SecurityLifecycle


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  package com.sun.enterprise.security;
24  
25  import java.io.File  ;
26  import java.util.logging.Level  ;
27  import java.util.logging.Logger  ;
28  
29  import javax.security.jacc.PolicyContext  ;
30  import javax.security.jacc.PolicyContextHandler  ;
31  
32  import com.sun.appserv.server.ServerLifecycleException;
33  import com.sun.appserv.server.ServerLifecycleImpl;
34  import com.sun.enterprise.J2EESecurityManager;
35  import com.sun.enterprise.security.PolicyLoader;
36  import com.sun.enterprise.security.RealmConfig;
37  import com.sun.enterprise.security.authorize.PolicyContextHandlerImpl;
38  import com.sun.enterprise.security.audit.AuditManagerFactory;
39  import com.sun.enterprise.server.ServerContext;
40  import com.sun.enterprise.util.SystemPropertyConstants;
41  import com.sun.logging.LogDomains;
42  
43  /**
44   * This class extends default implementation of ServerLifecycle interface.
45   * It provides security initialization and setup for the server.
46   * @author  Shing Wai Chan
47   */
48  public class SecurityLifecycle extends ServerLifecycleImpl {
49      private static final Logger   _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
50  
51      public SecurityLifecycle() {
52      try {
53              // security manager is set here so that it can be accessed from
54              // other lifecycles, like PEWebContainer
55              String   serverPolicyFile = System.getProperty("java.security.policy");
56  
57              SecurityManager   secMgr = System.getSecurityManager();
58              if (secMgr != null &&
59                      !(J2EESecurityManager.class.equals(secMgr.getClass()))) {
60                  J2EESecurityManager mgr = new J2EESecurityManager();
61                  System.setSecurityManager(mgr);
62              }
63              
64              if (_logger.isLoggable(Level.INFO)) {
65                  if (secMgr != null) {
66                      _logger.info("security.secmgron");
67                  } else {
68                      _logger.info("security.secmgroff");
69                  }
70              }
71      } catch(Exception   ex) {
72              _logger.log(Level.SEVERE, "java_security.init_securitylifecycle_fail", ex);
73              throw new RuntimeException  (ex.toString(), ex);
74      }
75      }   
76  
77      // override default
78      public void onInitialization(ServerContext sc)
79              throws ServerLifecycleException {
80  
81          try {
82              // init SSL store
83              // need this for jaxr https for PE
84              // need this for webcore, etc for SE
85              SSLUtils.initStoresAtStartup();
86  
87              // jacc
88              registerPolicyHandlers();
89              PolicyLoader policyLoader = PolicyLoader.getInstance();
90              policyLoader.loadPolicy();
91  
92              // create realms rather than creating RemoteObject RealmManager
93              // which will init ORB prematurely
94              RealmConfig.createRealms();
95  
96              // start the audit mechanism
97              AuditManagerFactory amf = AuditManagerFactory.getInstance();
98              amf.getAuditManagerInstance().loadAuditModules();
99  
100             // initRoleMapperFactory is in J2EEServer.java and not moved to here
101             // this is because a DummyRoleMapperFactory is register due
102             // to invocation of ConnectorRuntime.createActiveResourceAdapter
103             // initRoleMapperFactory is called after it
104         } catch(Exception   ex) {
105             throw new ServerLifecycleException(ex);
106         }
107     }
108 
109     private void registerPolicyHandlers()
110             throws javax.security.jacc.PolicyContextException   {
111         PolicyContextHandler   pch = PolicyContextHandlerImpl.getInstance();
112         PolicyContext.registerHandler(PolicyContextHandlerImpl.ENTERPRISE_BEAN,
113             pch, true);
114         PolicyContext.registerHandler(PolicyContextHandlerImpl.SUBJECT, pch, true);
115         PolicyContext.registerHandler(PolicyContextHandlerImpl.EJB_ARGUMENTS,
116             pch, true);
117         PolicyContext.registerHandler(PolicyContextHandlerImpl.SOAP_MESSAGE,
118             pch, true);
119         PolicyContext.registerHandler(PolicyContextHandlerImpl.HTTP_SERVLET_REQUEST,
120             pch, true);
121         PolicyContext.registerHandler(PolicyContextHandlerImpl.REUSE, pch, true);
122     }
123 }
124
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags