Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
/**
* EasyBeans
* Copyright (C) 2006 Bull S.A.S.
* Contact: [email protected]
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
* USA
*
* --------------------------------------------------------------------------
* $Id: JOnASSecurityContext.java 5369 2010-02-24 14:58:19Z benoitf $
* --------------------------------------------------------------------------
*/
package org.ow2.easybeans.security.propagation.jonas;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.Principal;
import java.security.acl.Group;
import javax.security.auth.Subject;
import org.ow2.easybeans.security.api.EZBSecurityContext;
import org.ow2.easybeans.security.struct.JPrincipal;
/**
* Wrapper class for the JOnAS security.
* It will propagate and read JOnAS security context.
* @author Florent Benoit
*/
public class JOnASSecurityContext implements EZBSecurityContext {
/**
* Wrapped security context of JOnAS.
*/
private Object jonasSecurityContext = null;
/**
* Builds a security context around JOnAS security context.
* @param jonasSecurityContext the JOnAS context
*/
public JOnASSecurityContext(final Object jonasSecurityContext) {
this.jonasSecurityContext = jonasSecurityContext;
}
/**
* Gets the caller's principal.
* @param runAsBean if true, the bean is a run-as bean.
* @return principal of the caller.
*/
public Principal getCallerPrincipal(final boolean runAsBean) {
Method m = null;
try {
m = jonasSecurityContext.getClass().getMethod("getCallerPrincipal", new Class[] {boolean.class});
} catch (SecurityException e) {
throw new IllegalStateException("Cannot get the method getCallerPrincipal on the JOnAS security context", e);
} catch (NoSuchMethodException e) {
throw new IllegalStateException("Cannot get the method getCallerPrincipal on the JOnAS security context", e);
}
try {
return (Principal) m.invoke(jonasSecurityContext, Boolean.valueOf(runAsBean));
} catch (IllegalArgumentException e) {
throw new IllegalStateException("Cannot call getCallerPrincipal method on the JOnAS security context", e);
} catch (IllegalAccessException e) {
throw new IllegalStateException("Cannot call getCallerPrincipal method on the JOnAS security context", e);
} catch (InvocationTargetException e) {
throw new IllegalStateException("Cannot call getCallerPrincipal method on the JOnAS security context", e);
}
}
/**
* Gets the caller's roles.
* @param runAsBean if true, the bean is a run-as bean.
* @return array of roles of the caller.
*/
public Principal[] getCallerRoles(final boolean runAsBean) {
Method m = null;
try {
m = jonasSecurityContext.getClass().getMethod("getCallerPrincipalRoles", new Class[] {boolean.class});
} catch (SecurityException e) {
throw new IllegalStateException("Cannot get the method getCallerPrincipalRoles on the JOnAS security context", e);
} catch (NoSuchMethodException e) {
throw new IllegalStateException("Cannot get the method getCallerPrincipalRoles on the JOnAS security context", e);
}
String[] roles = null;
try {
roles = (String[]) m.invoke(jonasSecurityContext, Boolean.valueOf(runAsBean));
} catch (IllegalArgumentException e) {
throw new IllegalStateException("Cannot call getCallerPrincipalRoles method on the JOnAS security context", e);
} catch (IllegalAccessException e) {
throw new IllegalStateException("Cannot call getCallerPrincipalRoles method on the JOnAS security context", e);
} catch (InvocationTargetException e) {
throw new IllegalStateException("Cannot call getCallerPrincipalRoles method on the JOnAS security context", e);
}
if (roles == null) {
throw new IllegalStateException("No roles found on the JOnAS security context");
}
Principal[] principals = new Principal[roles.length];
int i = 0;
for (String role : roles) {
principals[i++] = new JPrincipal(role);
}
return principals;
}
/**
* Enters in run-as mode with the given subject.
* The previous subject is stored and will be restored when run-as mode will
* be ended.
* @param runAsSubject the subject to used in run-as mode.
* @return the previous subject.
*/
public Subject enterRunAs(final Subject runAsSubject) {
Method m = null;
try {
m = jonasSecurityContext.getClass().getMethod("pushRunAs", new Class[] {String.class, String.class, String[].class});
} catch (SecurityException e) {
throw new IllegalStateException("Cannot get the method pushRunAs on the JOnAS security context", e);
} catch (NoSuchMethodException e) {
throw new IllegalStateException("Cannot get the method pushRunAs on the JOnAS security context", e);
}
// Get principal name from subject
String principalName = null;
for (Principal principal : runAsSubject.getPrincipals(Principal.class)) {
if (!(principal instanceof Group)) {
principalName = principal.getName();
break;
}
}
// Get role from subject
String role = null;
for (Principal principal : runAsSubject.getPrincipals(Principal.class)) {
if (principal instanceof Group) {
role = ((Group) principal).members().nextElement().getName();
}
}
try {
m.invoke(jonasSecurityContext, role, principalName, new String[] {role});
} catch (IllegalArgumentException e) {
throw new IllegalStateException("Cannot call pushRunAs method on the JOnAS security context", e);
} catch (IllegalAccessException e) {
throw new IllegalStateException("Cannot call pushRunAs method on the JOnAS security context", e);
} catch (InvocationTargetException e) {
throw new IllegalStateException("Cannot call pushRunAs method on the JOnAS security context", e);
}
// Not used with JOnAS security context
return null;
}
/**
* Ends the run-as mode and then restore the context stored by container.
* @param oldSubject subject kept by container and restored.
*/
public void endsRunAs(final Subject oldSubject) {
Method m = null;
try {
m = jonasSecurityContext.getClass().getMethod("popRunAs");
} catch (SecurityException e) {
throw new IllegalStateException("Cannot get the method popRunAs on the JOnAS security context", e);
} catch (NoSuchMethodException e) {
throw new IllegalStateException("Cannot get the method popRunAs on the JOnAS security context", e);
}
try {
m.invoke(jonasSecurityContext);
} catch (IllegalArgumentException e) {
throw new IllegalStateException("Cannot call popRunAs method on the JOnAS security context", e);
} catch (IllegalAccessException e) {
throw new IllegalStateException("Cannot call popRunAs method on the JOnAS security context", e);
} catch (InvocationTargetException e) {
throw new IllegalStateException("Cannot call popRunAs method on the JOnAS security context", e);
}
}
}
