1 17 package org.apache.geronimo.security.jaas; 18 19 import java.security.Principal ; 20 import java.util.ArrayList ; 21 import java.util.HashMap ; 22 import java.util.HashSet ; 23 import java.util.Iterator ; 24 import java.util.List ; 25 import java.util.Map ; 26 import java.util.Set ; 27 import javax.security.auth.Subject ; 28 import javax.security.auth.callback.Callback ; 29 import javax.security.auth.callback.CallbackHandler ; 30 import javax.security.auth.login.LoginException ; 31 import javax.security.auth.spi.LoginModule ; 32 33 import org.apache.geronimo.kernel.KernelRegistry; 34 import org.apache.geronimo.kernel.Kernel; 35 import org.apache.geronimo.security.remoting.jmx.JaasLoginServiceRemotingClient; 36 37 50 public class JaasLoginCoordinator implements LoginModule { 51 public final static String OPTION_HOST = "host"; 52 public final static String OPTION_PORT = "port"; 53 public final static String OPTION_KERNEL = "kernel"; 54 public final static String OPTION_REALM = "realm"; 55 private String serverHost; 56 private int serverPort; 57 private String realmName; 58 private String kernelName; 59 private JaasLoginServiceMBean service; 60 private CallbackHandler handler; 61 private Subject subject; 62 private Set processedPrincipals = new HashSet (); 63 private JaasLoginModuleConfiguration[] config; 64 private JaasClientId client; 65 LoginModuleConfiguration[] workers; 66 67 public void initialize(Subject subject, CallbackHandler callbackHandler, 68 Map sharedState, Map options) { 69 serverHost = (String ) options.get(OPTION_HOST); 70 Object port = options.get(OPTION_PORT); 71 if(port != null) { 72 serverPort = Integer.parseInt((String )port); 73 } 74 realmName = (String ) options.get(OPTION_REALM); 75 kernelName = (String ) options.get(OPTION_KERNEL); 76 service = connect(); 77 handler = callbackHandler; 78 if(subject == null) { 79 this.subject = new Subject (); 80 } else { 81 this.subject = subject; 82 } 83 } 85 86 public boolean login() throws LoginException { 87 client = service.connectToRealm(realmName); 88 config = service.getLoginConfiguration(client); 89 workers = new LoginModuleConfiguration[config.length]; 90 for (int i = 0; i < workers.length; i++) { 91 LoginModule wrapper; 92 if(config[i].isServerSide()) { 93 wrapper = new ServerLoginModule(i); 94 } else { 95 LoginModule source = config[i].getLoginModule(JaasLoginCoordinator.class.getClassLoader()); 96 wrapper = new ClientLoginModule(source, i); 97 } 98 workers[i] = new LoginModuleConfiguration(wrapper, config[i].getFlag()); 99 workers[i].getModule().initialize(subject, handler, new HashMap (), config[i].getOptions()); 100 } 101 return LoginUtils.computeLogin(workers); 102 } 103 104 public boolean commit() throws LoginException { 105 for (int i = 0; i < workers.length; i++) { 106 workers[i].getModule().commit(); 107 } 108 Principal [] principals = service.loginSucceeded(client); 109 for (int i = 0; i < principals.length; i++) { 110 Principal principal = principals[i]; 111 subject.getPrincipals().add(principal); 112 } 113 return true; 114 } 115 116 public boolean abort() throws LoginException { 117 try { 118 for (int i = 0; i < workers.length; i++) { 119 workers[i].getModule().abort(); 120 } 121 } finally { 122 service.loginFailed(client); 123 } 124 clear(); 125 return true; 126 } 127 128 public boolean logout() throws LoginException { 129 try { 130 for (int i = 0; i < workers.length; i++) { 131 workers[i].getModule().logout(); 132 } 133 } finally { 134 service.logout(client); 135 } 136 clear(); 137 return true; 138 } 139 140 private void clear() { 141 Kernel kernel = KernelRegistry.getKernel(kernelName); 142 if (kernel != null) { 143 kernel.getProxyManager().destroyProxy(service); 144 } 145 serverHost = null; 146 serverPort = 0; 147 realmName = null; 148 kernelName = null; 149 service = null; 150 handler = null; 151 subject = null; 152 processedPrincipals.clear(); 153 config = null; 154 client = null; 155 workers = null; 156 } 157 158 private JaasLoginServiceMBean connect() { 159 if(serverHost != null && serverPort > 0) { 160 return JaasLoginServiceRemotingClient.create(serverHost, serverPort); 161 } else { 162 Kernel kernel = KernelRegistry.getKernel(kernelName); 163 return (JaasLoginServiceMBean) kernel.getProxyManager().createProxy(JaasLoginService.OBJECT_NAME, JaasLoginServiceMBean.class); 164 } 165 } 166 167 private class ClientLoginModule implements LoginModule { 168 private LoginModule source; 169 int index; 170 171 public ClientLoginModule(LoginModule source, int index) { 172 this.source = source; 173 this.index = index; 174 } 175 176 public void initialize(Subject subject, CallbackHandler callbackHandler, 177 Map sharedState, Map options) { 178 source.initialize(subject, callbackHandler, sharedState, options); 179 } 180 181 public boolean login() throws LoginException { 182 return source.login(); 183 } 184 185 public boolean commit() throws LoginException { 186 boolean result = source.commit(); 187 List list = new ArrayList (); 188 for (Iterator it = subject.getPrincipals().iterator(); it.hasNext();) { 189 Principal p = (Principal ) it.next(); 190 if(!processedPrincipals.contains(p)) { 191 list.add(p); 192 processedPrincipals.add(p); 193 } 194 } 195 service.clientLoginModuleCommit(client, index, (Principal []) list.toArray(new Principal [list.size()])); 196 return result; 197 } 198 199 public boolean abort() throws LoginException { 200 return source.abort(); 201 } 202 203 public boolean logout() throws LoginException { 204 return source.logout(); 205 } 206 } 207 208 private class ServerLoginModule implements LoginModule { 209 int index; 210 CallbackHandler handler; 211 Callback [] callbacks; 212 213 public ServerLoginModule(int index) { 214 this.index = index; 215 } 216 217 public void initialize(Subject subject, CallbackHandler handler, 218 Map sharedState, Map options) { 219 this.handler = handler; 220 } 221 222 public boolean login() throws LoginException { 223 try { 224 callbacks = service.getServerLoginCallbacks(client, index); 225 if(handler != null) { 226 handler.handle(callbacks); 227 } else if(callbacks != null && callbacks.length > 0) { 228 System.err.println("No callback handler available for "+callbacks.length+" callbacks!"); 229 } 230 return service.performServerLogin(client, index, callbacks); 231 } catch (LoginException e) { 232 throw e; 233 } catch (Exception e) { 234 e.printStackTrace(); 235 throw new LoginException ("Unable to log in: "+e.getMessage()); 236 } 237 } 238 239 public boolean commit() throws LoginException { 240 return service.serverLoginModuleCommit(client, index); 241 } 242 243 public boolean abort() throws LoginException { 244 return false; } 246 247 public boolean logout() throws LoginException { 248 return false; } 250 } 251 } 252 | Popular Tags |