc.ac.PersonalDetails;
@@ -101,6 +100,7 @@ import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.NumericPrincipal;
import ca.nrc.cadc.net.TransientException;
import ca.nrc.cadc.profiler.Profiler;
+import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.util.ObjectUtil;
import ca.nrc.cadc.util.StringUtil;
@@ -140,8 +140,6 @@ public class LdapUserDAO extends LdapDAO
private static final Logger logger = Logger.getLogger(LdapUserDAO.class);
- private String internalIdUriPrefix = AC.USER_URI;
-
// Map of identity type to LDAP attribute
private final Map<Class<?>, String> userLdapAttrib = new HashMap<Class<?>, String>();
@@ -740,7 +738,10 @@ public class LdapUserDAO extends LdapDAO
user.getIdentities().add(new DNPrincipal(searchResult.getAttributeValue(LDAP_ENTRYDN)));
// cache memberOf values in the user
- GroupMemberships gms = new GroupMemberships(userID);
+ LocalAuthority localAuthority = new LocalAuthority();
+ URI gmsServiceURI = localAuthority.getServiceURI("gms");
+
+ GroupMemberships gms = new GroupMemberships(gmsServiceURI.toString(), userID);
user.appData = gms; // add even if empty
String[] mems = searchResult.getAttributeValues(LDAP_MEMBEROF);
if (mems != null && mems.length > 0)
@@ -926,8 +927,6 @@ public class LdapUserDAO extends LdapDAO
public User modifyUser(final User user)
throws UserNotFoundException, TransientException, AccessControlException
{
- // Will we always have a HttpPrincipal?
- User existingUser = getUser(user.getHttpPrincipal());
List<Modification> mods = new ArrayList<Modification>();
@@ -1274,15 +1273,12 @@ public class LdapUserDAO extends LdapDAO
return uuid.getLeastSignificantBits();
}
- protected void setInternalIdUriPrefix(String internalIdUriPrefix)
- {
- this.internalIdUriPrefix = internalIdUriPrefix;
- }
-
protected InternalID getInternalID(String numericID)
{
UUID uuid = new UUID(0L, Long.parseLong(numericID));
- String uriString = internalIdUriPrefix + "?" + uuid.toString();
+ LocalAuthority localAuthority = new LocalAuthority();
+ URI umsServiceURI = localAuthority.getServiceURI("ums");
+ String uriString = umsServiceURI.toString() + "?" + uuid.toString();
URI uri;
try
{
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
index 10b8448d7e7a6806f18be008dd9696b6faa4138c..f6e94226a9363ad8579dc138108fbfdb8f3ff743 100755
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
@@ -121,7 +121,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
userDAO.addUser(user);
}
finally
@@ -146,7 +146,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
userDAO.addUserRequest(userRequest);
}
finally
@@ -177,7 +177,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
return userDAO.getUser(userID);
}
finally
@@ -205,7 +205,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- LdapUserDAO userDAO = getLdapUserDao(conns);
+ LdapUserDAO userDAO = new LdapUserDAO(conns);
return userDAO.getUserByEmailAddress(emailAddress);
}
finally
@@ -234,7 +234,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
return userDAO.getUserRequest(userID);
}
finally
@@ -243,8 +243,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
}
}
- /**<<<<<<< HEAD
-
+ /**
* Get the user specified by userID with all of the users identities.
*
* @param userID The userID.
@@ -264,7 +263,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
try
{
Profiler profiler = new Profiler(LdapUserPersistence.class);
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
profiler.checkpoint("Create LdapUserDAO");
User user = userDAO.getAugmentedUser(userID);
profiler.checkpoint("getAugmentedUser");
@@ -299,7 +298,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
return userDAO.getUsers();
}
finally
@@ -323,7 +322,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
return userDAO.getUserRequests();
}
finally
@@ -353,7 +352,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
return userDAO.approveUserRequest(userID);
}
finally
@@ -385,7 +384,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
return userDAO.modifyUser(user);
}
finally
@@ -415,7 +414,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
userDAO.deleteUser(userID, true);
}
finally
@@ -444,7 +443,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
userDAO.deleteUser(userID, false);
}
finally
@@ -471,7 +470,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
userDAO.deleteUserRequest(userID);
}
finally
@@ -498,7 +497,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
return userDAO.doLogin(userID, password);
}
finally
@@ -510,11 +509,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
/**
* Update a user's password. The given user and authenticating user must match.
*
-<<<<<<< HEAD
* @param userID the user.
-=======
- * @param userID
->>>>>>> efc84b5d25584bd3014fc6cbc820c5acf0d90a2a
* @param oldPassword current password.
* @param newPassword new password.
* @throws UserNotFoundException If the given user does not exist.
@@ -532,7 +527,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
if (userDAO.doLogin(userID.getName(), oldPassword))
{
// oldPassword is correct
@@ -548,11 +543,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
/**
* Reset a user's password. The given user and authenticating user must match.
*
-<<<<<<< HEAD
* @param userID The user.
-=======
- * @param userID
->>>>>>> efc84b5d25584bd3014fc6cbc820c5acf0d90a2a
* @param newPassword new password.
* @throws UserNotFoundException If the given user does not exist.
* @throws TransientException If an temporary, unexpected problem occurred.
@@ -569,7 +560,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
- userDAO = getLdapUserDao(conns);
+ userDAO = new LdapUserDAO(conns);
User user = getUser(userID);
if (user != null)
@@ -613,23 +604,4 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
return false;
}
- private LdapUserDAO getLdapUserDao(LdapConnections conn)
- {
- LdapUserDAO dao = new LdapUserDAO(conn);
- if (getInternalIdUriPrefix() != null)
- dao.setInternalIdUriPrefix(getInternalIdUriPrefix());
- return dao;
- }
-
- /**
- * Web services can override this method to change
- * the user prefix used in the internal ID.
- *
- * By default the LdapUserDAO will use AC.USER_URI;
- */
- protected String getInternalIdUriPrefix()
- {
- return null;
- }
-
}
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/WhoAmIServlet.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/WhoAmIServlet.java
index e97e1165c0f34c114fc119e6df08063d854beba8..9caff6d55d45577b28998d2061987f496f3ba459 100644
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/WhoAmIServlet.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/WhoAmIServlet.java
@@ -81,10 +81,10 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
-import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.log.ServletLogInfo;
+import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.reg.client.RegistryClient;
/**
@@ -164,9 +164,15 @@ public class WhoAmIServlet extends HttpServlet
final String scheme) throws IOException
{
final RegistryClient registryClient = getRegistryClient();
+
+ LocalAuthority localAuthority = new LocalAuthority();
+ URI umsServiceURI = localAuthority.getServiceURI("ums");
+
+ log.debug("ums service uri: " + umsServiceURI);
+
final URL redirectURL =
registryClient.getServiceURL(
- URI.create(AC.UMS_SERVICE_URI + "#users"), scheme, USER_GET_PATH);
+ URI.create(umsServiceURI.toString() + "#users"), scheme, USER_GET_PATH);
// Take the first one.
final String redirectUrl =
diff --git a/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/WhoAmIServletTest.java b/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/WhoAmIServletTest.java
index 5e8a06a3de1c0ce9fa21ef4ed1e039980b189add..63d4d6413d32aafe311a93d7ec81e3c07c95f254 100644
--- a/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/WhoAmIServletTest.java
+++ b/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/WhoAmIServletTest.java
@@ -84,8 +84,8 @@ import javax.servlet.http.HttpServletResponse;
import org.junit.Test;
-import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.auth.HttpPrincipal;
+import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.reg.client.RegistryClient;
@@ -132,7 +132,10 @@ public class WhoAmIServletTest
mockResponse.sendRedirect("/ac/users/CADCtest?idType=HTTP");
expectLastCall().once();
- expect(mockRegistry.getServiceURL(URI.create(AC.UMS_SERVICE_URI + "#users"),
+ LocalAuthority localAuthority = new LocalAuthority();
+ URI umsServiceURI = localAuthority.getServiceURI("ums");
+
+ expect(mockRegistry.getServiceURL(URI.create(umsServiceURI.toString() + "#users"),
"http", "/%s?idType=HTTP")).
andReturn(new URL("http://mysite.com/ac/users/CADCtest?idType=HTTP")).once();
diff --git a/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java b/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java
index d12fc441d495414ac8b4fa84b6df56af7750392f..ac1960db076b6f6a66d7fa18b14fde362988d7f1 100644
--- a/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java
+++ b/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java
@@ -77,10 +77,6 @@ import java.util.UUID;
import javax.security.auth.x500.X500Principal;
-import ca.nrc.cadc.ac.AC;
-import ca.nrc.cadc.ac.InternalID;
-import ca.nrc.cadc.auth.HttpPrincipal;
-import ca.nrc.cadc.util.ObjectUtil;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.easymock.EasyMock;
@@ -88,13 +84,17 @@ import org.junit.BeforeClass;
import org.junit.Test;
import ca.nrc.cadc.ac.Group;
+import ca.nrc.cadc.ac.InternalID;
import ca.nrc.cadc.ac.MemberNotFoundException;
import ca.nrc.cadc.ac.User;
import ca.nrc.cadc.ac.server.GroupPersistence;
import ca.nrc.cadc.ac.server.UserPersistence;
import ca.nrc.cadc.auth.AuthenticationUtil;
+import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.IdentityType;
+import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.util.Log4jInit;
+import ca.nrc.cadc.util.ObjectUtil;
/**
*
@@ -117,7 +117,9 @@ public class RemoveUserMemberActionTest
try
{
User user = new User();
- InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID()));
+ LocalAuthority localAuthority = new LocalAuthority();
+ URI umsServiceURI = localAuthority.getServiceURI("ums");
+ InternalID internalID = new InternalID(new URI(umsServiceURI.toASCIIString() + "?" + UUID.randomUUID()));
ObjectUtil.setField(user, internalID, "id");
String userID = "cn=foo,c=ca";
@@ -169,7 +171,9 @@ public class RemoveUserMemberActionTest
try
{
User user = new User();
- InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID()));
+ LocalAuthority localAuthority = new LocalAuthority();
+ URI umsServiceURI = localAuthority.getServiceURI("ums");
+ InternalID internalID = new InternalID(new URI(umsServiceURI.toString() + "?" + UUID.randomUUID()));
ObjectUtil.setField(user, internalID, "id");
String userID = "cn=foo,c=ca";
diff --git a/cadcAccessControl/build.xml b/cadcAccessControl/build.xml
index e8b0a8fd4bf74a1da01f1c623a60980315842510..8e0cefd4de16e111791d16f73e001e11f30435ae 100644
--- a/cadcAccessControl/build.xml
+++ b/cadcAccessControl/build.xml
@@ -112,8 +112,14 @@
<property name="junit" value="${ext.dev}/junit.jar" />
<property name="objenesis" value="${ext.dev}/objenesis.jar" />
<property name="jsonassert" value="${ext.dev}/jsonassert.jar" />
- <property name="mail" value="${ext.dev}/mail.jar" />
- <property name="testingJars" value="${build}/class:${xerces}:${jsonassert}:${jars}:${asm}:${cglib}:${easymock}:${junit}:${objenesis}:${mail}" />
+
+ <property name="testingJars" value="${build}/class:${jsonassert}:${jars}:${xerces}:${asm}:${cglib}:${easymock}:${junit}:${objenesis}" />
+
+ <target name="setup-test">
+ <copy overwrite="true"
+ file="${env.CADC_PREFIX}/etc/LocalAuthority.properties"
+ tofile="${build}/class/LocalAuthority.properties"/>
+ </target>
<target name="single-test" depends="compile,compile-test">
<echo message="Running test suite..." />
diff --git a/cadcAccessControl/src/ca/nrc/cadc/ac/AC.java b/cadcAccessControl/src/ca/nrc/cadc/ac/AC.java
index daa6a4ccf8041c18c0b6858d820f3c8a9747dfd6..f30c3fdf5ffeeec62692cb0822c00bc0e69df15e 100755
--- a/cadcAccessControl/src/ca/nrc/cadc/ac/AC.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/AC.java
@@ -85,13 +85,4 @@ public class AC
// Denotes a group readable by public
public static final String PROPERTY_PUBLIC = "ivo://ivoa.net/gms#public";
- public static final String UMS_SERVICE_URI = "ivo://canfar.net/ums";
- public static final String GMS_SERVICE_URI = "ivo://canfar.net/gms";
-
- // Group URI attribute once the group name is appended
- public static final String GROUP_URI = "ivo://cadc.nrc.ca/gms#";
-
- // User URI with appended UUID represents a unique user
- public static final String USER_URI = "ivo://cadc.nrc.ca/user";
-
}
diff --git a/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java b/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java
index 00ebbc9bae25af523b1510d43ad6080fbe9f540c..3de71f50876392551caa7300401e450881a1a557 100755
--- a/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java
@@ -133,6 +133,7 @@ public class GMSClient implements TransferListener
private RegistryClient registryClient;
+ private URI gmsServiceURI;
private URI groupsURI;
private URI searchURI;
@@ -159,6 +160,7 @@ public class GMSClient implements TransferListener
try
{
+ this.gmsServiceURI = serviceURI;
this.groupsURI = new URI(serviceURI.toASCIIString() + "#" + GROUPS);
this.searchURI = new URI(serviceURI.toASCIIString() + "#" + SEARCH);
}
@@ -1100,11 +1102,20 @@ public class GMSClient implements TransferListener
Set<GroupMemberships> gset = subject.getPrivateCredentials(GroupMemberships.class);
if (gset == null || gset.isEmpty())
{
- GroupMemberships mems = new GroupMemberships(userID);
+ GroupMemberships mems = new GroupMemberships(gmsServiceURI.toString(), userID);
subject.getPrivateCredentials().add(mems);
return mems;
}
GroupMemberships mems = gset.iterator().next();
+
+ // check to ensure they have the same service URI
+ if (!gmsServiceURI.toString().equals(mems.getServiceURI()))
+ {
+ log.debug("Not using cache because of differing service URIs: " +
+ "[" + gmsServiceURI.toString() + "][" + mems.getServiceURI() + "]");
+ return null;
+ }
+
return mems;
}
return null; // no cache
diff --git a/cadcAccessControl/src/ca/nrc/cadc/ac/client/GroupMemberships.java b/cadcAccessControl/src/ca/nrc/cadc/ac/client/GroupMemberships.java
index 9ea1293305256dc77806b7d3291767032ed70ed0..f842e29a1646251a121c1a318d64bcf3396c968a 100644
--- a/cadcAccessControl/src/ca/nrc/cadc/ac/client/GroupMemberships.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/client/GroupMemberships.java
@@ -69,47 +69,55 @@
package ca.nrc.cadc.ac.client;
-import ca.nrc.cadc.ac.Group;
-import ca.nrc.cadc.ac.Role;
-import org.apache.log4j.Logger;
-
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.log4j.Logger;
+
+import ca.nrc.cadc.ac.Group;
+import ca.nrc.cadc.ac.Role;
+
/**
* Class used to hold list of groups in which a user is known to be a member.
- *
+ *
* @author pdowler
*/
public class GroupMemberships implements Comparable
{
private static final Logger log = Logger.getLogger(GroupMemberships.class);
+ private String serviceURI;
private Principal userID;
private Map<Role, List<Group>> memberships = new HashMap<Role, List<Group>>();
private Map<Role, Boolean> complete = new HashMap<Role, Boolean>();
public GroupMemberships() { init(); }
-
- public GroupMemberships(Principal userID)
+
+ public GroupMemberships(String serviceURI, Principal userID)
{
+ this.serviceURI = serviceURI;
this.userID = userID;
init();
}
-
+
public boolean isComplete(Role role)
{
return complete.get(role);
}
-
+
+ public String getServiceURI()
+ {
+ return serviceURI;
+ }
+
public List<Group> getMemberships(Role role)
{
return memberships.get(role);
}
-
+
private void init()
{
for (Role role : Role.values())
@@ -123,14 +131,14 @@ public class GroupMemberships implements Comparable
{
return userID;
}
-
+
public void add(Group group, Role role)
{
List<Group> groups = memberships.get(role);
if (!groups.contains(group))
groups.add(group);
}
-
+
public void add(List<Group> groups, Role role)
{
List<Group> cur = memberships.get(role);
@@ -141,7 +149,7 @@ public class GroupMemberships implements Comparable
complete.put(role, Boolean.TRUE);
}
}
-
+
// only allow one in a set - makes clearCache simple too
public boolean equals(Object rhs)
{
diff --git a/cadcAccessControl/src/ca/nrc/cadc/ac/xml/AbstractReaderWriter.java b/cadcAccessControl/src/ca/nrc/cadc/ac/xml/AbstractReaderWriter.java
index 242f0456561a587853843100ccc0fcb74b30d21a..3940001c3fbda7a85575baa46a936ea296d9db37 100644
--- a/cadcAccessControl/src/ca/nrc/cadc/ac/xml/AbstractReaderWriter.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/xml/AbstractReaderWriter.java
@@ -69,7 +69,26 @@
package ca.nrc.cadc.ac.xml;
-import ca.nrc.cadc.ac.AC;
+import java.io.IOException;
+import java.io.Writer;
+import java.lang.reflect.Field;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.security.Principal;
+import java.text.DateFormat;
+import java.text.ParseException;
+import java.util.List;
+import java.util.Set;
+import java.util.UUID;
+
+import javax.security.auth.x500.X500Principal;
+
+import org.jdom2.Attribute;
+import org.jdom2.Document;
+import org.jdom2.Element;
+import org.jdom2.output.Format;
+import org.jdom2.output.XMLOutputter;
+
import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.GroupProperty;
import ca.nrc.cadc.ac.InternalID;
@@ -85,24 +104,7 @@ import ca.nrc.cadc.auth.IdentityType;
import ca.nrc.cadc.auth.NumericPrincipal;
import ca.nrc.cadc.auth.OpenIdPrincipal;
import ca.nrc.cadc.date.DateUtil;
-import org.jdom2.Attribute;
-import org.jdom2.Document;
-import org.jdom2.Element;
-import org.jdom2.output.Format;
-import org.jdom2.output.XMLOutputter;
-
-import javax.security.auth.x500.X500Principal;
-import java.io.IOException;
-import java.io.Writer;
-import java.lang.reflect.Field;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.Principal;
-import java.text.DateFormat;
-import java.text.ParseException;
-import java.util.List;
-import java.util.Set;
-import java.util.UUID;
+import ca.nrc.cadc.reg.client.LocalAuthority;
/**
* AbstractReaderWriter TODO describe class
@@ -149,6 +151,15 @@ public abstract class AbstractReaderWriter
public static final String USER_MEMBERS = "userMembers";
public static final String USER_REQUEST = "userRequest";
+ private String gmsServiceURI;
+
+ public AbstractReaderWriter()
+ {
+ LocalAuthority localAuthority = new LocalAuthority();
+ URI serviceURI = localAuthority.getServiceURI("gms");
+ gmsServiceURI = serviceURI.toString();
+ }
+
/**
* Write to root Element to a writer.
*
@@ -469,13 +480,13 @@ public abstract class AbstractReaderWriter
}
// Group groupID
- int index = uri.indexOf(AC.GROUP_URI);
+ int index = uri.indexOf(gmsServiceURI);
if (index == -1)
{
String error = "group uri attribute malformed: " + uri;
throw new ReaderException(error);
}
- String groupID = uri.substring(AC.GROUP_URI.length());
+ String groupID = uri.substring(gmsServiceURI.length() + 1);
// Group owner
User user = null;
@@ -922,7 +933,7 @@ public abstract class AbstractReaderWriter
// Create the root group element.
Element groupElement = new Element(GROUP);
- String groupURI = AC.GROUP_URI + group.getID();
+ String groupURI = gmsServiceURI + "#" + group.getID();
groupElement.setAttribute(new Attribute(URI, groupURI));
// Group owner
diff --git a/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/UserClientTest.java b/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/UserClientTest.java
index 067d5ab6b8f24d430ff5b063b41b3c483c8e0822..8217c0857dee9d9f1dea42d2b4cf1ec33bc0ca2b 100644
--- a/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/UserClientTest.java
+++ b/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/UserClientTest.java
@@ -84,10 +84,9 @@ import org.apache.log4j.Logger;
import org.junit.Assert;
import org.junit.Test;
-import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.NumericPrincipal;
-import ca.nrc.cadc.reg.client.RegistryClient;
+import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.util.Log4jInit;
@@ -96,9 +95,13 @@ public class UserClientTest
private static final Logger log = Logger.getLogger(UserClientTest.class);
+ private URI umsServiceURI;
+
public UserClientTest()
{
Log4jInit.setLevel("ca.nrc.cadc.ac", Level.INFO);
+ LocalAuthority localAuthority = new LocalAuthority();
+ umsServiceURI = localAuthority.getServiceURI("ums");
}
@Test
@@ -178,9 +181,7 @@ public class UserClientTest
protected UserClient createUserClient() throws URISyntaxException, MalformedURLException
{
- RegistryClient regClient = new RegistryClient();
- URI serviceURI = new URI(AC.UMS_SERVICE_URI);
- return new UserClient(serviceURI);
+ return new UserClient(umsServiceURI);
}
@@ -189,7 +190,7 @@ public class UserClientTest
{
try
{
- UserClient c = new UserClient(new URI(AC.UMS_SERVICE_URI));
+ UserClient c = new UserClient(umsServiceURI);
Subject s = new Subject();
s.getPrincipals().add(new HttpPrincipal("bob"));
@@ -209,7 +210,7 @@ public class UserClientTest
{
try
{
- UserClient c = new UserClient(new URI(AC.UMS_SERVICE_URI));
+ UserClient c = new UserClient(umsServiceURI);
Subject s = new Subject();
s.getPrincipals().add(new HttpPrincipal("bob"));
@@ -231,7 +232,7 @@ public class UserClientTest
{
try
{
- UserClient c = new UserClient(new URI(AC.UMS_SERVICE_URI));
+ UserClient c = new UserClient(umsServiceURI);
Subject s = new Subject();
UUID uuid = UUID.randomUUID();
@@ -253,7 +254,7 @@ public class UserClientTest
{
try
{
- UserClient c = new UserClient(new URI(AC.UMS_SERVICE_URI));
+ UserClient c = new UserClient(umsServiceURI);
Subject s = new Subject();
UUID uuid = UUID.randomUUID();
diff --git a/cadcTomcat/src/ca/nrc/cadc/tomcat/CadcBasicAuthenticator.java b/cadcTomcat/src/ca/nrc/cadc/tomcat/CadcBasicAuthenticator.java
index d27a2f83476821f3a0b66631f314710452fe4322..e4866d8fe6178cf4585a455d51e00f527006c1f6 100644
--- a/cadcTomcat/src/ca/nrc/cadc/tomcat/CadcBasicAuthenticator.java
+++ b/cadcTomcat/src/ca/nrc/cadc/tomcat/CadcBasicAuthenticator.java
@@ -71,7 +71,6 @@ package ca.nrc.cadc.tomcat;
import java.io.IOException;
import java.net.HttpURLConnection;
-import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
@@ -98,7 +97,7 @@ public class CadcBasicAuthenticator extends RealmBase
{
private static Logger log = Logger.getLogger(CadcBasicAuthenticator.class);
- private static final String AC_URI = "ivo://canfar.net/ums";
+ private static final String AC_URI = "ivo://cadc.nrc.ca/ums";
static
{