All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.jboss.security.SecurityContextFactory Maven / Gradle / Ivy

There is a newer version: 5.1.0.Final
Show newest version
/*
  * JBoss, Home of Professional Open Source
  * Copyright 2005, JBoss Inc., and individual contributors as indicated
  * by the @authors tag. See the copyright.txt in the distribution for a
  * full listing of individual contributors.
  *
  * This is free software; you can redistribute it and/or modify it
  * under the terms of the GNU Lesser General Public License as
  * published by the Free Software Foundation; either version 2.1 of
  * the License, or (at your option) any later version.
  *
  * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
package org.jboss.security;

import java.lang.reflect.Constructor;
import java.security.Principal;
import javax.security.auth.Subject;
 

/**
 *  Factory class to create Security Context instances
 *  @author Anil Saldhana
 *  @since  Dec 28, 2006 
 *  @version $Revision$
 */
@SuppressWarnings("unchecked")
public class SecurityContextFactory
{
   private static final Class[] CONTEXT_CONSTRUCTOR_TYPES = new Class[]{String.class};

   private static final Class[] CONTEXT_UTIL_CONSTRUCTOR_TYPES = new Class[]{SecurityContext.class};

   private static String defaultFQN = "org.jboss.security.plugins.JBossSecurityContext";
   
   private static String defaultUtilClassFQN = "org.jboss.security.plugins.JBossSecurityContextUtil";
   
   private static Class defaultSecurityContextClass = null;

   private static Constructor defaultSecurityContextConstructor = null;

   private static Class defaultUtilClass = null;

   private static Constructor defaultUtilConstructor =  null;
   
   /**
    * Classloader.loadClass is a synchronized method in the JDK. Under heavy concurrent requests,
    * a loadClass() operation can be extremely troublesome for performance
    */
   static
   {
      try
      {
         defaultSecurityContextClass = (Class) SecuritySPIActions.getCurrentClassLoader(SecurityContextFactory.class).loadClass(defaultFQN);
      }
      catch(Exception ignore)
      {
         try
         {
            defaultSecurityContextClass = (Class) SecuritySPIActions.getContextClassLoader().loadClass(defaultFQN);
         }
         catch (Exception e)
         {
         }
      }
      try
      {
         defaultUtilClass = (Class) SecuritySPIActions.getCurrentClassLoader(SecurityContextFactory.class).loadClass(defaultUtilClassFQN);
      }
      catch(Exception ignore)
      {
         try
         {
            defaultUtilClass = (Class) SecuritySPIActions.getContextClassLoader().loadClass(defaultUtilClassFQN);
         }
         catch(Exception e)
         {
         }
      }
      if (defaultSecurityContextClass != null) {
         try
         {
            defaultSecurityContextConstructor = (Constructor) defaultSecurityContextClass.getConstructor(CONTEXT_CONSTRUCTOR_TYPES);
         }
         catch(Exception e)
         {
         }
      }
   }

   /**
    * Create a security context 
    * @param securityDomain Security Domain driving the context
    * @return
    * @throws Exception 
    */
   public static SecurityContext createSecurityContext(String securityDomain) throws Exception
   {
      if (defaultSecurityContextConstructor != null)
          return createSecurityContext(securityDomain, defaultSecurityContextConstructor);
      if(defaultSecurityContextClass != null)
         return createSecurityContext(securityDomain, defaultSecurityContextClass);
      return createSecurityContext(securityDomain, defaultFQN, SecuritySPIActions.getCurrentClassLoader(SecurityContextFactory.class));
   }
   
   /**
    * Create a security context 
    * @param securityDomain Security Domain driving the context
    * @param classLoader ClassLoader to use
    * @return
    * @throws Exception 
    */
   public static SecurityContext createSecurityContext(String securityDomain, ClassLoader classLoader) throws Exception
   {
      if (defaultSecurityContextConstructor != null)
         return createSecurityContext(securityDomain, defaultSecurityContextConstructor);
      if(defaultSecurityContextClass != null)
         return createSecurityContext(securityDomain, defaultSecurityContextClass);
      return createSecurityContext(securityDomain, defaultFQN, classLoader);
   }
   
   /**
    * Construct a SecurityContext
    * @param securityDomain  The Security Domain
    * @param fqnClass  Fully Qualified Name of the SecurityContext Class
    * @return an instance of SecurityContext
    * @throws Exception
    */
   public static SecurityContext createSecurityContext(String securityDomain,
         String fqnClass) throws Exception
   {
      return createSecurityContext(securityDomain, fqnClass, SecuritySPIActions.getCurrentClassLoader(SecurityContextFactory.class));
   }
   
   /**
    * Construct a SecurityContext
    * @param securityDomain  The Security Domain
    * @param fqnClass  Fully Qualified Name of the SecurityContext Class
    * @param classLoader ClassLoader to use
    * @return an instance of SecurityContext
    * @throws Exception
    */
   public static SecurityContext createSecurityContext(String securityDomain,
         String fqnClass, ClassLoader classLoader) throws Exception
   {
      if(securityDomain == null)
         throw PicketBoxMessages.MESSAGES.invalidNullArgument("security domain");
      if(fqnClass == null)
         throw PicketBoxMessages.MESSAGES.invalidNullArgument("fqnClass");
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createSecurityContext"));
      }
      defaultSecurityContextClass = getContextClass(fqnClass, classLoader);
      defaultSecurityContextConstructor = (Constructor) defaultSecurityContextClass.getConstructor(CONTEXT_CONSTRUCTOR_TYPES);
      return createSecurityContext(securityDomain, defaultSecurityContextConstructor);
   }
   
   
   /**
    * Create a security context given the class
    * This method exists because classloader.loadClass is an expensive
    * operation due to synchronization
    * @param securityDomain
    * @param clazz
    * @return
    * @throws Exception
    */
   public static SecurityContext createSecurityContext(String securityDomain,
         Class clazz) throws Exception
   {
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createSecurityContext"));
      }
      if(securityDomain == null)
         throw PicketBoxMessages.MESSAGES.invalidNullArgument("security domain");
       if(clazz == null)
         throw PicketBoxMessages.MESSAGES.invalidNullArgument("clazz");
      //Get the CTR
      Constructor ctr = clazz.getConstructor(CONTEXT_CONSTRUCTOR_TYPES);
      return ctr.newInstance(securityDomain);
   }

   private static SecurityContext createSecurityContext(String securityDomain, Constructor constructor) throws Exception
   {
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createSecurityContext"));
      }
      if (securityDomain == null)
         throw PicketBoxMessages.MESSAGES.invalidNullArgument("security domain");
      if (constructor == null)
         throw PicketBoxMessages.MESSAGES.invalidNullArgument("constructor");
      return constructor.newInstance(securityDomain);
   }

   /**
    * Create a security context
    * @param p Principal
    * @param cred Credential
    * @param s Subject
    * @param securityDomain SecurityDomain
    * @return
    * @throws Exception 
    * @see #createSecurityContext(String)
    */
   public static SecurityContext createSecurityContext(Principal p, 
         Object cred, Subject s, String securityDomain) throws Exception
   {
      return createSecurityContext(p, cred, s, securityDomain, SecuritySPIActions.getCurrentClassLoader(SecurityContextFactory.class));
   }
   
   /**
    * Create a security context
    * @param p Principal
    * @param cred Credential
    * @param s Subject
    * @param securityDomain SecurityDomain
    * @param classLoader ClassLoader to use
    * @return
    * @throws Exception 
    * @see #createSecurityContext(String)
    */
   public static SecurityContext createSecurityContext(Principal p, 
         Object cred, Subject s, String securityDomain, ClassLoader classLoader) throws Exception
   {
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createSecurityContext"));
      }
      SecurityContext jsc = createSecurityContext(securityDomain, classLoader);
      jsc.getUtil().createSubjectInfo(p,cred,s);
      return jsc;
   }
   
   /**
    * Create a security context
    * @param p Principal
    * @param cred Credential
    * @param s Subject
    * @param securityDomain SecurityDomain
    * @param fqnClass FQN of the SecurityContext class to be instantiated
    * @param classLoader ClassLoader to use
    * @return
    * @see #createSecurityContext(String)
    * @throws Exception
    */
   public static SecurityContext createSecurityContext(Principal p, 
         Object cred,Subject s, String securityDomain, String fqnClass, ClassLoader classLoader) 
   throws Exception
   {
      SecurityContext sc = createSecurityContext(securityDomain, fqnClass, classLoader);
      sc.getUtil().createSubjectInfo(p,cred,s);
      return sc;
   }
   
   /**
    * Return an instance of the SecurityContextUtil
    * @param sc SecurityContext
    * @return
    */
   public static SecurityContextUtil createUtil(SecurityContext sc) throws Exception
   {
       SecurityManager sm = System.getSecurityManager();
       if (sm != null) {
           sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createUtil"));
       }
       Constructor ctr = defaultUtilConstructor;

       if(ctr == null)
       {
           Class clazz = (Class) loadClass(defaultUtilClassFQN,  SecuritySPIActions.getCurrentClassLoader(SecurityContextFactory.class));
           defaultUtilClass = clazz;
           ctr = defaultUtilConstructor = (Constructor) clazz.getConstructor(CONTEXT_UTIL_CONSTRUCTOR_TYPES);
       }
       return ctr.newInstance(sc);
   }
   
   /**
    * Return an instance of the SecurityContextUtil
    * @param sc SecurityContext
    * @param classLoader ClassLoader to use
    * @return
    */
   public static SecurityContextUtil createUtil(SecurityContext sc, ClassLoader classLoader) throws Exception
   {
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createUtil"));
      }
      Constructor ctr = defaultUtilConstructor;
      
      if(ctr == null)
      {
         Class clazz = (Class) loadClass(defaultUtilClassFQN, classLoader);
         defaultUtilClass = clazz;
         ctr = defaultUtilConstructor = (Constructor) clazz.getConstructor(CONTEXT_UTIL_CONSTRUCTOR_TYPES);
      }
      
      return ctr.newInstance(sc);
   }
   
   /**
    * Return an instance of the SecurityContextUtil given a FQN of the util class
    * @param sc SecurityContext
    * @param utilFQN fqn of the util class
    * @return
    */ 
   public static SecurityContextUtil createUtil(SecurityContext sc, String utilFQN) throws Exception
   {
      return createUtil(sc, utilFQN, SecuritySPIActions.getCurrentClassLoader(SecurityContextFactory.class));
   }
   
   /**
    * Return an instance of the SecurityContextUtil given a FQN of the util class
    * @param sc SecurityContext
    * @param utilFQN fqn of the util class
    * @param classLoader ClassLoader to use
    * @return
    */ 
   public static SecurityContextUtil createUtil(SecurityContext sc, String utilFQN, ClassLoader classLoader) throws Exception
   {
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createUtil"));
      }
      Class clazz = loadClass(utilFQN, classLoader);
      //Get the CTR
      Constructor ctr = 
         (Constructor) clazz.getConstructor(CONTEXT_UTIL_CONSTRUCTOR_TYPES);
      return ctr.newInstance(sc);
   }
   
   /**
    * Return an instance of the SecurityContextUtil given a Class instance of the util class
    * @param sc SecurityContext
    * @return
    */
   public static SecurityContextUtil createUtil(SecurityContext sc, 
         Class utilClazz) throws Exception
   {
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createUtil"));
      }
      //Get the CTR
      Constructor ctr = utilClazz.getConstructor(new Class[]{SecurityContext.class});
      return ctr.newInstance(new Object[]{sc}); 
   }
   
   /**
    * Set the default security context fqn
    * @param fqn
    */
   public static void setDefaultSecurityContextFQN(String fqn)
   {
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".setDefaultSecurityContextFQN"));
      }
      defaultFQN = fqn;
      defaultSecurityContextClass = null;
      defaultSecurityContextConstructor = null;
   }
   
   
   /**
    * Set the default util class fqn
    * @param fqn
    */
   public static void setDefaultSecurityContextUtilFQN(String fqn)
   {
      SecurityManager sm = System.getSecurityManager();
      if (sm != null) {
         sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".setDefaultSecurityContextUtilFQN"));
      }
      defaultUtilClassFQN = fqn;
      defaultUtilClass = null; //reset
      defaultUtilConstructor = null;
   }
   
   /**
    * Load a class
    * @param fqn
    * @param classLoader
    * @return
    * @throws Exception
    */
   private static Class loadClass(String fqn, ClassLoader classLoader) throws Exception
   {
      try
      {
         return classLoader.loadClass(fqn);
      }
      catch (Exception e)
      {
         ClassLoader tcl = SecuritySPIActions.getContextClassLoader();
         return tcl.loadClass(fqn);
      }
   }
    
   private static Class getContextClass(String className, ClassLoader classLoader) throws Exception
   {
      try
      {
         return (Class) classLoader.loadClass(className);
      }
      catch (Exception e)
      {
         ClassLoader tcl = SecuritySPIActions.getContextClassLoader();
         return (Class) tcl.loadClass(className);
      }
   }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy