KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jacorb > security > level2 > SunJssePrincipalAuthenticatorImpl


1 /*
2  * JacORB - a free Java ORB
3  *
4  * Copyright (C) 1999-2004 Gerald Brose
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Library General Public
8  * License as published by the Free Software Foundation; either
9  * version 2 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Library General Public License for more details.
15  *
16  * You should have received a copy of the GNU Library General Public
17  * License along with this library; if not, write to the Free
18  * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19  *
20  */

21 package org.jacorb.security.level2;
22
23 import java.io.*;
24 import java.net.*;
25 import java.util.*;
26
27 import java.security.*;
28 import java.security.cert.*;
29
30 import org.omg.SecurityLevel2.*;
31 import org.omg.Security.*;
32
33 import org.jacorb.util.*;
34
35 import org.apache.avalon.framework.logger.Logger;
36 import org.apache.avalon.framework.configuration.*;
37
38 /**
39  * SunJSSEPrincipalAuthenticatorImpl
40  *
41  * This simple authenticator just retrieves X.509v3 certificates
42  * from a Java key store
43  *
44  * @author Gerald Brose
45  * $Id: SunJssePrincipalAuthenticatorImpl.java,v 1.5 2004/05/06 12:40:01 nicolas Exp $
46  */

47
48 public class SunJssePrincipalAuthenticatorImpl
49     extends org.omg.CORBA.LocalObject JavaDoc
50     implements org.omg.SecurityLevel2.PrincipalAuthenticator, Configurable
51 {
52     private Logger logger;
53     private String JavaDoc keyStoreLocation = null;
54     private String JavaDoc storePassphrase = null;
55
56     public SunJssePrincipalAuthenticatorImpl()
57     {
58     }
59
60     public void configure(Configuration myConfiguration)
61         throws ConfigurationException
62     {
63         org.jacorb.config.Configuration configuration =
64             (org.jacorb.config.Configuration)myConfiguration;
65
66         logger = configuration.getNamedLogger("jacorb.security.jsse");
67         keyStoreLocation =
68             configuration.getAttribute("jacorb.security.keystore", null);
69
70         String JavaDoc storePassphrase =
71             configuration.getAttribute("jacorb.security.keystore_password", null);
72     }
73
74
75     public int[] get_supported_authen_methods(java.lang.String JavaDoc mechanism)
76     {
77     return new int[]{0};
78     }
79
80     public AuthenticationStatus authenticate(int method,
81                                              String JavaDoc mechanism,
82                                              String JavaDoc security_name, //user name
83
byte[] auth_data, // passwd
84
SecAttribute[] privileges,
85                                              CredentialsHolder creds,
86                                              OpaqueHolder continuation_data,
87                                              OpaqueHolder auth_specific_data
88                                              )
89     {
90         if (logger.isInfoEnabled())
91             logger.info( "starting authentication" );
92
93     try
94     {
95         registerProvider();
96             String JavaDoc alias = security_name;
97             String JavaDoc password = new String JavaDoc( auth_data );
98
99             if (( keyStoreLocation == null ) ||
100                 ( storePassphrase == null ) ||
101                 ( alias == null ) ||
102                 ( password == null ))
103             {
104                 return AuthenticationStatus.SecAuthFailure;
105             }
106
107             java.security.KeyStore JavaDoc keyStore =
108                 java.security.KeyStore.getInstance("JKS"/*, "SUN"*/);
109
110             keyStore.load(new FileInputStream(keyStoreLocation), storePassphrase.toCharArray());
111             //KeyStore keyStore =
112
// KeyStoreUtil.getKeyStore( keyStoreLocation,
113
// storePassphrase.toCharArray() );
114

115             java.security.cert.Certificate JavaDoc[] cert_chain =
116                 keyStore.getCertificateChain( alias );
117
118             if( cert_chain == null )
119             {
120                 if (logger.isErrorEnabled())
121                 {
122                     logger.error( "No keys found in keystore for alias \""+
123                                   alias + "\"!" );
124                 }
125                 return org.omg.Security.AuthenticationStatus.SecAuthFailure;
126             }
127
128             PrivateKey priv_key =
129                 (PrivateKey)keyStore.getKey( alias, password.toCharArray() );
130
131             KeyAndCert k_a_c = new KeyAndCert( priv_key, cert_chain );
132
133             AttributeType type =
134                 new AttributeType( new ExtensibleFamily( (short) 0,
135                                                          (short) 1 ),
136                                    AccessId.value );
137
138
139             SecAttributeManager attrib_mgr = SecAttributeManager.getInstance();
140             SecAttribute attrib = attrib_mgr.createAttribute( k_a_c, type );
141
142             CredentialsImpl credsImpl =
143                 new CredentialsImpl( new SecAttribute[]{ attrib },
144                                      AuthenticationStatus.SecAuthSuccess,
145                                      InvocationCredentialsType.SecOwnCredentials);
146
147             /*
148             credsImpl.accepting_options_supported( (short) Environment.getIntProperty( "jacorb.security.ssl.client.supported_options", 16 ));
149
150             credsImpl.accepting_options_required( (short) Environment.getIntProperty( "jacorb.security.ssl.client.required_options", 16 ));
151
152             credsImpl.invocation_options_supported( (short) Environment.getIntProperty( "jacorb.security.ssl.client.supported_options", 16 ));
153
154             credsImpl.invocation_options_required( (short) Environment.getIntProperty( "jacorb.security.ssl.client.required_options", 16 ));
155             */

156
157             creds.value = credsImpl;
158
159             if (logger.isInfoEnabled())
160                 logger.info( "authentication succesfull" );
161
162             return AuthenticationStatus.SecAuthSuccess;
163     }
164     catch (Exception JavaDoc e)
165     {
166             if (logger.isDebugEnabled())
167                 logger.debug( "Exception: " + e );
168             
169             if (logger.isInfoEnabled())
170                 logger.info( "authentication failed" );
171
172         return org.omg.Security.AuthenticationStatus.SecAuthFailure;
173     }
174     }
175
176     /**
177      * not implemented
178      */

179
180     public AuthenticationStatus continue_authentication(byte[] response_data,
181                             Credentials creds,
182                             OpaqueHolder continuation_data,
183                             OpaqueHolder auth_specific_data)
184     {
185         throw new org.omg.CORBA.NO_IMPLEMENT JavaDoc();
186     }
187
188
189     private void registerProvider()
190     {
191         //iaik.security.provider.IAIK.addAsProvider();
192
}
193 }
194
195
196
197
198
199
200
201
202
203
204
Popular Tags