[jboss-cvs] JBossAS SVN: r62959 - in projects/security/security-jboss-sx/trunk/src/main/org/jboss/security: auth/container/modules and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu May 10 00:19:45 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-05-10 00:19:45 -0400 (Thu, 10 May 2007)
New Revision: 62959
Removed:
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/AuthorizationManagerFactory.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/DelegatingServerAuthModule.java
Log:
SECURITY-26: JBAS integration code moved to JBAS trunk
Deleted: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/AuthorizationManagerFactory.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/AuthorizationManagerFactory.java 2007-05-10 04:19:06 UTC (rev 62958)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/AuthorizationManagerFactory.java 2007-05-10 04:19:45 UTC (rev 62959)
@@ -1,55 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security;
-
-import javax.management.MBeanServer;
-
-import org.jboss.logging.Logger;
-import org.jboss.mx.util.MBeanProxyExt;
-import org.jboss.mx.util.MBeanServerLocator;
-import org.jboss.security.plugins.AuthorizationManagerServiceMBean;
-
-//$Id$
-
-/**
- * Factory for obtaining the AuthorizationManager
- * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
- * @since Jan 4, 2006
- * @version $Revision$
- */
-public class AuthorizationManagerFactory
-{
- private static Logger log = Logger.getLogger(AuthorizationManagerFactory.class);
-
- public static AuthorizationManager getAuthorizationManager( String securityDomain)
- {
- log.debug("Enter getAuthorizationManager with securityDomain=" + securityDomain);
- AuthorizationManager manager = null;
- MBeanServer server = MBeanServerLocator.locateJBoss();
- AuthorizationManagerServiceMBean mbean =(AuthorizationManagerServiceMBean)
- MBeanProxyExt.create(AuthorizationManagerServiceMBean.class,
- AuthorizationManagerServiceMBean.OBJECT_NAME, server);
- manager = mbean.getAuthorizationManager(securityDomain);
- log.debug("return getAuthorizationManager=" + manager);
- return manager;
- }
-}
Deleted: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/DelegatingServerAuthModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/DelegatingServerAuthModule.java 2007-05-10 04:19:06 UTC (rev 62958)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/DelegatingServerAuthModule.java 2007-05-10 04:19:45 UTC (rev 62959)
@@ -1,378 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.auth.container.modules;
-
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.Map;
-
-import javax.management.JMException;
-import javax.management.MBeanServerConnection;
-import javax.management.MalformedObjectNameException;
-import javax.management.ObjectName;
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthParam;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessagePolicy;
-
-import org.jboss.logging.Logger;
-import org.jboss.mx.util.MBeanServerLocator;
-import org.jboss.security.auth.login.AuthenticationInfo;
-import org.jboss.security.auth.login.BaseAuthenticationInfo;
-import org.jboss.security.auth.login.LoginModuleStackHolder;
-import org.jboss.security.auth.login.XMLLoginConfigImpl;
-import org.jboss.security.config.ApplicationPolicy;
-
-//$Id$
-
-/**
- * Default ServerAuthModule that delegates its processing to a stack of LoginModules
- * @see ServerAuthModule
- * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil.Saldhana at jboss.org</a>
- * @since Dec 23, 2005
- * @version $Revision$
- */
-public class DelegatingServerAuthModule extends AbstractServerAuthModule
-{
- protected static Logger log = Logger.getLogger(DelegatingServerAuthModule.class);
- /**
- * LoginContext to which the delegation will happen
- */
- protected LoginContext lc = null;
-
- private boolean trace = log.isTraceEnabled();
-
- /**
- * Input to the LoginContext constructor
- */
- protected String configurationName = null;
-
- /**
- * ObjectName of the MBean that represents the SecurityConfig service from
- * which the JAAS Configuration can be obtained
- */
- protected ObjectName securityConfigMBean = null;
-
- /**
- * Subject after authentication by the login modules
- */
- protected Subject authenticatedSubject = null;
-
- /**
- * Pointer to a stack of LoginModules to which the authmodule will delegate
- */
- protected LoginModuleStackHolder loginModuleStackHolder = null;
-
- /**
- * Needed for unit tests when the MBeanServer is running on a remote
- * JVM. MBeanServerLocator is unusable. Will need MBeanServerConnection.
- */
- protected boolean testMode = false;
-
- public DelegatingServerAuthModule(String configName)
- {
- if(configName == null)
- throw new IllegalArgumentException("Illegal Null Argument: configName");
- if(trace)
- log.trace("ctr:configName=" + configName );
- this.configurationName = configName;
- }
-
- public DelegatingServerAuthModule(String configName, Configuration config)
- {
- this(configName);
- if(config == null)
- throw new IllegalArgumentException("Illegal Null Argument: config");
- //Set the configuration on the thread
- Configuration.setConfiguration(config);
- }
-
- public DelegatingServerAuthModule(LoginModuleStackHolder lmsh)
- {
- this.loginModuleStackHolder = lmsh;
- this.configurationName = lmsh.getName();
- XMLLoginConfigImpl xmlConfig = null;
- Configuration config = Configuration.getConfiguration();
- if(config != null && config instanceof XMLLoginConfigImpl)
- {
- xmlConfig = (XMLLoginConfigImpl)config;
- }
- else
- {
- xmlConfig = new XMLLoginConfigImpl();
- Configuration.setConfiguration(xmlConfig);
- }
- //Check if an Application Policy is contained
- ApplicationPolicy aPolicy = xmlConfig.getApplicationPolicy(lmsh.getName());
- if(aPolicy != null)
- {
- BaseAuthenticationInfo baInfo = aPolicy.getAuthenticationInfo();
- if(baInfo instanceof AuthenticationInfo)
- {
- AuthenticationInfo ai = (AuthenticationInfo)baInfo;
- ai.add(Arrays.asList(lmsh.getAppConfigurationEntry()));
- }
- }
- else
- {
- //Create a Configuration and set it on the thread
- xmlConfig.addAppConfig(lmsh.getName(),lmsh.getAppConfigurationEntry());
- }
- }
-
- /**
- * @see ServerAuthModule#cleanSubject(Subject, Map)
- */
- public void cleanSubject(Subject subject, Map sharedState)
- throws AuthException
- {
- if(trace)
- log.trace("disposeSubject called");
- try
- {
- if(lc != null)
- {
- lc.logout();
- if(trace)
- log.trace("disposeSubject:lc.logout success");
- }
- else
- if(trace)
- log.trace("disposeSubject:LoginContext is null");
- }
- catch (LoginException e)
- {
- log.debug("disposeSubject:lc.logout throws an exception::", e);
- AuthException ae = new AuthException("disposeSubject failed::"+ e.getLocalizedMessage());
- ae.initCause(e);
- throw ae;
- }
- }
-
- /**
- * @see ServerAuthModule#initialize(MessagePolicy, MessagePolicy, CallbackHandler, Map, boolean)
- */
- public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, CallbackHandler handler,
- Map options)
- throws AuthException
- {
- super.initialize(requestPolicy, responsePolicy, handler, options );
- if(trace)
- log.trace("initialize:callbackHandler=" + handler.getClass().getName() );
-
- //Get the securityConfig MBean Name from options
- if(options != null)
- {
- //Check for usersProperties & rolesProperties
- String option = (String) options.get("securityConfigService");
- try
- {
- if(option != null)
- this.securityConfigMBean = new ObjectName(option.trim());
- }catch (MalformedObjectNameException e)
- {
- IllegalStateException ise = new IllegalStateException(e.getLocalizedMessage());
- ise.initCause(e);
- throw ise;
- }
- String testM = (String)options.get("testMode");
- if(testM != null)
- testMode = Boolean.valueOf(testM).booleanValue();
- }
- }
-
- /**
- * @see ServerAuthModule#secureResponse(AuthParam, Subject, Map)
- */
- public AuthStatus secureResponse(AuthParam param, Subject source, Map sharedState) throws AuthException
- {
- throw new IllegalStateException("Not Implemented");
- }
-
- /**
- * @see ServerAuthModule#validateRequest(AuthParam, Subject, Subject, Map)
- */
- public AuthStatus validateRequest(AuthParam param, Subject source, Subject recipient, Map sharedState) throws AuthException
- {
- if(trace)
- log.trace("validateRequest called");
- try
- {
- checkConfigurationPresence();
- }catch(Exception e)
- {
- IllegalStateException ise = new IllegalStateException(e.getLocalizedMessage());
- ise.initCause(e);
- throw ise;
- }
-
- try
- {
- if(callbackHandler == null)
- throw new IllegalStateException("CallbackHandler is null");
- // LoginContext is created for each request according to JSR-196
- if(source == null)
- {
- lc = new LoginContext(configurationName, callbackHandler);
- }
- else
- lc = new LoginContext(configurationName, source, callbackHandler);
-
- if(trace)
- {
- Configuration cfg = Configuration.getConfiguration();
- AppConfigurationEntry[] aentries = cfg.getAppConfigurationEntry(configurationName);
- for(int i = 0; i < aentries.length; i++)
- logAppConfigurationEntry(aentries[i]);
- }
-
- }catch (LoginException e)
- {
- log.debug("validateRequest:Instantiation of LoginContext failed::", e);
- AuthException ae = new AuthException("validateRequest failed::"+ e.getLocalizedMessage());
- ae.initCause(e);
- throw ae;
- }
- try
- {
- lc.login();
- if(trace)
- log.trace("validateRequest:lc.login() successful");
- if(source == null)
- source = lc.getSubject();
-
- authenticatedSubject = source;
- }
- catch (LoginException e)
- {
- log.debug("validateRequest:lc.login throws an exception::", e);
- AuthException ae = new AuthException("validateRequest failed::"+ e.getLocalizedMessage());
- ae.initCause(e);
- throw ae;
- }
-
- return AuthStatus.PROCEED;
- }
-
- /**
- * Custom Method that is provided to see the Authenticated Subject
- * after the delegation to a set of LoginModules
- * (Useful for testing purposes)
- *
- * @see Subject
- * @return authenticatedSubject
- */
- public Subject getAuthenticatedSubject()
- {
- return authenticatedSubject;
- }
-
- /**
- * Check if a Configuration is set on the thread
- * @throws NamingException
- *
- */
- private void checkConfigurationPresence()
- throws IOException, JMException, NamingException
- {
- Configuration cfg = null;
- try
- {
- cfg = Configuration.getConfiguration();
- }catch(SecurityException e)
- {
- log.debug("Unable to obtain login configuration:",e);
- log.debug("Will try to obtain configuration from the securityconfig MBean");
- }
-
- if(cfg == null)
- {
- //Get the Configuration from the SecurityConfig service
- cfg = getConfigurationFromSecurityConfigService();
- }
- else
- return;
-
- if(cfg == null)
- throw new IllegalStateException("Configuration is not present");
-
- Configuration.setConfiguration(cfg);
- }
-
- private Configuration getConfigurationFromSecurityConfigService()
- throws NamingException, IOException
- {
- MBeanServerConnection server = null;
- Configuration config = null;
- if(this.securityConfigMBean == null)
- throw new IllegalStateException("securityConfigMBean Name is null");
-
- if(testMode)
- {
- InitialContext ctx = new InitialContext(); // From jndi.properties
- server = (MBeanServerConnection) ctx.lookup("jmx/invoker/RMIAdaptor");
- }
- else
- {
- //Find the local MBeanServer
- server = MBeanServerLocator.locateJBoss();
- }
- //First get the name of the mbean that provides the default Jaas Configuration
- Object[] args = {null};
- String[] signature = {"javax.security.auth.login.Configuration"};
- try
- {
- String configService = (String)server.getAttribute(securityConfigMBean,
- "LoginConfig");
- config = (Configuration) server.invoke(new ObjectName(configService),
- "getConfiguration", args, signature);
- }
- catch (JMException e)
- {
- IllegalStateException ise = new IllegalStateException(e.getLocalizedMessage());
- ise.initCause(e);
- throw ise;
- }
-
- return config;
- }
-
- private void logAppConfigurationEntry(AppConfigurationEntry ae)
- {
- log.debug("LoginModuleName:" + ae.getLoginModuleName());
- log.debug("Control Flag:" + ae.getControlFlag());
- }
-
- public Class[] getSupportedMessageTypes()
- {
- return null;
- }
-
-}
More information about the jboss-cvs-commits
mailing list