1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.module.jaas; |
12 | |
|
13 | |
import org.mule.api.lifecycle.InitialisationException; |
14 | |
import org.mule.api.security.Authentication; |
15 | |
import org.mule.api.security.SecurityContext; |
16 | |
import org.mule.api.security.SecurityContextFactory; |
17 | |
import org.mule.api.security.SecurityProvider; |
18 | |
import org.mule.api.security.UnauthorisedException; |
19 | |
import org.mule.api.security.UnknownAuthenticationTypeException; |
20 | |
import org.mule.config.i18n.CoreMessages; |
21 | |
|
22 | |
import java.io.IOException; |
23 | |
import java.security.Security; |
24 | |
import java.util.HashMap; |
25 | |
import java.util.Map; |
26 | |
|
27 | |
import javax.security.auth.Subject; |
28 | |
import javax.security.auth.login.AppConfigurationEntry; |
29 | |
import javax.security.auth.login.Configuration; |
30 | |
import javax.security.auth.login.LoginContext; |
31 | |
import javax.security.auth.login.LoginException; |
32 | |
|
33 | |
|
34 | |
|
35 | |
|
36 | 24 | public class JaasSimpleAuthenticationProvider implements SecurityProvider |
37 | |
{ |
38 | |
|
39 | |
private String loginConfig; |
40 | |
private String loginContextName; |
41 | |
private String credentials; |
42 | |
private String loginModule; |
43 | 24 | private String defaultModule = "org.mule.module.jaas.loginmodule.DefaultLoginModule"; |
44 | |
private String name; |
45 | |
private SecurityContextFactory factory; |
46 | |
|
47 | |
|
48 | |
|
49 | |
|
50 | |
|
51 | |
|
52 | |
|
53 | |
|
54 | |
|
55 | |
public final void setLoginConfig(String loginConfig) |
56 | |
{ |
57 | 14 | this.loginConfig = loginConfig; |
58 | 14 | } |
59 | |
|
60 | |
|
61 | |
|
62 | |
|
63 | |
|
64 | |
|
65 | |
public final String getLoginConfig() |
66 | |
{ |
67 | 4 | return loginConfig; |
68 | |
} |
69 | |
|
70 | |
|
71 | |
|
72 | |
|
73 | |
|
74 | |
|
75 | |
public final void setLoginContextName(String loginContextName) |
76 | |
{ |
77 | 24 | this.loginContextName = loginContextName; |
78 | 24 | } |
79 | |
|
80 | |
|
81 | |
|
82 | |
|
83 | |
|
84 | |
|
85 | |
public final String getLoginContextName() |
86 | |
{ |
87 | 4 | return loginContextName; |
88 | |
} |
89 | |
|
90 | |
|
91 | |
|
92 | |
|
93 | |
|
94 | |
|
95 | |
public final String getCredentials() |
96 | |
{ |
97 | 0 | return credentials; |
98 | |
} |
99 | |
|
100 | |
|
101 | |
|
102 | |
|
103 | |
|
104 | |
|
105 | |
public final void setCredentials(String credentials) |
106 | |
{ |
107 | 10 | this.credentials = credentials; |
108 | 10 | } |
109 | |
|
110 | |
|
111 | |
|
112 | |
|
113 | |
|
114 | |
|
115 | |
public final String getLoginModule() |
116 | |
{ |
117 | 0 | return loginModule; |
118 | |
} |
119 | |
|
120 | |
|
121 | |
|
122 | |
|
123 | |
|
124 | |
|
125 | |
public final void setLoginModule(String loginModule) |
126 | |
{ |
127 | 0 | this.loginModule = loginModule; |
128 | 0 | } |
129 | |
|
130 | |
|
131 | |
public final String getName() |
132 | |
{ |
133 | 48 | return name; |
134 | |
} |
135 | |
|
136 | |
|
137 | |
public final void setName(String name) |
138 | |
{ |
139 | 24 | this.name = name; |
140 | 24 | } |
141 | |
|
142 | |
|
143 | |
|
144 | |
|
145 | |
|
146 | |
|
147 | |
|
148 | |
|
149 | |
private void configureJaas() throws IOException |
150 | |
{ |
151 | |
|
152 | 28 | String loginConfigUrl = "file://" |
153 | |
+ org.mule.util.FileUtils.getResourcePath(loginConfig, |
154 | |
JaasSimpleAuthenticationProvider.class); |
155 | |
|
156 | 28 | boolean alreadySet = false; |
157 | |
|
158 | 28 | int n = 1; |
159 | 28 | String prefix = "login.config.url."; |
160 | 28 | String existing = null; |
161 | |
|
162 | 28 | while ((existing = Security.getProperty(prefix + n)) != null) |
163 | |
{ |
164 | 26 | alreadySet = existing.equals(loginConfigUrl); |
165 | |
|
166 | 26 | if (alreadySet) |
167 | |
{ |
168 | 26 | break; |
169 | |
} |
170 | 0 | n++; |
171 | |
} |
172 | |
|
173 | 28 | if (!alreadySet) |
174 | |
{ |
175 | 2 | String key = prefix + n; |
176 | 2 | Security.setProperty(key, loginConfigUrl); |
177 | |
} |
178 | 28 | } |
179 | |
|
180 | |
|
181 | |
|
182 | |
|
183 | |
|
184 | |
|
185 | |
|
186 | |
|
187 | |
|
188 | |
|
189 | |
public final Authentication authenticate(Authentication authentication) |
190 | |
throws org.mule.api.security.SecurityException |
191 | |
{ |
192 | |
LoginContext loginContext; |
193 | 20 | JaasAuthentication auth = (JaasAuthentication)authentication; |
194 | |
|
195 | |
|
196 | 20 | MuleCallbackHandler cbh = new MuleCallbackHandler(auth); |
197 | |
|
198 | |
|
199 | |
try |
200 | |
{ |
201 | 20 | if (auth.getSubject() != null) |
202 | |
{ |
203 | 0 | loginContext = new LoginContext(loginContextName,auth.getSubject(), cbh); |
204 | |
} |
205 | |
else |
206 | |
{ |
207 | 20 | loginContext = new LoginContext(loginContextName, cbh); |
208 | |
} |
209 | |
} |
210 | 0 | catch (LoginException e) |
211 | |
{ |
212 | 0 | throw new org.mule.api.security.UnauthorisedException( |
213 | |
CoreMessages.cannotLoadFromClasspath(loginContextName)); |
214 | 20 | } |
215 | |
|
216 | |
|
217 | |
try |
218 | |
{ |
219 | 20 | loginContext.login(); |
220 | |
} |
221 | 12 | catch (LoginException le) |
222 | |
{ |
223 | 12 | le.fillInStackTrace(); |
224 | 12 | throw new UnauthorisedException(CoreMessages.authFailedForUser(auth.getPrincipal())); |
225 | 8 | } |
226 | |
|
227 | 8 | Subject subject = loginContext.getSubject(); |
228 | 8 | JaasAuthentication finalAuth = new JaasAuthentication(auth.getPrincipal(), auth.getCredentials(),subject); |
229 | 8 | finalAuth.setAuthenticated(true); |
230 | |
|
231 | 8 | return finalAuth; |
232 | |
} |
233 | |
|
234 | |
|
235 | |
|
236 | |
|
237 | |
|
238 | |
|
239 | |
|
240 | |
public final boolean supports(Class aClass) |
241 | |
{ |
242 | 28 | return Authentication.class.isAssignableFrom(aClass); |
243 | |
} |
244 | |
|
245 | |
|
246 | |
|
247 | |
|
248 | |
|
249 | |
|
250 | |
|
251 | |
public final SecurityContext createSecurityContext(Authentication auth) |
252 | |
throws UnknownAuthenticationTypeException |
253 | |
{ |
254 | 8 | return factory.create(auth); |
255 | |
} |
256 | |
|
257 | |
|
258 | |
|
259 | |
|
260 | |
|
261 | |
|
262 | |
|
263 | |
|
264 | |
|
265 | |
|
266 | |
public final void initialise() throws InitialisationException |
267 | |
{ |
268 | |
|
269 | |
|
270 | 48 | if (loginConfig == null) |
271 | |
{ |
272 | |
try |
273 | |
{ |
274 | 20 | AppConfigurationEntry entry = null; |
275 | 20 | JaasConfig.init(); |
276 | |
|
277 | 20 | HashMap options = new HashMap(); |
278 | 20 | options.put("credentials", credentials); |
279 | |
|
280 | |
|
281 | |
|
282 | 20 | if (loginModule != null) |
283 | |
{ |
284 | 0 | entry = new AppConfigurationEntry(loginModule, |
285 | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); |
286 | |
} |
287 | |
else |
288 | |
{ |
289 | 20 | entry = new AppConfigurationEntry(defaultModule, |
290 | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); |
291 | |
} |
292 | |
|
293 | 20 | JaasConfig.addApplicationConfigEntry(loginContextName, entry); |
294 | |
} |
295 | 0 | catch (Exception e) |
296 | |
{ |
297 | 0 | throw new InitialisationException(e, this); |
298 | 20 | } |
299 | |
} |
300 | |
else |
301 | |
{ |
302 | |
|
303 | |
try |
304 | |
{ |
305 | 28 | configureJaas(); |
306 | |
} |
307 | 0 | catch (IOException e) |
308 | |
{ |
309 | 0 | throw new InitialisationException(e, this); |
310 | 28 | } |
311 | |
} |
312 | |
|
313 | |
|
314 | |
try |
315 | |
{ |
316 | 48 | factory = new JaasSecurityContextFactory(); |
317 | |
} |
318 | 0 | catch (Exception e) |
319 | |
{ |
320 | 0 | throw new InitialisationException(CoreMessages.failedToCreate("JaasProvider"), e, this); |
321 | 48 | } |
322 | 48 | } |
323 | |
|
324 | |
|
325 | |
|
326 | |
|
327 | |
|
328 | 24 | public static class JaasConfig extends Configuration |
329 | |
{ |
330 | |
|
331 | 2 | private static Map appConfigEntries = new HashMap(); |
332 | |
private static JaasConfig jaasConfig; |
333 | |
|
334 | |
|
335 | |
public static void init() |
336 | |
{ |
337 | 20 | jaasConfig = new JaasConfig(); |
338 | 20 | Configuration.setConfiguration(jaasConfig); |
339 | 20 | } |
340 | |
|
341 | |
|
342 | |
|
343 | |
|
344 | |
|
345 | |
|
346 | |
public static JaasConfig getJaasConfig() |
347 | |
{ |
348 | 0 | return jaasConfig; |
349 | |
} |
350 | |
|
351 | |
|
352 | |
|
353 | |
|
354 | |
|
355 | |
|
356 | |
|
357 | |
public static void addApplicationConfigEntry(String name, AppConfigurationEntry entry) |
358 | |
{ |
359 | 20 | appConfigEntries.put(name, entry); |
360 | 20 | } |
361 | |
|
362 | |
|
363 | |
|
364 | |
|
365 | |
|
366 | |
|
367 | |
|
368 | |
public final AppConfigurationEntry[] getAppConfigurationEntry(String applicationName) |
369 | |
{ |
370 | |
|
371 | 20 | if (applicationName == null) |
372 | |
{ |
373 | 0 | throw new IllegalArgumentException("applicationName passed in was null."); |
374 | |
} |
375 | |
|
376 | 20 | AppConfigurationEntry entry = (AppConfigurationEntry) appConfigEntries.get(applicationName); |
377 | 20 | if (entry == null) |
378 | |
{ |
379 | 0 | return new AppConfigurationEntry[]{}; |
380 | |
} |
381 | |
else |
382 | |
{ |
383 | 20 | AppConfigurationEntry e[] = new AppConfigurationEntry[1]; |
384 | 20 | e[0] = entry; |
385 | 20 | return e; |
386 | |
} |
387 | |
} |
388 | |
|
389 | |
public void refresh() |
390 | |
{ |
391 | |
|
392 | 0 | } |
393 | |
} |
394 | |
} |