[jboss-cvs] JBossAS SVN: r64295 - projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Jul 26 02:28:58 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-07-26 02:28:58 -0400 (Thu, 26 Jul 2007)
New Revision: 64295
Added:
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/SunConfigParser.jj
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/XMLLoginConfigImpl.java
Modified:
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/BaseAuthenticationInfo.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/JASPIAuthenticationInfo.java
Log:
config changes
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/BaseAuthenticationInfo.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/BaseAuthenticationInfo.java 2007-07-26 06:27:33 UTC (rev 64294)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/BaseAuthenticationInfo.java 2007-07-26 06:28:58 UTC (rev 64295)
@@ -37,7 +37,7 @@
* A Set of modules - either LoginModules or AuthModules
* In the form of AppConfigurationEntry or AuthModuleEntry
*/
- protected ArrayList moduleEntries = new ArrayList();
+ protected List moduleEntries = new ArrayList();
protected String name;
@@ -60,4 +60,9 @@
{
this.moduleEntries.addAll(moduleEntries);
}
+
+ public List getModuleEntries()
+ {
+ return this.moduleEntries;
+ }
}
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/JASPIAuthenticationInfo.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/JASPIAuthenticationInfo.java 2007-07-26 06:27:33 UTC (rev 64294)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/JASPIAuthenticationInfo.java 2007-07-26 06:28:58 UTC (rev 64295)
@@ -21,6 +21,7 @@
*/
package org.jboss.security.auth.login;
+import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
@@ -73,7 +74,15 @@
return info;
}
+ public LoginModuleStackHolder[] getLoginModuleStackHolder()
+ {
+ ArrayList alist = new ArrayList(this.loginModuleStack.values());
+ LoginModuleStackHolder[] lmshArr = new LoginModuleStackHolder[alist.size()];
+ alist.toArray(lmshArr);
+ return lmshArr;
+ }
+
public LoginModuleStackHolder removeLoginModuleStackHolder(String name)
{
LoginModuleStackHolder info = (LoginModuleStackHolder) loginModuleStack.remove(name);
Added: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/SunConfigParser.jj
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/SunConfigParser.jj (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/SunConfigParser.jj 2007-07-26 06:28:58 UTC (rev 64295)
@@ -0,0 +1,265 @@
+/* JBoss, the OpenSource J2EE WebOS
+ *
+ * Distributable under LGPL license.
+ * See terms of license at gnu.org.
+ */
+
+options {
+ LOOKAHEAD=1;
+ DEBUG_PARSER=true;
+ DEBUG_LOOKAHEAD=true;
+ DEBUG_TOKEN_MANAGER=false;
+}
+
+PARSER_BEGIN(SunConfigParser)
+
+package org.jboss.security.auth.login;
+
+import java.io.Reader;
+import java.io.StringReader;
+import java.util.ArrayList;
+import java.util.HashMap;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+
+/**
+ * A JavaCC 2.1 grammar for the default JAAS configuration file provided by Sun.
+ * The format of an entry is:
+ Application {
+ ModuleClass Flag ModuleOptions;
+ ModuleClass Flag ModuleOptions;
+ ModuleClass Flag ModuleOptions;
+ };
+
+ * @see http://www.webgain.com/products/metamata/java_doc.html
+ *
+ * @author Scott.Stark at jboss.org
+ * @version $Revision: 16662 $
+ */
+public class SunConfigParser
+{
+ private XMLLoginConfigImpl loginConfig;
+
+ public SunConfigParser()
+ {
+ // keep the parser from feaking out, init using one of
+ // the JavaCC generated constructor
+ this(new StringReader(""));
+ }
+
+ public void parse(Reader configFile, XMLLoginConfigImpl loginConfig)
+ throws ParseException
+ {
+ parse(configFile, loginConfig, false);
+ }
+
+ public void parse(Reader configFile, XMLLoginConfigImpl loginConfig, boolean trace)
+ throws ParseException
+ {
+ ReInit(configFile);
+
+ // This will have no effect unless the debugging options are true
+ if (trace)
+ {
+ this.enable_tracing();
+ }
+ else
+ {
+ this.disable_tracing();
+ }
+
+ this.loginConfig = loginConfig;
+ this.config();
+ }
+
+ /**
+ * Strip off the leading and trailing (quote) chars from the given string
+ * and return it. Does not actually check to make sure they are '\'' chars.
+ */
+ private String stripQuotes(String image)
+ {
+ return image.substring(1, image.length() - 1);
+ }
+
+ public static void doParse(Reader configFile, XMLLoginConfigImpl loginConfig)
+ throws ParseException
+ {
+ doParse(configFile, loginConfig, false);
+ }
+
+ public static void doParse(Reader configFile, XMLLoginConfigImpl loginConfig, boolean trace)
+ throws ParseException
+ {
+ SunConfigParser parser = new SunConfigParser();
+ parser.parse(configFile, loginConfig, trace);
+ }
+}
+
+PARSER_END(SunConfigParser)
+
+/* IGNORE WHITESPACE */
+
+SKIP :
+{
+ " "
+ | "\r"
+ | "\t"
+ | "\n"
+}
+
+
+SPECIAL_TOKEN : /* COMMENTS */
+{
+ <SINGLE_LINE_COMMENT: ("//"|"#") (~["\n","\r"])* ("\n"|"\r"|"\r\n")>
+| <MULTI_LINE_COMMENT: "/*" (~["*"])* "*" ("*" | (~["*","/"] (~["*"])* "*"))* "/">
+}
+
+TOKEN :
+{
+ < OPEN_BKT: "{" >
+ | < CLOSE_BKT: "}" >
+ | < SEMI_COLON: ";" >
+ | < EQUALS: "=" >
+
+}
+
+/* Literals */
+
+TOKEN :
+{
+ < LONG: ( ["0" - "9"] )+ >
+ | < DOUBLE: <FLOAT>
+ | <FLOAT> ( ["e","E"] ([ "-","+"])? <LONG> )?
+ >
+ | < #FLOAT: <LONG> ( "." (<LONG>)? )
+ | "." <LONG>
+ >
+ | < STRING:
+ (
+ "'"
+ ( (~["'","\n","\r"])
+ | ("''")
+ )*
+ "'"
+ )
+ |
+ (
+ "\""
+ ( (~["\"","\n","\r"])
+ | ("\"\"")
+ )*
+ "\""
+ ) >
+}
+
+TOKEN [IGNORE_CASE]:
+{
+ <CONTROL_FLAG: "required" | "requisite" | "sufficient" | "optional">
+|
+ <IDENTIFIER: <LETTER> (<LETTER>|<DIGIT>|"-"|"_")* >
+|
+ <CLASSNAME: <LETTER> (<LETTER>|<DIGIT>)* ("." <LETTER> (<LETTER>|<DIGIT>)*)* >
+|
+ <#LETTER: [ "_","$", "a"-"z", "A"-"Z" ] >
+|
+ <#DIGIT: ["0" - "9"] >
+|
+ <ANY: (<NOTSPACE_EQUALS>)+ >
+|
+ <#NOTSPACE_EQUALS: (~[" ","\t","\n","\r","=",";"]) >
+}
+
+/** Start of the grammar */
+
+void config() :
+{
+}
+{
+ ( appConfig() )* <EOF>
+}
+
+void appConfig() :
+{
+ Token t = null;
+ String appName;
+ AppConfigurationEntry entry;
+ ArrayList entries = new ArrayList();
+}
+{
+ t=<IDENTIFIER> { appName = t.image; } <OPEN_BKT>
+ (
+ entry = loginModuleConfig()
+ {
+ entries.add(entry);
+ }
+ ) +
+ <CLOSE_BKT> <SEMI_COLON>
+ {
+ AppConfigurationEntry[] appConfig = new AppConfigurationEntry[entries.size()];
+ entries.toArray(appConfig);
+ loginConfig.addAppConfig(appName, appConfig);
+ }
+}
+
+AppConfigurationEntry loginModuleConfig() :
+{
+ Token t = null;
+ String loginModuleClassName;
+ HashMap options = new HashMap();
+ LoginModuleControlFlag controlFlag;
+ AppConfigurationEntry entry;
+}
+{
+ t=<CLASSNAME> { loginModuleClassName = t.image; }
+ controlFlag = controlFlag()
+ ( moduleOptions(options) )*
+ <SEMI_COLON>
+ {
+ entry = new AppConfigurationEntry(loginModuleClassName, controlFlag, options);
+ return entry;
+ }
+}
+
+LoginModuleControlFlag controlFlag() :
+{
+ Token t;
+ LoginModuleControlFlag flag = null;
+}
+{
+ t=<CONTROL_FLAG>
+ {
+ if( LoginModuleControlFlag.REQUIRED.toString().indexOf(t.image) > 0 )
+ flag = LoginModuleControlFlag.REQUIRED;
+ else if( LoginModuleControlFlag.REQUISITE.toString().indexOf(t.image) > 0 )
+ flag = LoginModuleControlFlag.REQUISITE;
+ else if( LoginModuleControlFlag.SUFFICIENT.toString().indexOf(t.image) > 0 )
+ flag = LoginModuleControlFlag.SUFFICIENT;
+ else if( LoginModuleControlFlag.OPTIONAL.toString().indexOf(t.image) > 0 )
+ flag = LoginModuleControlFlag.OPTIONAL;
+ return flag;
+ }
+}
+
+void moduleOptions(HashMap options) :
+{
+ Token t;
+ String name, value;
+}
+{
+ ( t=<IDENTIFIER> | t=<CLASSNAME> )
+ { name = t.image; }
+ <EQUALS>
+ (
+ ( t=<IDENTIFIER> | t=<CLASSNAME> | t=<DOUBLE> | t=<LONG> | t=<ANY> )
+ {
+ value = t.image;
+ options.put(name, value);
+ }
+ | t=<STRING>
+ {
+ value = stripQuotes(t.image);
+ options.put(name, value);
+ }
+ )
+}
+
Added: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/XMLLoginConfigImpl.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/XMLLoginConfigImpl.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/login/XMLLoginConfigImpl.java 2007-07-26 06:28:58 UTC (rev 64295)
@@ -0,0 +1,440 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.auth.login;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.Serializable;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.ArrayList;
+import java.util.Set;
+
+import javax.security.auth.AuthPermission;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.auth.spi.UsersObjectModelFactory;
+import org.jboss.security.authorization.config.SecurityConfigObjectModelFactory;
+import org.jboss.security.config.ApplicationPolicy;
+import org.jboss.security.config.ApplicationPolicyRegistration;
+import org.jboss.security.config.PolicyConfig;
+import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.xb.binding.JBossXBException;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+
+/** An concrete implementation of the javax.security.auth.login.Configuration
+ class that parses an xml configuration of the form:
+
+ <policy>
+ <application-policy name = "test-domain">
+ <authentication>
+ <login-module code = "org.jboss.security.plugins.samples.IdentityLoginModule"
+ flag = "required">
+ <module-option name = "principal">starksm</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+ </policy>
+
+ @see javax.security.auth.login.Configuration
+
+ @author Scott.Stark at jboss.org
+ @author Anil.Saldhana at jboss.org
+ @version $Revision: 57482 $
+ */
+public class XMLLoginConfigImpl extends Configuration implements Serializable, ApplicationPolicyRegistration
+{
+ /** The serialVersionUID */
+ private static final long serialVersionUID = -8965860493224188277L;
+ private static final String DEFAULT_APP_CONFIG_NAME = "other";
+ private static final AuthPermission REFRESH_PERM = new AuthPermission("refreshLoginConfiguration");
+ private static Logger log = Logger.getLogger(XMLLoginConfigImpl.class);
+ /** A mapping of application name to AppConfigurationEntry[]
+ protected Map appConfigs = Collections.synchronizedMap(new HashMap());
+ */
+ PolicyConfig appConfigs = new PolicyConfig();
+ /** The URL to the XML or Sun login configuration */
+ protected URL loginConfigURL;
+ /** The inherited configuration we delegate to */
+ protected Configuration parentConfig;
+ /** A flag indicating if XML configs should be validated */
+ private boolean validateDTD = true;
+
+ // --- Begin Configuration method overrrides
+ public void refresh()
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ if (log.isTraceEnabled())
+ log.trace("Begin refresh");
+ appConfigs.clear();
+ loadConfig();
+ if (log.isTraceEnabled())
+ log.trace("End refresh");
+ }
+
+ public AppConfigurationEntry[] getAppConfigurationEntry(String appName)
+ {
+ if (log.isTraceEnabled())
+ log.trace("Begin getAppConfigurationEntry("+appName+"), size="+appConfigs.size());
+
+ //Load the config if PolicyConfig is empty
+ if(this.appConfigs.size() == 0)
+ this.loadConfig();
+
+ AppConfigurationEntry[] entry = null;
+ ApplicationPolicy aPolicy = this.getApplicationPolicy(appName);
+ AuthenticationInfo authInfo = aPolicy != null ? (AuthenticationInfo)aPolicy.getAuthenticationInfo()
+ : null;
+
+ if (authInfo == null)
+ {
+ if (log.isTraceEnabled())
+ log.trace("getAppConfigurationEntry("+appName+"), no entry in appConfigs, tyring parentCont: "+parentConfig);
+ if (parentConfig != null)
+ entry = parentConfig.getAppConfigurationEntry(appName);
+ if (entry == null)
+ {
+ if (log.isTraceEnabled())
+ log.trace("getAppConfigurationEntry("+appName+"), no entry in parentConfig, trying: "+DEFAULT_APP_CONFIG_NAME);
+ }
+ ApplicationPolicy defPolicy = (ApplicationPolicy)appConfigs.get(DEFAULT_APP_CONFIG_NAME);
+ authInfo = defPolicy != null ?(AuthenticationInfo) defPolicy.getAuthenticationInfo() : null;
+ }
+
+ if (authInfo != null)
+ {
+ if (log.isTraceEnabled())
+ log.trace("End getAppConfigurationEntry("+appName+"), authInfo=" + authInfo);
+ // Make a copy of the authInfo object
+ final AuthenticationInfo theAuthInfo = authInfo;
+ PrivilegedAction action = new PrivilegedAction()
+ {
+ public Object run()
+ {
+ return theAuthInfo.copyAppConfigurationEntry();
+ }
+ };
+ entry = (AppConfigurationEntry[]) AccessController.doPrivileged(action);
+ }
+ else
+ {
+ if (log.isTraceEnabled())
+ log.trace("End getAppConfigurationEntry("+appName+"), failed to find entry");
+ }
+
+ return entry;
+ }
+ // --- End Configuration method overrrides
+
+ /** Set the URL of the XML login configuration file that should
+ be loaded by this mbean on startup.
+ */
+ public URL getConfigURL()
+ {
+ return loginConfigURL;
+ }
+
+ /** Set the URL of the XML login configuration file that should
+ be loaded by this mbean on startup.
+ */
+ public void setConfigURL(URL loginConfigURL)
+ {
+ this.loginConfigURL = loginConfigURL;
+ }
+
+ public void setConfigResource(String resourceName)
+ throws IOException
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ loginConfigURL = tcl.getResource(resourceName);
+ if (loginConfigURL == null)
+ throw new IOException("Failed to find resource: " + resourceName);
+ }
+
+ public void setParentConfig(Configuration parentConfig)
+ {
+ this.parentConfig = parentConfig;
+ }
+
+ /** Get whether the login config xml document is validated againsts its DTD
+ */
+ public boolean getValidateDTD()
+ {
+ return this.validateDTD;
+ }
+
+ /** Set whether the login config xml document is validated againsts its DTD
+ */
+ public void setValidateDTD(boolean flag)
+ {
+ this.validateDTD = flag;
+ }
+
+ /**
+ * @see ApplicationPolicyRegistration#addApplicationPolicy(String, ApplicationPolicy)
+ */
+ public void addApplicationPolicy(String appName, ApplicationPolicy aPolicy)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ appConfigs.add(aPolicy);
+ handleJASPIDelegation(aPolicy);
+ SecurityConfiguration.addApplicationPolicy(aPolicy);
+ }
+
+ /** Add an application configuration
+ */
+ public void addAppConfig(String appName, AppConfigurationEntry[] entries)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ AuthenticationInfo authInfo = new AuthenticationInfo(appName);
+ authInfo.setAppConfigurationEntry(entries);
+ if (log.isTraceEnabled())
+ log.trace("addAppConfig("+appName+"), authInfo=" + authInfo);
+ ApplicationPolicy aPolicy = new ApplicationPolicy(appName, authInfo);
+ appConfigs.add(aPolicy);
+ SecurityConfiguration.addApplicationPolicy(aPolicy);
+ }
+
+ /**
+ * @deprecated
+ * @see #removeApplicationPolicy(String)
+ * @param appName
+ */
+ public void removeAppConfig(String appName)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ if (log.isTraceEnabled())
+ log.trace("removeAppConfig, appName="+appName);
+ appConfigs.remove(appName);
+ }
+
+
+ /**
+ * @see ApplicationPolicyRegistration#getApplicationPolicy(String)
+ */
+ public ApplicationPolicy getApplicationPolicy(String domainName)
+ {
+ if(appConfigs == null || appConfigs.size() == 0)
+ loadConfig();
+ ApplicationPolicy aPolicy = (ApplicationPolicy)appConfigs.get(domainName);
+ if(aPolicy != null)
+ SecurityConfiguration.addApplicationPolicy(aPolicy);
+ return aPolicy;
+ }
+
+
+ /**
+ * @see ApplicationPolicyRegistration#removeApplicationPolicy(String)
+ */
+ public boolean removeApplicationPolicy(String appName)
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+ if (log.isTraceEnabled())
+ log.trace("removeAppConfig, appName="+appName);
+ appConfigs.remove(appName);
+ return true;
+ }
+
+ /**
+ * Method that returns the parsed AuthenticationInfo needed by
+ * the JASPI framework until a seperate Configuration mechanism
+ * for JASPI is established
+ *
+ * @return the parsed AuthenticationInfo object
+ */
+ public BaseAuthenticationInfo getAuthenticationInfo(String domainName)
+ {
+ ApplicationPolicy aPolicy = getApplicationPolicy( domainName);
+ return aPolicy != null ? aPolicy.getAuthenticationInfo() : null;
+ }
+
+ public void clear()
+ {
+
+ }
+
+ /** Called to try to load the config from the java.security.auth.login.config
+ * property value when there is no loginConfigURL.
+ */
+ public void loadConfig()
+ {
+ // Try to load the java.security.auth.login.config property
+ String loginConfig = System.getProperty("java.security.auth.login.config");
+ if (loginConfig == null)
+ loginConfig = "login-config.xml";
+
+ // If there is no loginConfigURL build it from the loginConfig
+ if (loginConfigURL == null)
+ {
+ try
+ {
+ // Try as a URL
+ loginConfigURL = new URL(loginConfig);
+ }
+ catch (MalformedURLException e)
+ {
+ // Try as a resource
+ try
+ {
+ setConfigResource(loginConfig);
+ }
+ catch (IOException ignore)
+ {
+ // Try as a file
+ File configFile = new File(loginConfig);
+ try
+ {
+ setConfigURL(configFile.toURL());
+ }
+ catch (MalformedURLException ignore2)
+ {
+ }
+ }
+ }
+ }
+
+ if (loginConfigURL == null)
+ {
+ log.warn("Failed to find config: " + loginConfig);
+ return;
+ }
+
+ if (log.isTraceEnabled())
+ log.trace("Begin loadConfig, loginConfigURL="+loginConfigURL);
+ // Try to load the config if found
+ try
+ {
+ loadConfig(loginConfigURL);
+ if (log.isTraceEnabled())
+ log.trace("End loadConfig, loginConfigURL="+loginConfigURL);
+ }
+ catch (Exception e)
+ {
+ log.warn("End loadConfig, failed to load config: " + loginConfigURL, e);
+ }
+ }
+
+ protected String[] loadConfig(URL config) throws Exception
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null)
+ sm.checkPermission(REFRESH_PERM);
+
+ ArrayList configNames = new ArrayList();
+ log.debug("Try loading config as XML, url=" + config);
+ try
+ {
+ loadXMLConfig(config, configNames);
+ }
+ catch(Throwable e)
+ {
+ log.debug("Failed to load config as XML", e);
+ log.debug("Try loading config as Sun format, url=" + config);
+ loadSunConfig(config, configNames);
+ }
+ String[] names = new String[configNames.size()];
+ configNames.toArray(names);
+ return names;
+ }
+
+ /**
+ * Handle the case when JASPI Info may have login module stack holder
+ * which delegates to a login module stack
+ * @param aPolicy
+ */
+ private void handleJASPIDelegation(ApplicationPolicy aPolicy)
+ {
+ BaseAuthenticationInfo bai = aPolicy.getAuthenticationInfo();
+ if(bai instanceof JASPIAuthenticationInfo)
+ {
+ JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo)bai;
+ LoginModuleStackHolder[] lmsharr = jai.getLoginModuleStackHolder();
+ for(LoginModuleStackHolder lmsh:lmsharr)
+ {
+ this.addAppConfig(lmsh.getName(), lmsh.getAppConfigurationEntry());
+ }
+ }
+ }
+
+ private void loadSunConfig(URL sunConfig, ArrayList configNames)
+ throws Exception
+ {
+ InputStream is = sunConfig.openStream();
+ if (is == null)
+ throw new IOException("InputStream is null for: " + sunConfig);
+
+ InputStreamReader configFile = new InputStreamReader(is);
+ boolean trace = log.isTraceEnabled();
+ SunConfigParser.doParse(configFile, this, trace);
+ }
+
+ private void loadXMLConfig(URL loginConfigURL, ArrayList configNames)
+ throws IOException, JBossXBException
+ {
+ LoginConfigObjectModelFactory lcomf = new SecurityConfigObjectModelFactory();
+ UsersObjectModelFactory uomf = new UsersObjectModelFactory();
+
+ InputStreamReader xmlReader = loadURL(loginConfigURL);
+ Unmarshaller unmarshaller = UnmarshallerFactory.newInstance().newUnmarshaller();
+ unmarshaller.mapFactoryToNamespace(uomf, "http://www.jboss.org/j2ee/schemas/XMLLoginModule");
+ Object root = null;
+ PolicyConfig config = (PolicyConfig) unmarshaller.unmarshal(xmlReader, lcomf, root);
+ Set<String> cnames = config.getConfigNames();
+ configNames.addAll(cnames);
+ appConfigs.copy(config);
+ //Add the config to SecurityConfiguration
+ for(String cname:cnames)
+ {
+ ApplicationPolicy ap = config.get(cname);
+ SecurityConfiguration.addApplicationPolicy(ap);
+ handleJASPIDelegation(ap);
+ }
+ }
+
+ private InputStreamReader loadURL(URL configURL)
+ throws IOException
+ {
+ InputStream is = configURL.openStream();
+ if (is == null)
+ throw new IOException("Failed to obtain InputStream from url: " + configURL);
+ InputStreamReader xmlReader = new InputStreamReader(is);
+ return xmlReader;
+ }
+
+}
More information about the jboss-cvs-commits
mailing list