1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
package org.mule.module.jaas; |
8 | |
|
9 | |
import org.mule.api.lifecycle.InitialisationException; |
10 | |
import org.mule.api.security.Authentication; |
11 | |
import org.mule.api.security.UnauthorisedException; |
12 | |
import org.mule.config.i18n.CoreMessages; |
13 | |
import org.mule.security.AbstractSecurityProvider; |
14 | |
|
15 | |
import java.io.IOException; |
16 | |
import java.security.Security; |
17 | |
import java.util.HashMap; |
18 | |
import java.util.Map; |
19 | |
|
20 | |
import javax.security.auth.Subject; |
21 | |
import javax.security.auth.login.AppConfigurationEntry; |
22 | |
import javax.security.auth.login.Configuration; |
23 | |
import javax.security.auth.login.LoginContext; |
24 | |
import javax.security.auth.login.LoginException; |
25 | |
|
26 | |
|
27 | |
|
28 | |
|
29 | |
public class JaasSimpleAuthenticationProvider extends AbstractSecurityProvider |
30 | |
{ |
31 | |
private String loginConfig; |
32 | |
private String loginContextName; |
33 | |
private String credentials; |
34 | |
private String loginModule; |
35 | 0 | private String defaultModule = "org.mule.module.jaas.loginmodule.DefaultLoginModule"; |
36 | |
|
37 | |
public JaasSimpleAuthenticationProvider() |
38 | |
{ |
39 | 0 | super("jaas"); |
40 | 0 | } |
41 | |
|
42 | |
|
43 | |
|
44 | |
|
45 | |
|
46 | |
|
47 | |
public final void setLoginConfig(String loginConfig) |
48 | |
{ |
49 | 0 | this.loginConfig = loginConfig; |
50 | 0 | } |
51 | |
|
52 | |
|
53 | |
|
54 | |
|
55 | |
|
56 | |
|
57 | |
public final String getLoginConfig() |
58 | |
{ |
59 | 0 | return loginConfig; |
60 | |
} |
61 | |
|
62 | |
|
63 | |
|
64 | |
|
65 | |
|
66 | |
|
67 | |
public final void setLoginContextName(String loginContextName) |
68 | |
{ |
69 | 0 | this.loginContextName = loginContextName; |
70 | 0 | } |
71 | |
|
72 | |
|
73 | |
|
74 | |
|
75 | |
|
76 | |
|
77 | |
public final String getLoginContextName() |
78 | |
{ |
79 | 0 | return loginContextName; |
80 | |
} |
81 | |
|
82 | |
|
83 | |
|
84 | |
|
85 | |
|
86 | |
|
87 | |
public final String getCredentials() |
88 | |
{ |
89 | 0 | return credentials; |
90 | |
} |
91 | |
|
92 | |
|
93 | |
|
94 | |
|
95 | |
|
96 | |
|
97 | |
public final void setCredentials(String credentials) |
98 | |
{ |
99 | 0 | this.credentials = credentials; |
100 | 0 | } |
101 | |
|
102 | |
|
103 | |
|
104 | |
|
105 | |
|
106 | |
|
107 | |
public final String getLoginModule() |
108 | |
{ |
109 | 0 | return loginModule; |
110 | |
} |
111 | |
|
112 | |
|
113 | |
|
114 | |
|
115 | |
|
116 | |
|
117 | |
public final void setLoginModule(String loginModule) |
118 | |
{ |
119 | 0 | this.loginModule = loginModule; |
120 | 0 | } |
121 | |
|
122 | |
|
123 | |
|
124 | |
|
125 | |
|
126 | |
|
127 | |
|
128 | |
|
129 | |
private void configureJaas() throws IOException |
130 | |
{ |
131 | |
|
132 | 0 | String loginConfigUrl = "file://" |
133 | |
+ org.mule.util.FileUtils.getResourcePath(loginConfig, |
134 | |
JaasSimpleAuthenticationProvider.class); |
135 | |
|
136 | 0 | boolean alreadySet = false; |
137 | |
|
138 | 0 | int n = 1; |
139 | 0 | String prefix = "login.config.url."; |
140 | 0 | String existing = null; |
141 | |
|
142 | 0 | while ((existing = Security.getProperty(prefix + n)) != null) |
143 | |
{ |
144 | 0 | alreadySet = existing.equals(loginConfigUrl); |
145 | |
|
146 | 0 | if (alreadySet) |
147 | |
{ |
148 | 0 | break; |
149 | |
} |
150 | 0 | n++; |
151 | |
} |
152 | |
|
153 | 0 | if (!alreadySet) |
154 | |
{ |
155 | 0 | String key = prefix + n; |
156 | 0 | Security.setProperty(key, loginConfigUrl); |
157 | |
} |
158 | 0 | } |
159 | |
|
160 | |
|
161 | |
|
162 | |
|
163 | |
|
164 | |
|
165 | |
|
166 | |
|
167 | |
|
168 | |
|
169 | |
public final Authentication authenticate(Authentication authentication) |
170 | |
throws org.mule.api.security.SecurityException |
171 | |
{ |
172 | |
LoginContext loginContext; |
173 | 0 | JaasAuthentication auth = (JaasAuthentication)authentication; |
174 | |
|
175 | |
|
176 | 0 | MuleCallbackHandler cbh = new MuleCallbackHandler(auth); |
177 | |
|
178 | |
|
179 | |
try |
180 | |
{ |
181 | 0 | if (auth.getSubject() != null) |
182 | |
{ |
183 | 0 | loginContext = new LoginContext(loginContextName,auth.getSubject(), cbh); |
184 | |
} |
185 | |
else |
186 | |
{ |
187 | 0 | loginContext = new LoginContext(loginContextName, cbh); |
188 | |
} |
189 | |
} |
190 | 0 | catch (LoginException e) |
191 | |
{ |
192 | 0 | throw new org.mule.api.security.UnauthorisedException( |
193 | |
CoreMessages.cannotLoadFromClasspath(loginContextName)); |
194 | 0 | } |
195 | |
|
196 | |
|
197 | |
try |
198 | |
{ |
199 | 0 | loginContext.login(); |
200 | |
} |
201 | 0 | catch (LoginException le) |
202 | |
{ |
203 | 0 | le.fillInStackTrace(); |
204 | 0 | throw new UnauthorisedException(CoreMessages.authFailedForUser(auth.getPrincipal())); |
205 | 0 | } |
206 | |
|
207 | 0 | Subject subject = loginContext.getSubject(); |
208 | 0 | JaasAuthentication finalAuth = new JaasAuthentication(auth.getPrincipal(), auth.getCredentials(),subject); |
209 | 0 | finalAuth.setAuthenticated(true); |
210 | |
|
211 | 0 | return finalAuth; |
212 | |
} |
213 | |
|
214 | |
|
215 | |
|
216 | |
|
217 | |
|
218 | |
|
219 | |
|
220 | |
|
221 | |
|
222 | |
|
223 | |
protected void doInitialise() throws InitialisationException |
224 | |
{ |
225 | |
|
226 | |
|
227 | 0 | if (loginConfig == null) |
228 | |
{ |
229 | |
try |
230 | |
{ |
231 | 0 | AppConfigurationEntry entry = null; |
232 | 0 | JaasConfig.init(); |
233 | |
|
234 | 0 | HashMap options = new HashMap(); |
235 | 0 | options.put("credentials", credentials); |
236 | |
|
237 | |
|
238 | |
|
239 | 0 | if (loginModule != null) |
240 | |
{ |
241 | 0 | entry = new AppConfigurationEntry(loginModule, |
242 | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); |
243 | |
} |
244 | |
else |
245 | |
{ |
246 | 0 | entry = new AppConfigurationEntry(defaultModule, |
247 | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); |
248 | |
} |
249 | |
|
250 | 0 | JaasConfig.addApplicationConfigEntry(loginContextName, entry); |
251 | |
} |
252 | 0 | catch (Exception e) |
253 | |
{ |
254 | 0 | throw new InitialisationException(e, this); |
255 | 0 | } |
256 | |
} |
257 | |
else |
258 | |
{ |
259 | |
|
260 | |
try |
261 | |
{ |
262 | 0 | configureJaas(); |
263 | |
} |
264 | 0 | catch (IOException e) |
265 | |
{ |
266 | 0 | throw new InitialisationException(e, this); |
267 | 0 | } |
268 | |
} |
269 | 0 | } |
270 | |
|
271 | |
|
272 | |
|
273 | |
|
274 | |
|
275 | 0 | public static class JaasConfig extends Configuration |
276 | |
{ |
277 | |
|
278 | 0 | private static Map appConfigEntries = new HashMap(); |
279 | |
private static JaasConfig jaasConfig; |
280 | |
|
281 | |
|
282 | |
public static void init() |
283 | |
{ |
284 | 0 | jaasConfig = new JaasConfig(); |
285 | 0 | Configuration.setConfiguration(jaasConfig); |
286 | 0 | } |
287 | |
|
288 | |
|
289 | |
|
290 | |
|
291 | |
|
292 | |
|
293 | |
public static JaasConfig getJaasConfig() |
294 | |
{ |
295 | 0 | return jaasConfig; |
296 | |
} |
297 | |
|
298 | |
|
299 | |
|
300 | |
|
301 | |
|
302 | |
|
303 | |
|
304 | |
public static void addApplicationConfigEntry(String name, AppConfigurationEntry entry) |
305 | |
{ |
306 | 0 | appConfigEntries.put(name, entry); |
307 | 0 | } |
308 | |
|
309 | |
|
310 | |
|
311 | |
|
312 | |
|
313 | |
|
314 | |
public final AppConfigurationEntry[] getAppConfigurationEntry(String applicationName) |
315 | |
{ |
316 | |
|
317 | 0 | if (applicationName == null) |
318 | |
{ |
319 | 0 | throw new IllegalArgumentException("applicationName passed in was null."); |
320 | |
} |
321 | |
|
322 | 0 | AppConfigurationEntry entry = (AppConfigurationEntry) appConfigEntries.get(applicationName); |
323 | 0 | if (entry == null) |
324 | |
{ |
325 | 0 | return new AppConfigurationEntry[]{}; |
326 | |
} |
327 | |
else |
328 | |
{ |
329 | 0 | AppConfigurationEntry e[] = new AppConfigurationEntry[1]; |
330 | 0 | e[0] = entry; |
331 | 0 | return e; |
332 | |
} |
333 | |
} |
334 | |
|
335 | |
public void refresh() |
336 | |
{ |
337 | |
|
338 | 0 | } |
339 | |
} |
340 | |
} |