1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.module.jaas; |
12 | |
|
13 | |
import org.mule.api.lifecycle.InitialisationException; |
14 | |
import org.mule.api.security.Authentication; |
15 | |
import org.mule.api.security.UnauthorisedException; |
16 | |
import org.mule.config.i18n.CoreMessages; |
17 | |
import org.mule.security.AbstractSecurityProvider; |
18 | |
|
19 | |
import java.io.IOException; |
20 | |
import java.security.Security; |
21 | |
import java.util.HashMap; |
22 | |
import java.util.Map; |
23 | |
|
24 | |
import javax.security.auth.Subject; |
25 | |
import javax.security.auth.login.AppConfigurationEntry; |
26 | |
import javax.security.auth.login.Configuration; |
27 | |
import javax.security.auth.login.LoginContext; |
28 | |
import javax.security.auth.login.LoginException; |
29 | |
|
30 | |
|
31 | |
|
32 | |
|
33 | |
public class JaasSimpleAuthenticationProvider extends AbstractSecurityProvider |
34 | |
{ |
35 | |
private String loginConfig; |
36 | |
private String loginContextName; |
37 | |
private String credentials; |
38 | |
private String loginModule; |
39 | 0 | private String defaultModule = "org.mule.module.jaas.loginmodule.DefaultLoginModule"; |
40 | |
|
41 | |
public JaasSimpleAuthenticationProvider() |
42 | |
{ |
43 | 0 | super("jaas"); |
44 | 0 | } |
45 | |
|
46 | |
|
47 | |
|
48 | |
|
49 | |
|
50 | |
|
51 | |
public final void setLoginConfig(String loginConfig) |
52 | |
{ |
53 | 0 | this.loginConfig = loginConfig; |
54 | 0 | } |
55 | |
|
56 | |
|
57 | |
|
58 | |
|
59 | |
|
60 | |
|
61 | |
public final String getLoginConfig() |
62 | |
{ |
63 | 0 | return loginConfig; |
64 | |
} |
65 | |
|
66 | |
|
67 | |
|
68 | |
|
69 | |
|
70 | |
|
71 | |
public final void setLoginContextName(String loginContextName) |
72 | |
{ |
73 | 0 | this.loginContextName = loginContextName; |
74 | 0 | } |
75 | |
|
76 | |
|
77 | |
|
78 | |
|
79 | |
|
80 | |
|
81 | |
public final String getLoginContextName() |
82 | |
{ |
83 | 0 | return loginContextName; |
84 | |
} |
85 | |
|
86 | |
|
87 | |
|
88 | |
|
89 | |
|
90 | |
|
91 | |
public final String getCredentials() |
92 | |
{ |
93 | 0 | return credentials; |
94 | |
} |
95 | |
|
96 | |
|
97 | |
|
98 | |
|
99 | |
|
100 | |
|
101 | |
public final void setCredentials(String credentials) |
102 | |
{ |
103 | 0 | this.credentials = credentials; |
104 | 0 | } |
105 | |
|
106 | |
|
107 | |
|
108 | |
|
109 | |
|
110 | |
|
111 | |
public final String getLoginModule() |
112 | |
{ |
113 | 0 | return loginModule; |
114 | |
} |
115 | |
|
116 | |
|
117 | |
|
118 | |
|
119 | |
|
120 | |
|
121 | |
public final void setLoginModule(String loginModule) |
122 | |
{ |
123 | 0 | this.loginModule = loginModule; |
124 | 0 | } |
125 | |
|
126 | |
|
127 | |
|
128 | |
|
129 | |
|
130 | |
|
131 | |
|
132 | |
|
133 | |
private void configureJaas() throws IOException |
134 | |
{ |
135 | |
|
136 | 0 | String loginConfigUrl = "file://" |
137 | |
+ org.mule.util.FileUtils.getResourcePath(loginConfig, |
138 | |
JaasSimpleAuthenticationProvider.class); |
139 | |
|
140 | 0 | boolean alreadySet = false; |
141 | |
|
142 | 0 | int n = 1; |
143 | 0 | String prefix = "login.config.url."; |
144 | 0 | String existing = null; |
145 | |
|
146 | 0 | while ((existing = Security.getProperty(prefix + n)) != null) |
147 | |
{ |
148 | 0 | alreadySet = existing.equals(loginConfigUrl); |
149 | |
|
150 | 0 | if (alreadySet) |
151 | |
{ |
152 | 0 | break; |
153 | |
} |
154 | 0 | n++; |
155 | |
} |
156 | |
|
157 | 0 | if (!alreadySet) |
158 | |
{ |
159 | 0 | String key = prefix + n; |
160 | 0 | Security.setProperty(key, loginConfigUrl); |
161 | |
} |
162 | 0 | } |
163 | |
|
164 | |
|
165 | |
|
166 | |
|
167 | |
|
168 | |
|
169 | |
|
170 | |
|
171 | |
|
172 | |
|
173 | |
public final Authentication authenticate(Authentication authentication) |
174 | |
throws org.mule.api.security.SecurityException |
175 | |
{ |
176 | |
LoginContext loginContext; |
177 | 0 | JaasAuthentication auth = (JaasAuthentication)authentication; |
178 | |
|
179 | |
|
180 | 0 | MuleCallbackHandler cbh = new MuleCallbackHandler(auth); |
181 | |
|
182 | |
|
183 | |
try |
184 | |
{ |
185 | 0 | if (auth.getSubject() != null) |
186 | |
{ |
187 | 0 | loginContext = new LoginContext(loginContextName,auth.getSubject(), cbh); |
188 | |
} |
189 | |
else |
190 | |
{ |
191 | 0 | loginContext = new LoginContext(loginContextName, cbh); |
192 | |
} |
193 | |
} |
194 | 0 | catch (LoginException e) |
195 | |
{ |
196 | 0 | throw new org.mule.api.security.UnauthorisedException( |
197 | |
CoreMessages.cannotLoadFromClasspath(loginContextName)); |
198 | 0 | } |
199 | |
|
200 | |
|
201 | |
try |
202 | |
{ |
203 | 0 | loginContext.login(); |
204 | |
} |
205 | 0 | catch (LoginException le) |
206 | |
{ |
207 | 0 | le.fillInStackTrace(); |
208 | 0 | throw new UnauthorisedException(CoreMessages.authFailedForUser(auth.getPrincipal())); |
209 | 0 | } |
210 | |
|
211 | 0 | Subject subject = loginContext.getSubject(); |
212 | 0 | JaasAuthentication finalAuth = new JaasAuthentication(auth.getPrincipal(), auth.getCredentials(),subject); |
213 | 0 | finalAuth.setAuthenticated(true); |
214 | |
|
215 | 0 | return finalAuth; |
216 | |
} |
217 | |
|
218 | |
|
219 | |
|
220 | |
|
221 | |
|
222 | |
|
223 | |
|
224 | |
|
225 | |
|
226 | |
|
227 | |
protected void doInitialise() throws InitialisationException |
228 | |
{ |
229 | |
|
230 | |
|
231 | 0 | if (loginConfig == null) |
232 | |
{ |
233 | |
try |
234 | |
{ |
235 | 0 | AppConfigurationEntry entry = null; |
236 | 0 | JaasConfig.init(); |
237 | |
|
238 | 0 | HashMap options = new HashMap(); |
239 | 0 | options.put("credentials", credentials); |
240 | |
|
241 | |
|
242 | |
|
243 | 0 | if (loginModule != null) |
244 | |
{ |
245 | 0 | entry = new AppConfigurationEntry(loginModule, |
246 | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); |
247 | |
} |
248 | |
else |
249 | |
{ |
250 | 0 | entry = new AppConfigurationEntry(defaultModule, |
251 | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); |
252 | |
} |
253 | |
|
254 | 0 | JaasConfig.addApplicationConfigEntry(loginContextName, entry); |
255 | |
} |
256 | 0 | catch (Exception e) |
257 | |
{ |
258 | 0 | throw new InitialisationException(e, this); |
259 | 0 | } |
260 | |
} |
261 | |
else |
262 | |
{ |
263 | |
|
264 | |
try |
265 | |
{ |
266 | 0 | configureJaas(); |
267 | |
} |
268 | 0 | catch (IOException e) |
269 | |
{ |
270 | 0 | throw new InitialisationException(e, this); |
271 | 0 | } |
272 | |
} |
273 | 0 | } |
274 | |
|
275 | |
|
276 | |
|
277 | |
|
278 | |
|
279 | 0 | public static class JaasConfig extends Configuration |
280 | |
{ |
281 | |
|
282 | 0 | private static Map appConfigEntries = new HashMap(); |
283 | |
private static JaasConfig jaasConfig; |
284 | |
|
285 | |
|
286 | |
public static void init() |
287 | |
{ |
288 | 0 | jaasConfig = new JaasConfig(); |
289 | 0 | Configuration.setConfiguration(jaasConfig); |
290 | 0 | } |
291 | |
|
292 | |
|
293 | |
|
294 | |
|
295 | |
|
296 | |
|
297 | |
public static JaasConfig getJaasConfig() |
298 | |
{ |
299 | 0 | return jaasConfig; |
300 | |
} |
301 | |
|
302 | |
|
303 | |
|
304 | |
|
305 | |
|
306 | |
|
307 | |
|
308 | |
public static void addApplicationConfigEntry(String name, AppConfigurationEntry entry) |
309 | |
{ |
310 | 0 | appConfigEntries.put(name, entry); |
311 | 0 | } |
312 | |
|
313 | |
|
314 | |
|
315 | |
|
316 | |
|
317 | |
|
318 | |
public final AppConfigurationEntry[] getAppConfigurationEntry(String applicationName) |
319 | |
{ |
320 | |
|
321 | 0 | if (applicationName == null) |
322 | |
{ |
323 | 0 | throw new IllegalArgumentException("applicationName passed in was null."); |
324 | |
} |
325 | |
|
326 | 0 | AppConfigurationEntry entry = (AppConfigurationEntry) appConfigEntries.get(applicationName); |
327 | 0 | if (entry == null) |
328 | |
{ |
329 | 0 | return new AppConfigurationEntry[]{}; |
330 | |
} |
331 | |
else |
332 | |
{ |
333 | 0 | AppConfigurationEntry e[] = new AppConfigurationEntry[1]; |
334 | 0 | e[0] = entry; |
335 | 0 | return e; |
336 | |
} |
337 | |
} |
338 | |
|
339 | |
public void refresh() |
340 | |
{ |
341 | |
|
342 | 0 | } |
343 | |
} |
344 | |
} |