1 28 package net.sf.jguard.jee.listeners; 29 30 import java.security.Policy ; 31 import java.util.ArrayList ; 32 import java.util.HashMap ; 33 import java.util.Map ; 34 35 import javax.security.auth.login.Configuration ; 36 import javax.servlet.ServletContext ; 37 import javax.servlet.ServletContextEvent ; 38 import javax.servlet.ServletContextListener ; 39 40 import net.sf.jguard.core.CoreConstants; 41 import net.sf.jguard.core.authentication.configuration.JGuardConfiguration; 42 import net.sf.jguard.core.authorization.policy.AccessControllerUtils; 43 import net.sf.jguard.core.authorization.policy.MultipleAppPolicy; 44 import net.sf.jguard.core.authorization.policy.PolicyHelper; 45 import net.sf.jguard.ext.SecurityConstants; 46 import net.sf.jguard.ext.authentication.manager.AuthenticationHelper; 47 import net.sf.jguard.ext.authentication.manager.AuthenticationManager; 48 import net.sf.jguard.ext.authorization.AuthorizationHelper; 49 import net.sf.jguard.ext.authorization.manager.AuthorizationManager; 50 import net.sf.jguard.ext.java5.authentication.jmx.JMXHelper; 51 import net.sf.jguard.jee.authentication.http.HttpConstants; 52 import net.sf.jguard.jee.util.WebappUtil; 53 54 import org.apache.commons.logging.Log; 55 import org.apache.commons.logging.LogFactory; 56 57 58 59 65 public class ContextListener implements ServletContextListener { 66 67 68 private static final Log logger = LogFactory.getLog(ContextListener.class); 69 70 71 76 public void contextDestroyed(ServletContextEvent servletContextEvent) { 77 logger.debug(" context destroyed "); 78 ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader(); 79 if(Policy.getPolicy() instanceof MultipleAppPolicy){ 80 MultipleAppPolicy policy = (MultipleAppPolicy) Policy.getPolicy(); 81 policy.unregisterPermissionProvider(contextClassLoader); 82 } 83 84 servletContextEvent.getServletContext().removeAttribute(SecurityConstants.CAPTCHA_SERVICE); 85 servletContextEvent.getServletContext().removeAttribute(HttpConstants.USERS_IN_SESSION); 86 } 87 88 93 public void contextInitialized(ServletContextEvent contextEvent) { 94 logger.debug("##### initializing ContextListener ... #####"); 95 ServletContext context = contextEvent.getServletContext(); 96 context.setAttribute(HttpConstants.USERS_IN_SESSION,new ArrayList ()); 97 98 String webappHomePath = WebappUtil.getWebappHomePath(context,"/"); 99 String applicationName = context.getServletContextName(); 100 101 context.setAttribute(CoreConstants.APPLICATION_NAME,applicationName); 102 103 initAuthentication(context, webappHomePath, applicationName); 104 Configuration configuration = (Configuration )context.getAttribute(HttpConstants.JGUARD_CONFIGURATION); 105 AccessControllerUtils authUtils = initAuthorization(context, webappHomePath, applicationName); 106 107 String enableJMX=(String )context.getInitParameter(SecurityConstants.ENABLE_JMX); 109 if(enableJMX != null && "true".equalsIgnoreCase(enableJMX)){ 110 Map options = new HashMap (); 111 options.put(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR,context.getInitParameter(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR)); 112 options.put(SecurityConstants.RMI_REGISTRY_HOST,context.getInitParameter(SecurityConstants.RMI_REGISTRY_HOST)); 113 options.put(SecurityConstants.RMI_REGISTRY_PORT,context.getInitParameter(SecurityConstants.RMI_REGISTRY_PORT)); 114 options.put(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR,context.getInitParameter(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR)); 115 JMXHelper.enableJMXSecurity(applicationName,options,configuration,authUtils); 116 } 117 118 logger.debug("##### ContextListener initialized #####"); 119 } 120 121 private AccessControllerUtils initAuthorization(ServletContext context, String webappHomePath, String applicationName) { 122 String authorizationConfigurationLocation=null; 124 if(context.getInitParameter(HttpConstants.AUTHORIZATION_CONFIGURATION_LOCATION)!=null){ 125 authorizationConfigurationLocation = WebappUtil.getWebappHomePath(context,context.getInitParameter(HttpConstants.AUTHORIZATION_CONFIGURATION_LOCATION)); 126 }else{ 127 authorizationConfigurationLocation=WebappUtil.getWebappHomePath(context,HttpConstants.DEFAULT_AUTHORIZATION_CONFIGURATION_LOCATION); 128 } 129 130 131 Map authorizationSettings = AuthorizationHelper.loadConfiguration(authorizationConfigurationLocation,webappHomePath); 132 String authorizationScope = null; 134 if(authorizationSettings.get(SecurityConstants.SCOPE)!=null){ 135 authorizationScope = (String )authorizationSettings.get(SecurityConstants.SCOPE); 136 }else{ 137 authorizationScope = SecurityConstants.LOCAL_SCOPE; 138 context.setAttribute(SecurityConstants.AUTHORIZATION_SCOPE, authorizationScope); 139 } 140 logger.info(" authorization scope = "+authorizationScope); 141 142 143 AuthorizationManager authorizationManager = AuthorizationHelper.initAuthorization(authorizationSettings,applicationName); 144 AccessControllerUtils authorizationUtils = null; 145 MultipleAppPolicy policy = null; 146 if(SecurityConstants.JVM_SCOPE.equalsIgnoreCase(authorizationScope)){ 147 PolicyHelper.installPolicyOnJVM(); 148 policy = (MultipleAppPolicy)Policy.getPolicy(); 150 policy.registerPermissionProvider(Thread.currentThread().getContextClassLoader(),authorizationManager); 151 authorizationUtils = new AccessControllerUtils(); 152 }else{ 153 policy = new MultipleAppPolicy(); 154 authorizationUtils = new AccessControllerUtils(policy); 155 } 156 157 policy.registerPermissionProvider(Thread.currentThread().getContextClassLoader(),authorizationManager); 158 context.setAttribute(HttpConstants.AUTHZ_UTILS, authorizationUtils); 159 context.setAttribute(SecurityConstants.AUTHORIZATION_MANAGER,authorizationManager); 160 return authorizationUtils; 161 } 162 163 private void initAuthentication(ServletContext context, String webappHomePath, String applicationName) { 164 String authenticationConfigurationLocation=null; 166 if(context.getInitParameter(HttpConstants.AUTHENTICATION_CONFIGURATION_LOCATION)!=null){ 167 authenticationConfigurationLocation = WebappUtil.getWebappHomePath(context,context.getInitParameter(HttpConstants.AUTHENTICATION_CONFIGURATION_LOCATION)); 168 }else{ 169 authenticationConfigurationLocation=WebappUtil.getWebappHomePath(context,HttpConstants.DEFAULT_AUTHENTICATION_CONFIGURATION_LOCATION); 170 } 171 172 173 Map authenticationSettings = AuthenticationHelper.loadConfiguration(authenticationConfigurationLocation,webappHomePath); 174 String authenticationScope = null; 176 if(authenticationSettings.get(SecurityConstants.SCOPE)!=null){ 177 authenticationScope = (String )authenticationSettings.get(SecurityConstants.SCOPE); 178 }else{ 179 authenticationScope = SecurityConstants.LOCAL_SCOPE; 180 context.setAttribute(SecurityConstants.AUTHENTICATION_SCOPE, authenticationScope); 181 } 182 logger.info(" authentication scope = "+authenticationScope); 183 184 185 186 JGuardConfiguration jGuardConf = null; 187 logger.info(" authentication scope = "+authenticationScope); 188 if(SecurityConstants.JVM_SCOPE.equalsIgnoreCase(authenticationScope)){ 189 jGuardConf = (JGuardConfiguration) Configuration.getConfiguration(); 190 }else{ 191 jGuardConf = new JGuardConfiguration(); 192 context.setAttribute(HttpConstants.JGUARD_CONFIGURATION,jGuardConf); 193 } 194 195 AuthenticationManager authenticationManager = AuthenticationHelper.initAuthentication(jGuardConf,authenticationSettings,applicationName); 196 context.setAttribute(SecurityConstants.AUTHENTICATION_MANAGER,authenticationManager); 197 } 198 199 200 } 201 | Popular Tags |