1
2
3
4
5
6
7 package org.mule.module.management.support;
8
9 import org.mule.module.management.agent.ConfigurableJMXAuthenticator;
10 import org.mule.module.management.agent.JmxAgent;
11 import org.mule.util.StringUtils;
12
13 import java.security.Principal;
14 import java.util.Collections;
15 import java.util.HashMap;
16 import java.util.HashSet;
17 import java.util.Map;
18 import java.util.Set;
19
20 import javax.management.remote.JMXAuthenticator;
21 import javax.management.remote.JMXPrincipal;
22 import javax.security.auth.Subject;
23
24 import org.apache.commons.logging.Log;
25 import org.apache.commons.logging.LogFactory;
26
27
28
29
30
31 public class SimplePasswordJmxAuthenticator implements JMXAuthenticator, ConfigurableJMXAuthenticator
32 {
33
34
35
36 protected static final Log logger = LogFactory.getLog(JmxAgent.class);
37
38
39
40
41 private Map<String, Object> credentials = new HashMap<String, Object>();
42
43 public Subject authenticate (Object authToken)
44 {
45 if (authToken == null)
46 {
47 throw new SecurityException("No authentication token available");
48 }
49 if (!(authToken instanceof String[]) || ((String[]) authToken).length != 2)
50 {
51 throw new SecurityException("Unsupported credentials format");
52 }
53
54 String[] authentication = (String[]) authToken;
55
56 String username = StringUtils.defaultString(authentication[0]);
57 String password = StringUtils.defaultString(authentication[1]);
58
59 if (!credentials.containsKey(username))
60 {
61 throw new SecurityException("Unauthenticated user: " + username);
62 }
63
64 Object pass = credentials.get(username);
65 if (!password.equals(pass == null ? "" : pass.toString()))
66 {
67 throw new SecurityException("Invalid password");
68 }
69
70 Set<Principal> principals = new HashSet<Principal>();
71 principals.add(new JMXPrincipal(username));
72 return new Subject(true, principals, Collections.EMPTY_SET, Collections.EMPTY_SET);
73 }
74
75 public void setCredentials (Map<String, String> newCredentials)
76 {
77 this.credentials.clear();
78 if (newCredentials == null || newCredentials.isEmpty())
79 {
80 logger.warn("Credentials cache has been purged, remote access will no longer be available");
81 }
82 else
83 {
84 this.credentials.putAll(newCredentials);
85 }
86 }
87
88 public void configure(Map newCredentials)
89 {
90 this.setCredentials(newCredentials);
91 }
92 }