KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > geronimo > jetty > JAASJettyRealm


1 /**
2  *
3  * Copyright 2004 The Apache Software Foundation
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17 package org.apache.geronimo.jetty;
18
19 import java.security.AccessControlContext JavaDoc;
20 import java.security.AccessControlException JavaDoc;
21 import java.security.Principal JavaDoc;
22 import java.util.HashMap JavaDoc;
23 import javax.security.auth.Subject JavaDoc;
24 import javax.security.auth.login.LoginContext JavaDoc;
25 import javax.security.auth.login.LoginException JavaDoc;
26 import javax.security.jacc.WebRoleRefPermission JavaDoc;
27
28 import org.apache.commons.logging.Log;
29 import org.apache.commons.logging.LogFactory;
30 import org.apache.geronimo.security.ContextManager;
31 import org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter;
32 import org.mortbay.http.HttpRequest;
33 import org.mortbay.http.UserRealm;
34
35
36 /**
37  * @version $Rev: 165343 $ $Date: 2005-04-29 14:16:48 -0700 (Fri, 29 Apr 2005) $
38  */
39 public class JAASJettyRealm implements UserRealm {
40     private static Log log = LogFactory.getLog(JAASJettyRealm.class);
41
42     private final String JavaDoc realmName;
43     private final String JavaDoc loginDomainName;
44     private final HashMap JavaDoc userMap = new HashMap JavaDoc();
45
46     public JAASJettyRealm(String JavaDoc realmName, String JavaDoc loginDomainName) {
47         this.realmName = realmName;
48         this.loginDomainName = loginDomainName;
49     }
50
51     public String JavaDoc getName() {
52         return realmName;
53     }
54
55     public Principal JavaDoc getPrincipal(String JavaDoc username) {
56         return (Principal JavaDoc) userMap.get(username);
57     }
58
59     public Principal JavaDoc authenticate(String JavaDoc username, Object JavaDoc credentials, HttpRequest request) {
60         try {
61             JAASJettyPrincipal userPrincipal = (JAASJettyPrincipal) userMap.get(username);
62
63             //user has been previously authenticated, but
64 //re-authentication has been requested, so remove them
65 if (userPrincipal != null) {
66                 userMap.remove(username);
67             }
68
69
70             char[] password;
71             if (credentials instanceof char[]) {
72                 password = (char[]) credentials;
73             } else if (credentials instanceof String JavaDoc) {
74                 password = ((String JavaDoc) credentials).toCharArray();
75             } else {
76                 throw new LoginException JavaDoc("Cannot extract credentials from class: " + credentials.getClass().getName());
77             }
78             PasswordCallbackHandler callbackHandler = new PasswordCallbackHandler(username, password);
79
80             //set up the login context
81 LoginContext JavaDoc loginContext = new LoginContext JavaDoc(loginDomainName, callbackHandler);
82             loginContext.login();
83             callbackHandler.clear();
84
85             Subject JavaDoc subject = ContextManager.getServerSideSubject(loginContext.getSubject());
86             ContextManager.setCurrentCaller(subject);
87
88             //login success
89 userPrincipal = new JAASJettyPrincipal(username);
90             userPrincipal.setSubject(subject);
91
92             userMap.put(username, userPrincipal);
93
94             return userPrincipal;
95         } catch (LoginException JavaDoc e) {
96             log.warn(e);
97             return null;
98         }
99     }
100
101     public void logout(Principal JavaDoc user) {
102         JAASJettyPrincipal principal = (JAASJettyPrincipal) user;
103
104         userMap.remove(principal.getName());
105         ContextManager.unregisterSubject(principal.getSubject());
106     }
107
108     public boolean reauthenticate(Principal JavaDoc user) {
109         // TODO This is not correct if auth can expire! We need to
110
111         ContextManager.setCurrentCaller(((JAASJettyPrincipal) user).getSubject());
112
113         // get the user out of the cache
114 return (userMap.get(user.getName()) != null);
115     }
116
117     public void disassociate(Principal JavaDoc user) {
118         // do nothing
119 }
120
121     public boolean isUserInRole(Principal JavaDoc user, String JavaDoc role) {
122         AccessControlContext JavaDoc acc = ContextManager.getCurrentContext();
123         try {
124             acc.checkPermission(new WebRoleRefPermission JavaDoc(JettyServletHolder.getCurrentServletName(), role));
125         } catch (AccessControlException JavaDoc e) {
126             return false;
127         }
128         return true;
129     }
130
131     public Principal JavaDoc pushRole(Principal JavaDoc user, String JavaDoc role) {
132         ((JAASJettyPrincipal) user).push(ContextManager.getCurrentCaller());
133         ContextManager.setCurrentCaller(SecurityContextBeforeAfter.getCurrentRoleDesignate(role));
134         return user;
135     }
136
137     public Principal JavaDoc popRole(Principal JavaDoc user) {
138         ContextManager.setCurrentCaller(((JAASJettyPrincipal) user).pop());
139         return user;
140     }
141
142 }
143
Popular Tags