1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.management.support;
12
13 import org.mule.module.management.agent.ConfigurableJMXAuthenticator;
14 import org.mule.module.management.agent.JmxAgent;
15 import org.mule.util.StringUtils;
16
17 import java.security.Principal;
18 import java.util.Collections;
19 import java.util.HashMap;
20 import java.util.HashSet;
21 import java.util.Map;
22 import java.util.Set;
23
24 import javax.management.remote.JMXAuthenticator;
25 import javax.management.remote.JMXPrincipal;
26 import javax.security.auth.Subject;
27
28 import org.apache.commons.logging.Log;
29 import org.apache.commons.logging.LogFactory;
30
31
32
33
34
35 public class SimplePasswordJmxAuthenticator implements JMXAuthenticator, ConfigurableJMXAuthenticator
36 {
37
38
39
40 protected static final Log logger = LogFactory.getLog(JmxAgent.class);
41
42
43
44
45 private Map<String, Object> credentials = new HashMap<String, Object>();
46
47 public Subject authenticate (Object authToken)
48 {
49 if (authToken == null)
50 {
51 throw new SecurityException("No authentication token available");
52 }
53 if (!(authToken instanceof String[]) || ((String[]) authToken).length != 2)
54 {
55 throw new SecurityException("Unsupported credentials format");
56 }
57
58 String[] authentication = (String[]) authToken;
59
60 String username = StringUtils.defaultString(authentication[0]);
61 String password = StringUtils.defaultString(authentication[1]);
62
63 if (!credentials.containsKey(username))
64 {
65 throw new SecurityException("Unauthenticated user: " + username);
66 }
67
68 Object pass = credentials.get(username);
69 if (!password.equals(pass == null ? "" : pass.toString()))
70 {
71 throw new SecurityException("Invalid password");
72 }
73
74 Set<Principal> principals = new HashSet<Principal>();
75 principals.add(new JMXPrincipal(username));
76 return new Subject(true, principals, Collections.EMPTY_SET, Collections.EMPTY_SET);
77 }
78
79 public void setCredentials (Map<String, String> newCredentials)
80 {
81 this.credentials.clear();
82 if (newCredentials == null || newCredentials.isEmpty())
83 {
84 logger.warn("Credentials cache has been purged, remote access will no longer be available");
85 }
86 else
87 {
88 this.credentials.putAll(newCredentials);
89 }
90 }
91
92 public void configure(Map newCredentials)
93 {
94 this.setCredentials(newCredentials);
95 }
96 }