View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.module.management.support;
8   
9   import org.mule.module.management.agent.ConfigurableJMXAuthenticator;
10  import org.mule.module.management.agent.JmxAgent;
11  import org.mule.util.StringUtils;
12  
13  import java.security.Principal;
14  import java.util.Collections;
15  import java.util.HashMap;
16  import java.util.HashSet;
17  import java.util.Map;
18  import java.util.Set;
19  
20  import javax.management.remote.JMXAuthenticator;
21  import javax.management.remote.JMXPrincipal;
22  import javax.security.auth.Subject;
23  
24  import org.apache.commons.logging.Log;
25  import org.apache.commons.logging.LogFactory;
26  
27  /**
28   * A JMX authenticator for a simple username/password scheme.
29   * Passwords are neither encrypted, nor obfuscated.
30   */
31  public class SimplePasswordJmxAuthenticator implements JMXAuthenticator, ConfigurableJMXAuthenticator
32  {
33      /**
34       * Logger used by this class.
35       */
36      protected static final Log logger = LogFactory.getLog(JmxAgent.class);
37  
38      /**
39       * An in-memory credentials storage.
40       */
41      private Map<String, Object> credentials = new HashMap<String, Object>();
42  
43      public Subject authenticate (Object authToken)
44      {
45          if (authToken == null)
46          {
47              throw new SecurityException("No authentication token available");
48          }
49          if (!(authToken instanceof String[]) || ((String[]) authToken).length != 2)
50          {
51              throw new SecurityException("Unsupported credentials format");
52          }
53  
54          String[] authentication = (String[]) authToken;
55  
56          String username = StringUtils.defaultString(authentication[0]);
57          String password = StringUtils.defaultString(authentication[1]);
58  
59          if (!credentials.containsKey(username))
60          {
61              throw new SecurityException("Unauthenticated user: " + username);
62          }
63  
64          Object pass = credentials.get(username);
65          if (!password.equals(pass == null ? "" : pass.toString()))
66          {
67              throw new SecurityException("Invalid password");
68          }
69  
70          Set<Principal> principals = new HashSet<Principal>();
71          principals.add(new JMXPrincipal(username));
72          return new Subject(true, principals, Collections.EMPTY_SET, Collections.EMPTY_SET);
73      }
74  
75      public void setCredentials (Map<String, String> newCredentials)
76      {
77          this.credentials.clear();
78          if (newCredentials == null || newCredentials.isEmpty())
79          {
80              logger.warn("Credentials cache has been purged, remote access will no longer be available");
81          }
82          else
83          {
84              this.credentials.putAll(newCredentials);
85          }
86      }
87  
88      public void configure(Map newCredentials)
89      {
90          this.setCredentials(newCredentials);
91      }
92  }