1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.extras.jaas; |
12 | |
|
13 | |
import org.mule.config.i18n.CoreMessages; |
14 | |
import org.mule.umo.lifecycle.InitialisationException; |
15 | |
import org.mule.umo.security.UMOAuthentication; |
16 | |
import org.mule.umo.security.UMOSecurityContext; |
17 | |
import org.mule.umo.security.UMOSecurityContextFactory; |
18 | |
import org.mule.umo.security.UMOSecurityProvider; |
19 | |
import org.mule.umo.security.UnauthorisedException; |
20 | |
import org.mule.umo.security.UnknownAuthenticationTypeException; |
21 | |
|
22 | |
import java.io.IOException; |
23 | |
import java.security.Security; |
24 | |
import java.util.HashMap; |
25 | |
import java.util.Map; |
26 | |
|
27 | |
import javax.security.auth.Subject; |
28 | |
import javax.security.auth.login.AppConfigurationEntry; |
29 | |
import javax.security.auth.login.Configuration; |
30 | |
import javax.security.auth.login.LoginContext; |
31 | |
import javax.security.auth.login.LoginException; |
32 | |
|
33 | |
|
34 | |
|
35 | |
|
36 | 4 | public class JaasSimpleAuthenticationProvider implements UMOSecurityProvider |
37 | |
{ |
38 | |
|
39 | |
private String loginConfig; |
40 | |
private String loginContextName; |
41 | |
private String credentials; |
42 | |
private String loginModule; |
43 | 4 | private String defaultModule = "org.mule.extras.jaas.loginmodule.DefaultLoginModule"; |
44 | |
private String name; |
45 | |
private UMOSecurityContextFactory factory; |
46 | |
|
47 | |
|
48 | |
|
49 | |
|
50 | |
|
51 | |
|
52 | |
|
53 | |
|
54 | |
|
55 | |
public final void setLoginConfig(String loginConfig) |
56 | |
{ |
57 | 2 | this.loginConfig = loginConfig; |
58 | 2 | } |
59 | |
|
60 | |
|
61 | |
|
62 | |
|
63 | |
|
64 | |
|
65 | |
public final String getLoginConfig() |
66 | |
{ |
67 | 0 | return loginConfig; |
68 | |
} |
69 | |
|
70 | |
|
71 | |
|
72 | |
|
73 | |
|
74 | |
|
75 | |
public final void setLoginContextName(String loginContextName) |
76 | |
{ |
77 | 4 | this.loginContextName = loginContextName; |
78 | 4 | } |
79 | |
|
80 | |
|
81 | |
|
82 | |
|
83 | |
|
84 | |
|
85 | |
public final String getLoginContextName() |
86 | |
{ |
87 | 0 | return loginContextName; |
88 | |
} |
89 | |
|
90 | |
|
91 | |
|
92 | |
|
93 | |
|
94 | |
|
95 | |
public final String getCredentials() |
96 | |
{ |
97 | 0 | return credentials; |
98 | |
} |
99 | |
|
100 | |
|
101 | |
|
102 | |
|
103 | |
|
104 | |
|
105 | |
public final void setCredentials(String credentials) |
106 | |
{ |
107 | 2 | this.credentials = credentials; |
108 | 2 | } |
109 | |
|
110 | |
|
111 | |
|
112 | |
|
113 | |
|
114 | |
|
115 | |
public final String getLoginModule() |
116 | |
{ |
117 | 0 | return loginModule; |
118 | |
} |
119 | |
|
120 | |
|
121 | |
|
122 | |
|
123 | |
|
124 | |
|
125 | |
public final void setLoginModule(String loginModule) |
126 | |
{ |
127 | 0 | this.loginModule = loginModule; |
128 | 0 | } |
129 | |
|
130 | |
|
131 | |
|
132 | |
|
133 | |
public final String getName() |
134 | |
{ |
135 | 8 | return name; |
136 | |
} |
137 | |
|
138 | |
|
139 | |
|
140 | |
|
141 | |
public final void setName(String name) |
142 | |
{ |
143 | 4 | this.name = name; |
144 | 4 | } |
145 | |
|
146 | |
|
147 | |
|
148 | |
|
149 | |
|
150 | |
|
151 | |
|
152 | |
|
153 | |
private void configureJaas() throws IOException |
154 | |
{ |
155 | |
|
156 | 2 | String loginConfigUrl = "file://" |
157 | |
+ org.mule.util.FileUtils.getResourcePath(loginConfig, |
158 | 4 | JaasSimpleAuthenticationProvider.class); |
159 | |
|
160 | 2 | boolean alreadySet = false; |
161 | |
|
162 | 2 | int n = 1; |
163 | 2 | String prefix = "login.config.url."; |
164 | 2 | String existing = null; |
165 | |
|
166 | 2 | while ((existing = Security.getProperty(prefix + n)) != null) |
167 | |
{ |
168 | 0 | alreadySet = existing.equals(loginConfigUrl); |
169 | |
|
170 | 0 | if (alreadySet) |
171 | |
{ |
172 | 0 | break; |
173 | |
} |
174 | 0 | n++; |
175 | |
} |
176 | |
|
177 | 2 | if (!alreadySet) |
178 | |
{ |
179 | 2 | String key = prefix + n; |
180 | 2 | Security.setProperty(key, loginConfigUrl); |
181 | |
} |
182 | 2 | } |
183 | |
|
184 | |
|
185 | |
|
186 | |
|
187 | |
|
188 | |
|
189 | |
|
190 | |
|
191 | |
|
192 | |
|
193 | |
public final UMOAuthentication authenticate(UMOAuthentication authentication) |
194 | |
throws org.mule.umo.security.SecurityException |
195 | |
{ |
196 | |
LoginContext loginContext; |
197 | 20 | JaasAuthentication auth = (JaasAuthentication)authentication; |
198 | |
|
199 | |
|
200 | 20 | MuleCallbackHandler cbh = new MuleCallbackHandler(auth); |
201 | |
|
202 | |
|
203 | |
try |
204 | |
{ |
205 | 20 | if (auth.getSubject() != null) |
206 | |
{ |
207 | 0 | loginContext = new LoginContext(loginContextName,auth.getSubject(), cbh); |
208 | |
} |
209 | |
else |
210 | |
{ |
211 | 20 | loginContext = new LoginContext(loginContextName, cbh); |
212 | |
} |
213 | |
} |
214 | 0 | catch (LoginException e) |
215 | |
{ |
216 | 0 | throw new org.mule.umo.security.UnauthorisedException( |
217 | |
CoreMessages.cannotLoadFromClasspath(loginContextName)); |
218 | 20 | } |
219 | |
|
220 | |
|
221 | |
try |
222 | |
{ |
223 | 20 | loginContext.login(); |
224 | |
} |
225 | 12 | catch (LoginException le) |
226 | |
{ |
227 | 12 | le.fillInStackTrace(); |
228 | 12 | throw new UnauthorisedException(CoreMessages.authFailedForUser(auth.getPrincipal())); |
229 | 8 | } |
230 | |
|
231 | 8 | Subject subject = loginContext.getSubject(); |
232 | 8 | JaasAuthentication finalAuth = new JaasAuthentication(auth.getPrincipal(), auth.getCredentials(),subject); |
233 | 8 | finalAuth.setAuthenticated(true); |
234 | |
|
235 | 8 | return finalAuth; |
236 | |
} |
237 | |
|
238 | |
|
239 | |
|
240 | |
|
241 | |
|
242 | |
|
243 | |
|
244 | |
public final boolean supports(Class aClass) |
245 | |
{ |
246 | 28 | return UMOAuthentication.class.isAssignableFrom(aClass); |
247 | |
} |
248 | |
|
249 | |
|
250 | |
|
251 | |
|
252 | |
|
253 | |
|
254 | |
public final UMOSecurityContext createSecurityContext(UMOAuthentication auth) |
255 | |
throws UnknownAuthenticationTypeException |
256 | |
{ |
257 | 8 | return factory.create(auth); |
258 | |
} |
259 | |
|
260 | |
|
261 | |
|
262 | |
|
263 | |
|
264 | |
|
265 | |
|
266 | |
|
267 | |
|
268 | |
|
269 | |
public final void initialise() throws InitialisationException |
270 | |
{ |
271 | |
|
272 | |
|
273 | 4 | if (loginConfig == null) |
274 | |
{ |
275 | |
try |
276 | |
{ |
277 | 2 | AppConfigurationEntry entry = null; |
278 | 2 | JaasConfig.init(); |
279 | |
|
280 | 2 | HashMap options = new HashMap(); |
281 | 2 | options.put("credentials", credentials); |
282 | |
|
283 | |
|
284 | |
|
285 | 2 | if (loginModule != null) |
286 | |
{ |
287 | 0 | entry = new AppConfigurationEntry(loginModule, |
288 | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); |
289 | |
} |
290 | |
else |
291 | |
{ |
292 | 2 | entry = new AppConfigurationEntry(defaultModule, |
293 | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); |
294 | |
} |
295 | |
|
296 | 2 | JaasConfig.addApplicationConfigEntry(loginContextName, entry); |
297 | |
} |
298 | 0 | catch (Exception e) |
299 | |
{ |
300 | 0 | throw new InitialisationException(e, this); |
301 | 2 | } |
302 | |
} |
303 | |
else |
304 | |
{ |
305 | |
|
306 | |
try |
307 | |
{ |
308 | 2 | configureJaas(); |
309 | |
} |
310 | 0 | catch (IOException e) |
311 | |
{ |
312 | 0 | throw new InitialisationException(e, this); |
313 | 2 | } |
314 | |
} |
315 | |
|
316 | |
|
317 | |
try |
318 | |
{ |
319 | 4 | factory = new JaasSecurityContextFactory(); |
320 | |
} |
321 | 0 | catch (Exception e) |
322 | |
{ |
323 | 0 | throw new InitialisationException(CoreMessages.failedToCreate("JaasProvider"), e); |
324 | 4 | } |
325 | 4 | } |
326 | |
|
327 | |
|
328 | |
|
329 | |
|
330 | |
|
331 | 4 | public static class JaasConfig extends Configuration |
332 | |
{ |
333 | |
|
334 | 2 | private static Map appConfigEntries = new HashMap(); |
335 | |
private static JaasConfig jaasConfig; |
336 | |
|
337 | |
|
338 | |
|
339 | |
|
340 | |
public static void init() |
341 | |
{ |
342 | 2 | jaasConfig = new JaasConfig(); |
343 | 2 | Configuration.setConfiguration(jaasConfig); |
344 | 2 | } |
345 | |
|
346 | |
|
347 | |
|
348 | |
|
349 | |
|
350 | |
|
351 | |
public static JaasConfig getJaasConfig() |
352 | |
{ |
353 | 0 | return jaasConfig; |
354 | |
} |
355 | |
|
356 | |
|
357 | |
|
358 | |
|
359 | |
|
360 | |
|
361 | |
|
362 | |
public static void addApplicationConfigEntry(String name, AppConfigurationEntry entry) |
363 | |
{ |
364 | 2 | appConfigEntries.put(name, entry); |
365 | 2 | } |
366 | |
|
367 | |
|
368 | |
|
369 | |
|
370 | |
|
371 | |
|
372 | |
|
373 | |
public final AppConfigurationEntry[] getAppConfigurationEntry(String applicationName) |
374 | |
{ |
375 | |
|
376 | 10 | if (applicationName == null) |
377 | |
{ |
378 | 0 | throw new IllegalArgumentException("applicationName passed in was null."); |
379 | |
} |
380 | |
|
381 | 10 | AppConfigurationEntry entry = (AppConfigurationEntry)appConfigEntries.get(applicationName); |
382 | 10 | if (entry == null) |
383 | |
{ |
384 | 0 | return new AppConfigurationEntry[]{}; |
385 | |
} |
386 | |
else |
387 | |
{ |
388 | 10 | AppConfigurationEntry e[] = new AppConfigurationEntry[1]; |
389 | 10 | e[0] = entry; |
390 | 10 | return e; |
391 | |
} |
392 | |
} |
393 | |
|
394 | |
public void refresh() |
395 | |
{ |
396 | |
|
397 | 0 | } |
398 | |
} |
399 | |
} |