SecuredBroker


1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    *
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.servicemix.jbi.security;
18  
19  import java.util.Set  ;
20  
21  import javax.jbi.JBIException;
22  import javax.jbi.messaging.MessageExchange;
23  import javax.jbi.messaging.MessageExchange.Role;
24  import javax.jbi.servicedesc.ServiceEndpoint;
25  import javax.security.auth.Subject  ;
26  
27  import org.apache.servicemix.jbi.messaging.MessageExchangeImpl;
28  import org.apache.servicemix.jbi.nmr.DefaultBroker;
29  import org.apache.servicemix.jbi.security.acl.AuthorizationMap;
30  
31  /**
32   * 
33   * @author gnodet
34   * @org.apache.xbean.XBean
35   */
36  public class SecuredBroker extends DefaultBroker {
37  
38      private AuthorizationMap authorizationMap;
39      
40      public SecuredBroker() {
41      }
42      
43      public SecuredBroker(AuthorizationMap authorizationMap) {
44          this.authorizationMap = authorizationMap;
45      }
46  
47      /**
48       * @return the authorizationMap
49       */
50      public AuthorizationMap getAuthorizationMap() {
51          return authorizationMap;
52      }
53  
54      /**
55       * @param authorizationMap the authorizationMap to set
56       */
57      public void setAuthorizationMap(AuthorizationMap authorizationMap) {
58          this.authorizationMap = authorizationMap;
59      }
60  
61      public void sendExchangePacket(MessageExchange me) throws JBIException {
62          MessageExchangeImpl exchange = (MessageExchangeImpl) me;
63          if (exchange.getRole() == Role.PROVIDER && exchange.getDestinationId() == null) {
64              resolveAddress(exchange);
65              ServiceEndpoint se = exchange.getEndpoint();
66              if (se != null) {
67                  Set   acls = authorizationMap.getAcls(se);
68                  if (!acls.contains(GroupPrincipal.ANY)) { 
69                      Subject   subject = exchange.getMessage("in").getSecuritySubject();
70                      if (subject == null) {
71                          throw new SecurityException  ("User not authenticated");
72                      }
73                      acls.retainAll(subject.getPrincipals());
74                      if (acls.size() == 0) {
75                          throw new SecurityException  ("Endpoint is not authorized for this user");
76                      }
77                  }
78              }
79          }
80          super.sendExchangePacket(me);
81      }
82  
83  }
84
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags