Coverage Report - org.mule.module.jaas.JaasSimpleAuthenticationProvider
 
Classes in this File Line Coverage Branch Coverage Complexity
JaasSimpleAuthenticationProvider
0%
0/63
0%
0/12
2.059
JaasSimpleAuthenticationProvider$JaasConfig
0%
0/17
0%
0/4
2.059
 
 1  
 /*
 2  
  * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
 3  
  * The software in this package is published under the terms of the CPAL v1.0
 4  
  * license, a copy of which has been included with this distribution in the
 5  
  * LICENSE.txt file.
 6  
  */
 7  
 package org.mule.module.jaas;
 8  
 
 9  
 import org.mule.api.lifecycle.InitialisationException;
 10  
 import org.mule.api.security.Authentication;
 11  
 import org.mule.api.security.UnauthorisedException;
 12  
 import org.mule.config.i18n.CoreMessages;
 13  
 import org.mule.security.AbstractSecurityProvider;
 14  
 
 15  
 import java.io.IOException;
 16  
 import java.security.Security;
 17  
 import java.util.HashMap;
 18  
 import java.util.Map;
 19  
 
 20  
 import javax.security.auth.Subject;
 21  
 import javax.security.auth.login.AppConfigurationEntry;
 22  
 import javax.security.auth.login.Configuration;
 23  
 import javax.security.auth.login.LoginContext;
 24  
 import javax.security.auth.login.LoginException;
 25  
 
 26  
 /**
 27  
  *  This is the Provider for Mule's Jaas Security.
 28  
  */
 29  
 public class JaasSimpleAuthenticationProvider extends AbstractSecurityProvider
 30  
 {
 31  
     private String loginConfig;
 32  
     private String loginContextName;
 33  
     private String credentials;
 34  
     private String loginModule;
 35  0
     private String defaultModule = "org.mule.module.jaas.loginmodule.DefaultLoginModule";
 36  
 
 37  
     public JaasSimpleAuthenticationProvider()
 38  
     {
 39  0
         super("jaas");
 40  0
     }
 41  
 
 42  
     /**
 43  
      * Sets the login Configuration
 44  
      *
 45  
      * @param loginConfig
 46  
      */
 47  
     public final void setLoginConfig(String loginConfig)
 48  
     {
 49  0
         this.loginConfig = loginConfig;
 50  0
     }
 51  
 
 52  
     /**
 53  
      * Gets the Login Configuration
 54  
      *
 55  
      * @return loginConfig
 56  
      */
 57  
     public final String getLoginConfig()
 58  
     {
 59  0
         return loginConfig;
 60  
     }
 61  
 
 62  
     /**
 63  
      * Sets the Login Context name
 64  
      *
 65  
      * @param loginContextName
 66  
      */
 67  
     public final void setLoginContextName(String loginContextName)
 68  
     {
 69  0
         this.loginContextName = loginContextName;
 70  0
     }
 71  
 
 72  
     /**
 73  
      * Gets the Login Context Name
 74  
      *
 75  
      * @return loginContextName
 76  
      */
 77  
     public final String getLoginContextName()
 78  
     {
 79  0
         return loginContextName;
 80  
     }
 81  
 
 82  
     /**
 83  
      * Gets the user's credentials, i.e. the username and password
 84  
      *
 85  
      * @return credentials
 86  
      */
 87  
     public final String getCredentials()
 88  
     {
 89  0
         return credentials;
 90  
     }
 91  
 
 92  
     /**
 93  
      * Sets the user's credentials.
 94  
      *
 95  
      * @param credentials
 96  
      */
 97  
     public final void setCredentials(String credentials)
 98  
     {
 99  0
         this.credentials = credentials;
 100  0
     }
 101  
 
 102  
     /**
 103  
      * Gets the login module name
 104  
      *
 105  
      * @return loginModule
 106  
      */
 107  
     public final String getLoginModule()
 108  
     {
 109  0
         return loginModule;
 110  
     }
 111  
 
 112  
     /**
 113  
      * sets the login module name
 114  
      *
 115  
      * @param loginModule
 116  
      */
 117  
     public final void setLoginModule(String loginModule)
 118  
     {
 119  0
         this.loginModule = loginModule;
 120  0
     }
 121  
 
 122  
     // ~ Methods ================================================================
 123  
 
 124  
     /**
 125  
      * @throws IOException The configureJaas method gets the resource path of the
 126  
      *                     jaas configuration file and constructs the URL for the login
 127  
      *                     configuration.
 128  
      */
 129  
     private void configureJaas() throws IOException
 130  
     {
 131  
 
 132  0
         String loginConfigUrl = "file://"
 133  
                 + org.mule.util.FileUtils.getResourcePath(loginConfig,
 134  
                 JaasSimpleAuthenticationProvider.class);
 135  
 
 136  0
         boolean alreadySet = false;
 137  
 
 138  0
         int n = 1;
 139  0
         String prefix = "login.config.url.";
 140  0
         String existing = null;
 141  
 
 142  0
         while ((existing = Security.getProperty(prefix + n)) != null)
 143  
         {
 144  0
             alreadySet = existing.equals(loginConfigUrl);
 145  
 
 146  0
             if (alreadySet)
 147  
             {
 148  0
                 break;
 149  
             }
 150  0
             n++;
 151  
         }
 152  
 
 153  0
         if (!alreadySet)
 154  
         {
 155  0
             String key = prefix + n;
 156  0
             Security.setProperty(key, loginConfigUrl);
 157  
         }
 158  0
     }
 159  
 
 160  
     /**
 161  
      * The authenticate method first creates the jaas Login Context using the
 162  
      * callback handler and the name of the class or directory to prtect. If the
 163  
      * Login Context is successfully created, it will then attempt to login.
 164  
      *
 165  
      * @return Authentication
 166  
      * @throws org.mule.api.security.SecurityException
 167  
      *
 168  
      */
 169  
     public final Authentication authenticate(Authentication authentication)
 170  
             throws org.mule.api.security.SecurityException
 171  
     {
 172  
         LoginContext loginContext;
 173  0
         JaasAuthentication auth = (JaasAuthentication)authentication;
 174  
 
 175  
         // Create the Mule Callback Handler
 176  0
         MuleCallbackHandler cbh = new MuleCallbackHandler(auth);
 177  
 
 178  
         // Create the LoginContext object, and pass it to the CallbackHandler
 179  
         try
 180  
         {
 181  0
             if (auth.getSubject() != null)
 182  
             {
 183  0
                 loginContext = new LoginContext(loginContextName,auth.getSubject(), cbh);
 184  
             }
 185  
             else
 186  
             {
 187  0
                 loginContext = new LoginContext(loginContextName, cbh);
 188  
             }
 189  
         }
 190  0
         catch (LoginException e)
 191  
         {
 192  0
             throw new org.mule.api.security.UnauthorisedException(
 193  
                     CoreMessages.cannotLoadFromClasspath(loginContextName));
 194  0
         }
 195  
 
 196  
         // Attempt to login the user
 197  
         try
 198  
         {
 199  0
             loginContext.login();
 200  
         }
 201  0
         catch (LoginException le)
 202  
         {
 203  0
             le.fillInStackTrace();
 204  0
             throw new UnauthorisedException(CoreMessages.authFailedForUser(auth.getPrincipal()));
 205  0
         }
 206  
 
 207  0
         Subject subject = loginContext.getSubject();
 208  0
         JaasAuthentication finalAuth = new JaasAuthentication(auth.getPrincipal(), auth.getCredentials(),subject);
 209  0
         finalAuth.setAuthenticated(true);
 210  
 
 211  0
         return finalAuth;
 212  
     }
 213  
 
 214  
     /**
 215  
      * The initialise method checks whether a jaas configuration file exists. If it
 216  
      * exists, it will call the configureJaas() method to create the context URL of
 217  
      * that file. If such a configuration file is not present, it will then try to
 218  
      * configure jaas programmatically. It also attempts to create the
 219  
      * JaasSecurityContextFactory.
 220  
      *
 221  
      * @throws InitialisationException
 222  
      */
 223  
     protected void doInitialise() throws InitialisationException
 224  
     {
 225  
         // configure jaas from properties passed to the provider from the Mule XML
 226  
         // configuration file
 227  0
         if (loginConfig == null)
 228  
         {
 229  
             try
 230  
             {
 231  0
                 AppConfigurationEntry entry = null;
 232  0
                 JaasConfig.init();
 233  
 
 234  0
                 HashMap options = new HashMap();
 235  0
                 options.put("credentials", credentials);
 236  
 
 237  
                 // if a custom login module is not found, it will use the Default
 238  
                 // Login Module
 239  0
                 if (loginModule != null)
 240  
                 {
 241  0
                     entry = new AppConfigurationEntry(loginModule,
 242  
                             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
 243  
                 }
 244  
                 else
 245  
                 {
 246  0
                     entry = new AppConfigurationEntry(defaultModule,
 247  
                             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
 248  
                 }
 249  
 
 250  0
                 JaasConfig.addApplicationConfigEntry(loginContextName, entry);
 251  
             }
 252  0
             catch (Exception e)
 253  
             {
 254  0
                 throw new InitialisationException(e, this);
 255  0
             }
 256  
         }
 257  
         else
 258  
         {
 259  
             // configure jaas from a jaas configuration file
 260  
             try
 261  
             {
 262  0
                 configureJaas();
 263  
             }
 264  0
             catch (IOException e)
 265  
             {
 266  0
                 throw new InitialisationException(e, this);
 267  0
             }
 268  
         }
 269  0
     }
 270  
 
 271  
     /**
 272  
      * The JaasConfig class extends the Jaas Configuration in order to be able to
 273  
      * configure the jaas security programmatically.
 274  
      */
 275  0
     public static class JaasConfig extends Configuration
 276  
     {
 277  
 
 278  0
         private static Map appConfigEntries = new HashMap();
 279  
         private static JaasConfig jaasConfig;
 280  
 
 281  
         /** Initializes and sets the Jaas Configuration */
 282  
         public static void init()
 283  
         {
 284  0
             jaasConfig = new JaasConfig();
 285  0
             Configuration.setConfiguration(jaasConfig);
 286  0
         }
 287  
 
 288  
         /**
 289  
          * Returns the Jas Configuration
 290  
          *
 291  
          * @return jaasConfig
 292  
          */
 293  
         public static JaasConfig getJaasConfig()
 294  
         {
 295  0
             return jaasConfig;
 296  
         }
 297  
 
 298  
         /**
 299  
          * Adds the Configuration Entries
 300  
          *
 301  
          * @param name
 302  
          * @param entry
 303  
          */
 304  
         public static void addApplicationConfigEntry(String name, AppConfigurationEntry entry)
 305  
         {
 306  0
             appConfigEntries.put(name, entry);
 307  0
         }
 308  
 
 309  
         /**
 310  
          * Gets the configuration entries using the application Name
 311  
          *
 312  
          * @param applicationName
 313  
          */
 314  
         public final AppConfigurationEntry[] getAppConfigurationEntry(String applicationName)
 315  
         {
 316  
 
 317  0
             if (applicationName == null)
 318  
             {
 319  0
                 throw new IllegalArgumentException("applicationName passed in was null.");
 320  
             }
 321  
 
 322  0
             AppConfigurationEntry entry = (AppConfigurationEntry) appConfigEntries.get(applicationName);
 323  0
             if (entry == null)
 324  
             {
 325  0
                 return new AppConfigurationEntry[]{};
 326  
             }
 327  
             else
 328  
             {
 329  0
                 AppConfigurationEntry e[] = new AppConfigurationEntry[1];
 330  0
                 e[0] = entry;
 331  0
                 return e;
 332  
             }
 333  
         }
 334  
 
 335  
         public void refresh()
 336  
         {
 337  
             // Nothing to do here
 338  0
         }
 339  
     }
 340  
 }