View Javadoc

1   /*
2    * $Id: SimplePasswordJmxAuthenticator.java 20321 2010-11-24 15:21:24Z dfeist $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.management.support;
12  
13  import org.mule.module.management.agent.JmxAgent;
14  import org.mule.util.StringUtils;
15  
16  import java.security.Principal;
17  import java.util.Collections;
18  import java.util.HashMap;
19  import java.util.HashSet;
20  import java.util.Map;
21  import java.util.Set;
22  
23  import javax.management.remote.JMXAuthenticator;
24  import javax.management.remote.JMXPrincipal;
25  import javax.security.auth.Subject;
26  
27  import org.apache.commons.logging.Log;
28  import org.apache.commons.logging.LogFactory;
29  
30  /**
31   * A JMX authenticator for a simple username/password scheme.
32   * Passwords are neither encrypted, nor obfuscated.
33   */
34  public class SimplePasswordJmxAuthenticator implements JMXAuthenticator
35  {
36      /**
37       * Logger used by this class.
38       */
39      protected static final Log logger = LogFactory.getLog(JmxAgent.class);
40  
41      /**
42       * An in-memory credentials storage.
43       */
44      private Map<String, Object> credentials = new HashMap<String, Object>();
45  
46      public Subject authenticate (Object authToken)
47      {
48          if (authToken == null)
49          {
50              throw new SecurityException("No authentication token available");
51          }
52          if (!(authToken instanceof String[]) || ((String[]) authToken).length != 2)
53          {
54              throw new SecurityException("Unsupported credentials format");
55          }
56  
57          String[] authentication = (String[]) authToken;
58  
59          String username = StringUtils.defaultString(authentication[0]);
60          String password = StringUtils.defaultString(authentication[1]);
61  
62          if (!credentials.containsKey(username))
63          {
64              throw new SecurityException("Unauthenticated user: " + username);
65          }
66  
67          Object pass = credentials.get(username);
68          if (!password.equals(pass == null ? "" : pass.toString()))
69          {
70              throw new SecurityException("Invalid password");
71          }
72  
73          Set<Principal> principals = new HashSet<Principal>();
74          principals.add(new JMXPrincipal(username));
75          return new Subject(true, principals, Collections.EMPTY_SET, Collections.EMPTY_SET);
76      }
77  
78      public void setCredentials (Map<String, String> newCredentials)
79      {
80          this.credentials.clear();
81          if (newCredentials == null || newCredentials.isEmpty())
82          {
83              logger.warn("Credentials cache has been purged, remote access will no longer be available");
84          }
85          else
86          {
87              this.credentials.putAll(newCredentials);
88          }
89      }
90  }