remove dependency on dcache-auth

fixes #81 #80

Signed-off-by: Jim Sermersheim <[email protected]>
Signed-off-by: Tigran Mkrtchyan <[email protected]>

Author: JimSermersheim

oncrpc4j-core/pom.xml

@@ -1,5 +1,5 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    
+
   <modelVersion>4.0.0</modelVersion>
 
   <parent>
@@ -42,10 +42,6 @@
           <groupId>org.glassfish.grizzly</groupId>
           <artifactId>grizzly-framework-monitoring</artifactId>
       </dependency>
-      <dependency>
-          <groupId>org.dcache.common</groupId>
-          <artifactId>dcache-auth</artifactId>
-      </dependency>
       <dependency>
           <groupId>com.google.guava</groupId>
           <artifactId>guava</artifactId>

oncrpc4j-core/src/main/java/org/dcache/oncrpc4j/portmap/OncRpcbindServer.java

@@ -19,24 +19,25 @@
  */
 package org.dcache.oncrpc4j.portmap;
 
-import java.io.IOException;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.Set;
-import java.util.function.Predicate;
-import javax.security.auth.kerberos.KerberosPrincipal;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.dcache.auth.UidPrincipal;
+import com.sun.security.auth.UnixNumericUserPrincipal;
 import org.dcache.oncrpc4j.rpc.OncRpcException;
+import org.dcache.oncrpc4j.rpc.RpcAuthType;
 import org.dcache.oncrpc4j.rpc.RpcCall;
 import org.dcache.oncrpc4j.rpc.RpcDispatchable;
-import org.dcache.oncrpc4j.rpc.RpcAuthType;
 import org.dcache.oncrpc4j.rpc.net.IpProtocolType;
 import org.dcache.oncrpc4j.rpc.net.netid;
 import org.dcache.oncrpc4j.xdr.XdrBoolean;
 import org.dcache.oncrpc4j.xdr.XdrVoid;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+import java.io.IOException;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.function.Predicate;
 
 
 public class OncRpcbindServer implements RpcDispatchable {
@@ -192,7 +193,7 @@ private String getOwner(RpcCall call) {
                 filter = p -> p.getClass() == KerberosPrincipal.class;
                 break;
             case RpcAuthType.UNIX:
-                filter = p -> p.getClass() == UidPrincipal.class;
+                filter = p -> p.getClass() == UnixNumericUserPrincipal.class;
                 break;
             default:
                 filter = p -> false;

oncrpc4j-core/src/main/java/org/dcache/oncrpc4j/rpc/RpcAuthTypeNone.java

@@ -19,21 +19,21 @@
  */
 package org.dcache.oncrpc4j.rpc;
 
+import org.dcache.oncrpc4j.xdr.XdrAble;
 import org.dcache.oncrpc4j.xdr.XdrDecodingStream;
 import org.dcache.oncrpc4j.xdr.XdrEncodingStream;
-import org.dcache.oncrpc4j.xdr.XdrAble;
-import java.io.IOException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+
 import javax.security.auth.Subject;
-import org.dcache.auth.Subjects;
+import java.io.IOException;
 
 public class RpcAuthTypeNone implements RpcAuth, XdrAble {
 
-    private final int _type =  RpcAuthType.NONE;
+    private final int _type = RpcAuthType.NONE;
     private byte[] body;
     private RpcAuthVerifier _verifier = new RpcAuthVerifier(RpcAuthType.NONE, new byte[0]);
-    private final Subject _subject = Subjects.NOBODY;
+    private final Subject _subject;
 
     private final static Logger _log = LoggerFactory.getLogger(RpcAuthTypeNone.class);
 
@@ -43,6 +43,8 @@ public RpcAuthTypeNone() {
 
     public RpcAuthTypeNone(byte[] body) {
         this.body = body;
+        _subject = new Subject();
+        _subject.setReadOnly();
     }
 
     @Override

oncrpc4j-core/src/main/java/org/dcache/oncrpc4j/rpc/RpcAuthTypeTls.java

@@ -26,7 +26,6 @@
 import org.dcache.oncrpc4j.xdr.XdrDecodingStream;
 import org.dcache.oncrpc4j.xdr.XdrEncodingStream;
 
-import org.dcache.auth.Subjects;
 
 /**
  *
@@ -35,6 +34,12 @@ public class RpcAuthTypeTls implements RpcAuth, XdrAble {
 
     private final static byte[] STARTTLS = "STARTTLS".getBytes(StandardCharsets.US_ASCII);
     private final RpcAuthVerifier verifier = new RpcAuthVerifier(RpcAuthType.NONE, STARTTLS);
+    private final Subject _subject;
+
+    public RpcAuthTypeTls() {
+        _subject = new Subject();
+        _subject.setReadOnly();
+    }
 
     @Override
     public int type() {
@@ -48,7 +53,7 @@ public RpcAuthVerifier getVerifier() {
 
     @Override
     public Subject getSubject() {
-        return Subjects.NOBODY;
+        return _subject;
     }
 
     @Override

oncrpc4j-core/src/main/java/org/dcache/oncrpc4j/rpc/RpcAuthTypeUnix.java

@@ -19,15 +19,19 @@
  */
 package org.dcache.oncrpc4j.rpc;
 
+import com.sun.security.auth.UnixNumericGroupPrincipal;
+import com.sun.security.auth.UnixNumericUserPrincipal;
+import org.dcache.oncrpc4j.xdr.XdrAble;
 import org.dcache.oncrpc4j.xdr.XdrDecodingStream;
 import org.dcache.oncrpc4j.xdr.XdrEncodingStream;
-import org.dcache.oncrpc4j.xdr.XdrAble;
-import java.io.IOException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import java.util.Arrays;
+
 import javax.security.auth.Subject;
-import org.dcache.auth.Subjects;
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Arrays;
+import java.util.Set;
 
 public class RpcAuthTypeUnix implements RpcAuth, XdrAble {
 
@@ -56,8 +60,7 @@ public RpcAuthTypeUnix(int uid, int gid, int[] gids, int stamp, String machine)
                 4/*machine len place holder*/ + _machine.length() +
                 ((4 - (_machine.length() & 3)) & 3) /*padding bytes*/+
                  + 4/*stamp*/;
-
-        _subject = Subjects.of(_uid, _gid, _gids);
+        _subject = buildUnixSubject(uid, gid, gids);
     }
 
     public void xdrDecode(XdrDecodingStream xdr) throws OncRpcException, IOException {
@@ -70,7 +73,18 @@ public void xdrDecode(XdrDecodingStream xdr) throws OncRpcException, IOException
         _gids = xdr.xdrDecodeIntVector();
         _verifier.xdrDecode(xdr);
 
-        _subject = Subjects.of(_uid, _gid, _gids);
+        _subject = buildUnixSubject(_uid, _gid, _gids);
+    }
+
+    private static Subject buildUnixSubject(int uid, int gid, int[] gids) {
+        final Subject unixSubject = new Subject();
+        final Set<Principal> principals = unixSubject.getPrincipals();
+        principals.add(new UnixNumericUserPrincipal(uid));
+        principals.add(new UnixNumericGroupPrincipal(gid, true));
+        for (int gidElem : gids) {
+            principals.add(new UnixNumericGroupPrincipal(gidElem, false));
+        }
+        return unixSubject;
     }
 
     @Override

pom.xml

@@ -43,39 +43,39 @@
       <module>oncrpc4j-portmapdaemon</module>
       <module>oncrpc4j-benchmark</module>
   </modules>
-  
+
   <properties>
     <!--  PROPERTIES FOR DEPENDENCIES
 	 Each property is constructed from the artifact name
 	 They are in alphabetical order for each subsection
     -->
-  
+
     <!--  version of plugins in pluginManagement -->
     <build-helper-maven-plugin.version>1.9.1</build-helper-maven-plugin.version>
     <exec-maven-plugin.version>1.6.0</exec-maven-plugin.version>
     <maven-pmd-plugin.version>3.0.1</maven-pmd-plugin.version>
-    
+
     <!--  version of other plugins-->
     <animal-sniffer-maven-plugin>1.15</animal-sniffer-maven-plugin>
     <maven-compiler-plugin.version>3.7.0</maven-compiler-plugin.version>
     <maven-jar-plugin.version>2.4</maven-jar-plugin.version>
     <maven-release-plugin>2.4.2</maven-release-plugin>
-    
+
     <!--  version of dependencies-->
     <dcache-auth.version>0.0.11</dcache-auth.version>
     <grizzly-framework.version>2.4.3</grizzly-framework.version>
     <guava.version>24.1-jre</guava.version>
     <slf4j-api.version>1.7.25</slf4j-api.version>
     <spring-context.version>5.1.0.RELEASE</spring-context.version>
     <bc.version>1.60</bc.version>
-    
+
     <!--  version of test dependencies  -->
     <junit.version>4.12</junit.version>
     <mockito-core.version>2.22.0</mockito-core.version>
     <logback-classic.version>1.2.3</logback-classic.version>
     <jmh.version>1.21</jmh.version>
   </properties>
-	
+
 
   <build>
 
@@ -233,11 +233,6 @@
               <artifactId>guava</artifactId>
               <version>${guava.version}</version>
           </dependency>
-          <dependency>
-              <groupId>org.dcache.common</groupId>
-              <artifactId>dcache-auth</artifactId>
-              <version>${dcache-auth.version}</version>
-          </dependency>
           <dependency>
               <groupId>org.slf4j</groupId>
               <artifactId>slf4j-api</artifactId>