org.apache.turbine.util.pool.Recyclable
is replaced by org.apache.fulcrum.pool.Recyclable
org.apache.turbine.util.parser.CookieParser
is replaced by org.apache.fulcrum.parser.CookieParser
org.apache.turbine.util.parser.ParameterParser
is replaced by org.apache.fulcrum.parser.ParameterParser
org.apache.turbine.util.pool.Recyclable
is replaced by org.apache.fulcrum.pool.Recyclable
org.apache.turbine.services.pool.TurbinePool
is replaced by org.apache.fulcrum.pool.PoolService
RunData
now extends PipelineData
org.apache.turbine.om.security.Group
is replaced by org.apache.fulcrum.security.entity.Group
org.apache.turbine.om.security.Role
is replaced by org.apache.fulcrum.security.entity.Role
org.apache.turbine.om.security.Permission
is replaced by org.apache.fulcrum.security.entity.Permission
org.apache.turbine.util.security.GroupSet
is replaced by org.apache.fulcrum.security.util.GroupSet
org.apache.turbine.util.security.RoleSet
is replaced by org.apache.fulcrum.security.util.RoleSet
org.apache.turbine.util.security.PermissionSet
is replaced by org.apache.fulcrum.security.util.PermissionSet
org.apache.turbine.util.security.AccessControlList
is replaced by org.apache.fulcrum.security.acl.AccessControlList
org.apache.turbine.util.security.DataBackendException
is replaced by org.apache.fulcrum.security.util.DataBackendException
org.apache.turbine.util.security.EntityExistsException
is replaced by org.apache.fulcrum.security.util.EntityExistsException
org.apache.turbine.util.security.PasswordMismatchException
is replaced by org.apache.fulcrum.security.util.PasswordMismatchException
org.apache.turbine.util.security.UnknownEntityException
is replaced by org.apache.fulcrum.security.util.UnknownEntityException
org.apache.turbine.util.security.TurbineSecurityException
is replaced by org.apache.fulcrum.security.util.FulcrumSecurityException
org.apache.turbine.services.schedule.JobEntry
is now an interface and no longer depends on org.apache.torque.om.Persistent
SchedulerService
contains a factory method for new jobs
RunData
-related module methods have been removed.
RunData
should be derived from LegacyVelocityAction
, LegacyVelocitySecureAction
, LegacyVelocityScreen
and LegacyVelocitySecureScreen
, respectively
Updated content from Turbine developer mailing list discussion (Fri, 08 Jul 2016 11:11:50 GMT).
Introduction
Security/Authentication is now separated and moved into Fulcrum Security. To get a better understanding...
... I started with a user model as an example and sketching the situations with some (pseudo) code. User instantiation is the first place, where a new user model comes into place - may be a good starting point.
To get a new user instance in
consider this (pseudocode) examples in
org.apache.turbine.services.security.TurbineSecurity.getUserInstance() { return getService().getUserInstance() } |
service
could be e.g. org.apache.turbine.services.security.BaseSecurityService
and the userInstance
looks like
return (org.apache.turbine.om.security.User) getUserClass().newInstance(); |
userClass / userInstance
is configured in Turbine configuration e.g. setting
services.SecurityService.user.class= org.apache.turbine.om.security.TurbineUser |
org.apache.turbine.om.security.User |
services.SecurityService.user.manager = org.apache.turbine.services.security.DefaultUserManager |
getUserInstance
has a wrapped user instance:
TurbineUser u = umDelegate.getUserInstance(); (1) return wrap(u); (2) |
(1) umDelegate object implements
org.apache.fulcrum.security.model.turbine.TurbineUserManager
(e.g. org.apache.fulcrum.security.torque.turbine.TorqueTurbineUserManagerImpl
. Configuration is in Fulcrum roleConfiguration.xml.
<role name="org.apache.fulcrum.security.UserManager" default-class="<umDelegate>">
.
The userInstance delegates further e.g. in
org.apache.fulcrum.security.spi.AbstractUserManager.getUserInstance()
and may look like this
return T user = (T) Class.forName(getClassName()).newInstance(); |
where the className is configured in Fulcrum XML configuration (componentConfiguration.xml.)
<userManager><className> |
, which becomes the userDelegate
in DefaultUserImpl
(2) Since Turbine 4.0 wrap
code looks like
return (U) getUserWrapper(user); |
It just wraps the user object to keep the contract, by default
org.apache.turbine.om.security.DefaultUserImpl
is an implementation of
org.apache.turbine.om.security.User
and wraps the userDelegate
org.apache.fulcrum.security.model.turbine.entity.TurbineUser
as configured in Fulcrum componentConfiguration.xml.
The contract interface is <T extends org.apache.turbine.om.security.User>
.
Interfaces
This is may be the most interesting part to understand, as the same User interface has been broken up and the semantics changed a little bit.
org.apache.turbine.om.security.TurbineUser |
org.apache.turbine.om.security.User
(properties: password, email, firstName, lastName, confirmed, createDate, loggedin, accessCounter, perm, temp, updateLastLogin, tempStorage,permStorage
)org.apache.turbine.om.security.SecurityEntity
(properties: name, id, idAsObject
)org.apache.turbine.om.security.User
(properties: confirmed, createDate, loggedin, accessCounter, perm, temp, updateLastLogin, tempStorage,permStorage
)org.apache.fulcrum.security.model.turbine.entity.TurbineUser
org.apache.fulcrum.security.entity.ExtendedUser
(properties: email, firstName, lastName, objectData
).. org.apache.fulcrum.security.entity.User
(property: password
)org.apache.fulcrum.security.entity.SecurityEntity
(properties: name,id
)org.apache.fulcrum.security.model.turbine.entity.TurbineUserGroupRoleEntity
(properties: userGroupRoleSet, add-/removeUserGroupRoleSet
)As a result there is now NO TurbineUser
class any more (except occasionally a ORM generated class), but instead a new interface (in a different package) with some additional methods (cft. TurbineUserGroupRoleEntity
) is present. This makes sense as the TurbineUser
is now a special case in Fulcrum Security.
Default classes
org.apache.turbine.om.security.TurbineUser implements org.apache.turbine.om.security.User
org.apache.turbine.om.security.DefaultUserImpl implements org.apache.turbine.om.security.User
More Delegates
org.apache.fulcrum.security.model.turbine.entity.impl.TurbineUserImpl
(properties: email, firstName, lastName, password, objectData
) Interfaces -> org.apache.fulcrum.security.model.turbine.entity.TurbineUser
org.apache.fulcrum.security.entity.impl.SecurityEntityImpl
(properties: equals, hashCode, toString
)org.apache.fulcrum.security.entity.SecurityEntity
(properties: id, name
)
Caveats
Moved properties
The getter/setter for email, firstName, lastName, password
moved from
org.apache.turbine.om.security.User
to the new interface org.apache.fulcrum.security.model.turbine.entity.TurbineUser
.
Password
is now in an interface org.apache.fulcrum.security.entity.User
of its own, the other setter/getter methods are in
org.apache.fulcrum.security.entity.ExtendedUser
.
Name
and Id
org.apache.turbine.om.security.SecurityEntity
org.apache.fulcrum.security.entity.SecurityEntity
The id
getter/setter methods expect now an Object, while in Turbine M1 version an int primitive type was expected. The old version had a special accessor idAsObject
, which is now removed.
The new model properties entityId
and entityName
correspond probably to id
and name
in some way..
Old and New
Turbine Interface: org.apache.turbine.om.security.User
.
Old implementation class: org.apache.turbine.om.security.TurbineUser
.
New implementation class: org.apache.turbine.om.security.DefaultUserImpl
.
New extracted Fulcrum interface: org.apache.fulcrum.security.model.turbine.entity.TurbineUser
.
New (example) implementation class: org.apache.fulcrum.security.model.turbine.entity.impl.TurbineUserImpl
.
Another implementation class is org.apache.fulcrum.security.torque.turbine.TorqueAbstractTurbineUser
,
which provides some extra methods (delete, databaseName, entityId, entityName, update, retrieveAttachedObjects
, cft.
org.apache.fulcrum.security.torque.TorqueAbstractSecurityEntity
).
ExtendedUser
org.apache.fulcrum.security.entity.ExtendedUser
contains org.apache.fulcrum.security.entity.User
(password
only getter/setter property).
Torque
Building Torque ORM with
<table name="turbine_user" idMethod="native" baseClass="<baseClass>" interface="org.apache.fulcrum.security.model.turbine.entity.TurbineUser"> |
could be done using as base class, but it´s NOT required. Example options for baseClass
e.g.:
org.apache.fulcrum.security.model.turbine.entity.impl.TurbineUserImpl
org.apache.fulcrum.security.torque.security.TorqueAbstractSecurityEntity
org.apache.fulcrum.security.torque.turbine.TorqueAbstractTurbineUser
In this example the generated class in this case is just named TurbineUser by default.
SecurityService, UserManager
Both could be found in Turbine and Fulcrum. As said in \[http://turbine.apache.org/turbine/turbine-4.0-M2/services/security-service.html\] Fulcrum Managers are just delegates and should/could only be used from Turbine services in Turbine context. |
More Examples
org.apache.turbine.services.security.SecurityService
(userInstance, getUser..
)
org.apache.turbine.services.security.UserManager
(userInstance, authenticate
org.apache.fulcrum.security.SecurityService
(userManager, ..
)
org.apache.fulcrum.security.UserManager
(userInstance, authenticate
Introduction
If you have to map colums other than firstName, lastName, email, password
to a table you have to implement your own wrapper and set in TR.properties. PermStorage
is by default considered in Fulcrum just "as is", i.e. it is saved only in objectData
.
Configuration
Fulcrum user:
Turbine userDelegate: Fulcrum <userManager><className>
componentConfiguration.xml
Turbine wrapper optional if you have additional columns:
Turbine wrapper:
services.SecurityService.wrapper.class= |
in TR.properties.
Background
Fulcrum security package just saves the permStorage
in objectData
by default.
(Pseudo) Code example
Turbine
DefaultUserManager store(User user) user.setObjectdata(ObjectUtils.serializeMap(user.getPermStorage())); umDelegate.saveUser(((TurbineUserDelegate)user).getUserDelegate()); |
calls Fulcrum e.g. TorqueAbstractUserManager
saveUser(User user) |
TorqueAbstractSecurityEntity u = (TorqueAbstractSecurityEntity)user; u.setNew(false); u.save(); |
u
is the Fulcrum user class, which the user can set (the userDelegate
).
If this user has additional properties they are not set, as permStorage
is saved only in objectData
by default.