View Javadoc

1   /*
2    * $Id: SimplePasswordJmxAuthenticator.java 20842 2010-12-29 15:00:39Z esteban.robles $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.management.support;
12  
13  import org.mule.module.management.agent.ConfigurableJMXAuthenticator;
14  import org.mule.module.management.agent.JmxAgent;
15  import org.mule.util.StringUtils;
16  
17  import java.security.Principal;
18  import java.util.Collections;
19  import java.util.HashMap;
20  import java.util.HashSet;
21  import java.util.Map;
22  import java.util.Set;
23  
24  import javax.management.remote.JMXAuthenticator;
25  import javax.management.remote.JMXPrincipal;
26  import javax.security.auth.Subject;
27  
28  import org.apache.commons.logging.Log;
29  import org.apache.commons.logging.LogFactory;
30  
31  /**
32   * A JMX authenticator for a simple username/password scheme.
33   * Passwords are neither encrypted, nor obfuscated.
34   */
35  public class SimplePasswordJmxAuthenticator implements JMXAuthenticator, ConfigurableJMXAuthenticator
36  {
37      /**
38       * Logger used by this class.
39       */
40      protected static final Log logger = LogFactory.getLog(JmxAgent.class);
41  
42      /**
43       * An in-memory credentials storage.
44       */
45      private Map<String, Object> credentials = new HashMap<String, Object>();
46  
47      public Subject authenticate (Object authToken)
48      {
49          if (authToken == null)
50          {
51              throw new SecurityException("No authentication token available");
52          }
53          if (!(authToken instanceof String[]) || ((String[]) authToken).length != 2)
54          {
55              throw new SecurityException("Unsupported credentials format");
56          }
57  
58          String[] authentication = (String[]) authToken;
59  
60          String username = StringUtils.defaultString(authentication[0]);
61          String password = StringUtils.defaultString(authentication[1]);
62  
63          if (!credentials.containsKey(username))
64          {
65              throw new SecurityException("Unauthenticated user: " + username);
66          }
67  
68          Object pass = credentials.get(username);
69          if (!password.equals(pass == null ? "" : pass.toString()))
70          {
71              throw new SecurityException("Invalid password");
72          }
73  
74          Set<Principal> principals = new HashSet<Principal>();
75          principals.add(new JMXPrincipal(username));
76          return new Subject(true, principals, Collections.EMPTY_SET, Collections.EMPTY_SET);
77      }
78  
79      public void setCredentials (Map<String, String> newCredentials)
80      {
81          this.credentials.clear();
82          if (newCredentials == null || newCredentials.isEmpty())
83          {
84              logger.warn("Credentials cache has been purged, remote access will no longer be available");
85          }
86          else
87          {
88              this.credentials.putAll(newCredentials);
89          }
90      }
91  
92      public void configure(Map newCredentials)
93      {
94          this.setCredentials(newCredentials);
95      }
96  }