KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > geronimo > security > SecurityServiceImpl


1 /**
2  * Licensed to the Apache Software Foundation (ASF) under one or more
3  * contributor license agreements. See the NOTICE file distributed with
4  * this work for additional information regarding copyright ownership.
5  * The ASF licenses this file to You under the Apache License, Version 2.0
6  * (the "License"); you may not use this file except in compliance with
7  * the License. You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17
18 package org.apache.geronimo.security;
19
20 import java.security.Policy JavaDoc;
21 import javax.security.jacc.PolicyConfigurationFactory JavaDoc;
22 import javax.security.jacc.PolicyContextException JavaDoc;
23 import org.apache.commons.logging.Log;
24 import org.apache.commons.logging.LogFactory;
25 import org.apache.geronimo.gbean.GBeanInfo;
26 import org.apache.geronimo.gbean.GBeanInfoBuilder;
27 import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
28 import org.apache.geronimo.security.jacc.PolicyContextHandlerContainerSubject;
29 import org.apache.geronimo.security.jacc.PolicyContextHandlerHttpServletRequest;
30 import org.apache.geronimo.security.jacc.PolicyContextHandlerSOAPMessage;
31 import org.apache.geronimo.security.util.ConfigurationUtil;
32 import org.apache.geronimo.system.serverinfo.ServerInfo;
33
34
35 /**
36  * An MBean that registers the JACC factory and handlers.
37  *
38  * @version $Rev: 476049 $ $Date: 2006-11-16 23:35:17 -0500 (Thu, 16 Nov 2006) $
39  */
40 public class SecurityServiceImpl implements SecurityService {
41
42     public static boolean POLICY_INSTALLED = false;
43
44     private final Log log = LogFactory.getLog(SecurityServiceImpl.class);
45
46     /**
47      * Permissions that protect access to sensitive security information
48      */
49     public static final GeronimoSecurityPermission CONFIGURE = new GeronimoSecurityPermission("configure");
50
51     public SecurityServiceImpl(ClassLoader JavaDoc classLoader, ServerInfo serverInfo, String JavaDoc policyConfigurationFactory,
52                                String JavaDoc policyProvider, String JavaDoc keyStore, String JavaDoc keyStorePassword,
53                                String JavaDoc trustStore, String JavaDoc trustStorePassword)
54             throws PolicyContextException JavaDoc, ClassNotFoundException JavaDoc, IllegalAccessException JavaDoc, InstantiationException JavaDoc
55     {
56
57         /**
58          * @see "JSR 115 4.6.1" Container Subject Policy Context Handler
59          */
60         ConfigurationUtil.registerPolicyContextHandler(new PolicyContextHandlerContainerSubject(), true);
61         ConfigurationUtil.registerPolicyContextHandler(new PolicyContextHandlerSOAPMessage(), true);
62         ConfigurationUtil.registerPolicyContextHandler(new PolicyContextHandlerHttpServletRequest(), true);
63
64         if (!POLICY_INSTALLED) {
65             policyProvider = sysOverRide(policyProvider, POLICY_PROVIDER);
66
67             if (policyProvider != null) {
68                 Policy JavaDoc policy = (Policy JavaDoc) classLoader.loadClass(policyProvider).newInstance();
69                 policy.refresh();
70                 Policy.setPolicy(policy);
71             }
72
73             POLICY_INSTALLED = true;
74         }
75
76         policyConfigurationFactory = sysOverRide(policyConfigurationFactory, POLICY_CONFIG_FACTORY);
77         if (policyConfigurationFactory != null) {
78             Thread JavaDoc currentThread = Thread.currentThread();
79             ClassLoader JavaDoc oldClassLoader = currentThread.getContextClassLoader();
80             currentThread.setContextClassLoader(classLoader);
81             try {
82                 PolicyConfigurationFactory.getPolicyConfigurationFactory();
83             } finally {
84                 currentThread.setContextClassLoader(oldClassLoader);
85             }
86         }
87         if (keyStore != null) sysOverRide(serverInfo.resolveServerPath(keyStore), KEYSTORE);
88         if (keyStorePassword != null) sysOverRide(keyStorePassword, KEYSTORE_PASSWORD);
89
90         if (trustStore != null) sysOverRide(serverInfo.resolveServerPath(trustStore), TRUSTSTORE);
91         if (trustStorePassword != null) sysOverRide(trustStorePassword, TRUSTSTORE_PASSWORD);
92
93         log.debug(KEYSTORE + ": " + System.getProperty(KEYSTORE));
94         log.debug(TRUSTSTORE + ": " + System.getProperty(TRUSTSTORE));
95
96         log.debug("JACC factory registered");
97     }
98
99     private String JavaDoc sysOverRide(String JavaDoc attribute, String JavaDoc sysVar) {
100
101         String JavaDoc sysValue = System.getProperty(sysVar);
102
103         /**
104          * System variable gets highest priority
105          */
106         if (sysValue != null)
107             return sysValue;
108
109         if (attribute != null) {
110             System.setProperty(sysVar, attribute);
111         }
112
113         return attribute;
114
115     }
116
117     public static final GBeanInfo GBEAN_INFO;
118
119     static {
120         GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic(SecurityServiceImpl.class);
121
122         infoFactory.addAttribute("classLoader", ClassLoader JavaDoc.class, false);
123         infoFactory.addReference("ServerInfo", ServerInfo.class, NameFactory.GERONIMO_SERVICE);
124         infoFactory.addAttribute("policyConfigurationFactory", String JavaDoc.class, true);
125         infoFactory.addAttribute("policyProvider", String JavaDoc.class, true);
126         infoFactory.addAttribute("keyStore", String JavaDoc.class, true);
127         infoFactory.addAttribute("keyStorePassword", String JavaDoc.class, true);
128         infoFactory.addAttribute("trustStore", String JavaDoc.class, true);
129         infoFactory.addAttribute("trustStorePassword", String JavaDoc.class, true);
130
131         infoFactory.setConstructor(new String JavaDoc[]{"classLoader", "ServerInfo", "policyConfigurationFactory",
132                                                 "policyProvider", "keyStore", "keyStorePassword", "trustStore",
133                                                 "trustStorePassword"});
134
135         GBEAN_INFO = infoFactory.getBeanInfo();
136     }
137
138     public static GBeanInfo getGBeanInfo() {
139         return GBEAN_INFO;
140     }
141 }
142
Popular Tags