Coverage Report - org.mule.module.management.support.SimplePasswordJmxAuthenticator
 
Classes in this File Line Coverage Branch Coverage Complexity
SimplePasswordJmxAuthenticator
0%
0/23
0%
0/16
0
 
 1  
 /*
 2  
  * $Id: SimplePasswordJmxAuthenticator.java 19191 2010-08-25 21:05:23Z tcarlson $
 3  
  * --------------------------------------------------------------------------------------
 4  
  * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
 5  
  *
 6  
  * The software in this package is published under the terms of the CPAL v1.0
 7  
  * license, a copy of which has been included with this distribution in the
 8  
  * LICENSE.txt file.
 9  
  */
 10  
 
 11  
 package org.mule.module.management.support;
 12  
 
 13  
 import org.mule.module.management.agent.JmxAgent;
 14  
 import org.mule.util.StringUtils;
 15  
 
 16  
 import java.security.Principal;
 17  
 import java.util.Collections;
 18  
 import java.util.HashMap;
 19  
 import java.util.HashSet;
 20  
 import java.util.Map;
 21  
 import java.util.Set;
 22  
 
 23  
 import javax.management.remote.JMXAuthenticator;
 24  
 import javax.management.remote.JMXPrincipal;
 25  
 import javax.security.auth.Subject;
 26  
 
 27  
 import org.apache.commons.logging.Log;
 28  
 import org.apache.commons.logging.LogFactory;
 29  
 
 30  
 /**
 31  
  * A JMX authenticator for a simple username/password scheme.
 32  
  * Passwords are neither encrypted, nor obfuscated.
 33  
  */
 34  0
 public class SimplePasswordJmxAuthenticator implements JMXAuthenticator
 35  
 {
 36  
     /**
 37  
      * Logger used by this class.
 38  
      */
 39  0
     protected static final Log logger = LogFactory.getLog(JmxAgent.class);
 40  
 
 41  
     /**
 42  
      * An in-memory credentials storage.
 43  
      */
 44  0
     private Map<String, Object> credentials = new HashMap<String, Object>();
 45  
 
 46  
     public Subject authenticate (Object authToken)
 47  
     {
 48  0
         if (authToken == null)
 49  
         {
 50  0
             throw new SecurityException("No authentication token available");
 51  
         }
 52  0
         if (!(authToken instanceof String[]) || ((String[]) authToken).length != 2)
 53  
         {
 54  0
             throw new SecurityException("Unsupported credentials format");
 55  
         }
 56  
 
 57  0
         String[] authentication = (String[]) authToken;
 58  
 
 59  0
         String username = StringUtils.defaultString(authentication[0]);
 60  0
         String password = StringUtils.defaultString(authentication[1]);
 61  
 
 62  0
         if (!credentials.containsKey(username))
 63  
         {
 64  0
             throw new SecurityException("Unauthenticated user: " + username);
 65  
         }
 66  
 
 67  0
         Object pass = credentials.get(username);
 68  0
         if (!password.equals(pass == null ? "" : pass.toString()))
 69  
         {
 70  0
             throw new SecurityException("Invalid password");
 71  
         }
 72  
 
 73  0
         Set<Principal> principals = new HashSet<Principal>();
 74  0
         principals.add(new JMXPrincipal(username));
 75  0
         return new Subject(true, principals, Collections.EMPTY_SET, Collections.EMPTY_SET);
 76  
     }
 77  
 
 78  
     public void setCredentials (Map<String, String> newCredentials)
 79  
     {
 80  0
         this.credentials.clear();
 81  0
         if (newCredentials == null || newCredentials.isEmpty())
 82  
         {
 83  0
             logger.warn("Credentials cache has been purged, remote access will no longer be available");
 84  
         }
 85  
         else
 86  
         {
 87  0
             this.credentials.putAll(newCredentials);
 88  
         }
 89  0
     }
 90  
 }