All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.jboss.security.auth.message.config.JBossServerAuthConfig Maven / Gradle / Ivy

There is a newer version: 5.1.0.Final
Show newest version
/*
  * JBoss, Home of Professional Open Source
  * Copyright 2005, JBoss Inc., and individual contributors as indicated
  * by the @authors tag. See the copyright.txt in the distribution for a
  * full listing of individual contributors.
  *
  * This is free software; you can redistribute it and/or modify it
  * under the terms of the GNU Lesser General Public License as
  * published by the Free Software Foundation; either version 2.1 of
  * the License, or (at your option) any later version.
  *
  * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
package org.jboss.security.auth.message.config;

import java.lang.reflect.Constructor;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.config.AuthConfig;
import javax.security.auth.message.config.ServerAuthConfig;
import javax.security.auth.message.config.ServerAuthContext;
import javax.security.auth.message.module.ServerAuthModule;

import org.jboss.security.PicketBoxMessages;
import org.jboss.security.SecurityConstants;
import org.jboss.security.SecurityContext;
import org.jboss.security.auth.callback.JBossCallbackHandler;
import org.jboss.security.auth.container.config.AuthModuleEntry;
import org.jboss.security.auth.container.modules.DelegatingServerAuthModule;
import org.jboss.security.auth.login.AuthenticationInfo;
import org.jboss.security.auth.login.BaseAuthenticationInfo;
import org.jboss.security.auth.login.JASPIAuthenticationInfo;
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.ControlFlag;
import org.jboss.security.config.SecurityConfiguration;
import org.jboss.security.plugins.ClassLoaderLocator;
import org.jboss.security.plugins.ClassLoaderLocatorFactory;

//$Id$

/**
 *  Provides configuration for the server side
 *  @author Anil Saldhana
 *  @since  May 15, 2006 
 *  @version $Revision$
 */
public class JBossServerAuthConfig implements ServerAuthConfig
{
   private String layer;
   private String contextId;
   private CallbackHandler callbackHandler = new JBossCallbackHandler(); 
   @SuppressWarnings("rawtypes")
   private List modules = new ArrayList();
   @SuppressWarnings({"unused", "rawtypes"})
   private Map contextProperties;

   /**
    * Create a new JBossServerAuthConfig.
    * 
    * @param layer Message Layer
    * @param appContext Application Context
    * @param handler Callback Handler that will be passed to the modules
    * @param properties Context Properties
    */ 
   @SuppressWarnings("rawtypes")
   public JBossServerAuthConfig(String layer, String appContext,
         CallbackHandler handler, Map properties)
   {
      this.layer = layer;
      this.contextId = appContext;
      this.callbackHandler = handler;
      this.contextProperties = properties;
   }
   
   /**
    * @see ServerAuthConfig#getAuthContext(String, javax.security.auth.Subject, java.util.Map)
    */
   @SuppressWarnings({"rawtypes", "unchecked"})
   public ServerAuthContext getAuthContext(String authContextID,
         Subject serviceSubject, Map properties) 
   throws AuthException
   { 
      List controlFlags = new ArrayList();
      
      Map mapOptionsByName = new HashMap();
      SecurityContext securityContext = SecurityActions.getSecurityContext();
      String secDomain = null;
      if (securityContext != null)
      {
         secDomain = securityContext.getSecurityDomain();
      }
      else{
         secDomain = (String) properties.get("security-domain");
         if(secDomain == null)
            throw PicketBoxMessages.MESSAGES.failedToObtainSecDomainFromContextOrConfig();
      }
      
      String defaultAppDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
      //Get the modules from the SecurityConfiguration
      ApplicationPolicy ap = SecurityConfiguration.getApplicationPolicy(secDomain);
      if(ap == null)
      {
         ap = SecurityConfiguration.getApplicationPolicy(defaultAppDomain);
      }
      if(ap == null)
         throw PicketBoxMessages.MESSAGES.failedToObtainApplicationPolicy(secDomain);
      BaseAuthenticationInfo bai = ap.getAuthenticationInfo();
      if(bai == null)
         throw PicketBoxMessages.MESSAGES.failedToObtainAuthenticationInfo(secDomain);

      if(bai instanceof AuthenticationInfo)
      {
         //Need to get a wrapper
         ServerAuthModule sam = new DelegatingServerAuthModule();
         Map options = new HashMap();
         options.put("javax.security.auth.login.LoginContext", secDomain); //Name of sec domain
         sam.initialize(null, null, this.callbackHandler, options); 
         modules.add(sam);
      }
      else
      {
         JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo)bai;
         AuthModuleEntry[] amearr = jai.getAuthModuleEntry();

         // establish the module classloader if a jboss-module has been specified.
         ClassLoader moduleCL = null;
         List jbossModuleNames = jai.getJBossModuleNames();
         if (!jbossModuleNames.isEmpty())
         {
            ClassLoaderLocator locator = ClassLoaderLocatorFactory.get();
            if (locator != null)
               moduleCL = locator.get(jbossModuleNames);
         }

         for(AuthModuleEntry ame: amearr)
         {
            if(ame.getLoginModuleStackHolderName() != null)
            {
               try
               {
                  mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
                  controlFlags.add(ame.getControlFlag());   
                  ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName(), 
                        ame.getLoginModuleStackHolderName());
                  
                  Map options = new HashMap();
                  
                  sam.initialize(null, null, callbackHandler, options);
                  modules.add(sam);
               }
               catch (Exception e)
               {
                  throw new AuthException(e.getLocalizedMessage());
               }
            }
            else
            {
               try
               {
                  mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions());
                  controlFlags.add(ame.getControlFlag());             
                  ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName());
                  
                  Map options = new HashMap(); 
                  sam.initialize(null, null, callbackHandler, options);
                  modules.add(sam);
               }
               catch (Exception e)
               {
                  throw new AuthException(e.getLocalizedMessage());
               }
            }
         } 
      } 
       
      JBossServerAuthContext serverAuthContext = new JBossServerAuthContext(modules, mapOptionsByName, this.callbackHandler);
      serverAuthContext.setControlFlags(controlFlags);
      return serverAuthContext;
   }
 
   /**
    * @see AuthConfig#getAppContext()
    */
   public String getAppContext()
   { 
      return this.contextId;
   } 
   
   /**
    * @see AuthConfig#getMessageLayer()
    */
   public String getMessageLayer()
   {
      return this.layer;
   }
 

   /**
    * @see AuthConfig#refresh()
    */
   public void refresh()
   { 
   } 
   
   //Custom Methods
   @SuppressWarnings({ "rawtypes"})
   public List getServerAuthModules()
   {
      return this.modules ;
   }

   public String getAuthContextID(MessageInfo messageInfo)
   {
      return this.contextId;
   }

   public boolean isProtected()
   {
      throw new UnsupportedOperationException();
   }  
 
   @SuppressWarnings({"rawtypes", "unchecked"})
   private ServerAuthModule createSAM(ClassLoader moduleCL, String name )
   throws Exception
   {
      Class clazz = SecurityActions.loadClass(moduleCL, name);
      Constructor ctr = clazz.getConstructor(new Class[0]);
      return (ServerAuthModule) ctr.newInstance(new Object[0]);
   }
   
   @SuppressWarnings({"unchecked", "rawtypes"})
   private ServerAuthModule createSAM(ClassLoader moduleCL, String name, String lmshName )
   throws Exception
   {
      Class clazz = SecurityActions.loadClass(moduleCL, name);
      Constructor ctr = clazz.getConstructor(new Class[]{String.class});
      return (ServerAuthModule) ctr.newInstance(new Object[]{lmshName});
   }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy