SunJssePrincipalAuthenticatorImpl


1   /*
2    *        JacORB - a free Java ORB
3    *
4    *   Copyright (C) 1999-2004 Gerald Brose
5    *
6    *   This library is free software; you can redistribute it and/or
7    *   modify it under the terms of the GNU Library General Public
8    *   License as published by the Free Software Foundation; either
9    *   version 2 of the License, or (at your option) any later version.
10   *
11   *   This library is distributed in the hope that it will be useful,
12   *   but WITHOUT ANY WARRANTY; without even the implied warranty of
13   *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14   *   Library General Public License for more details.
15   *
16   *   You should have received a copy of the GNU Library General Public
17   *   License along with this library; if not, write to the Free
18   *   Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19   *
20   */
21  package org.jacorb.security.level2;
22  
23  import java.io.*;
24  import java.net.*;
25  import java.util.*;
26  
27  import java.security.*;
28  import java.security.cert.*;
29  
30  import org.omg.SecurityLevel2.*;
31  import org.omg.Security.*;
32  
33  import org.jacorb.util.*;
34  
35  import org.apache.avalon.framework.logger.Logger;
36  import org.apache.avalon.framework.configuration.*;
37  
38  /**
39   * SunJSSEPrincipalAuthenticatorImpl
40   *
41   * This simple authenticator just retrieves X.509v3 certificates
42   * from a Java key store
43   *
44   * @author Gerald Brose
45   * $Id: SunJssePrincipalAuthenticatorImpl.java,v 1.5 2004/05/06 12:40:01 nicolas Exp $
46   */
47  
48  public class SunJssePrincipalAuthenticatorImpl
49      extends org.omg.CORBA.LocalObject  
50      implements org.omg.SecurityLevel2.PrincipalAuthenticator, Configurable
51  {
52      private Logger logger;
53      private String   keyStoreLocation = null;
54      private String   storePassphrase = null;
55  
56      public SunJssePrincipalAuthenticatorImpl()
57      {
58      }
59  
60      public void configure(Configuration myConfiguration)
61          throws ConfigurationException
62      {
63          org.jacorb.config.Configuration configuration = 
64              (org.jacorb.config.Configuration)myConfiguration;
65  
66          logger = configuration.getNamedLogger("jacorb.security.jsse");
67          keyStoreLocation =
68              configuration.getAttribute("jacorb.security.keystore", null);
69  
70          String   storePassphrase =
71              configuration.getAttribute("jacorb.security.keystore_password", null);
72      }
73  
74  
75      public int[] get_supported_authen_methods(java.lang.String   mechanism)
76      {
77      return new int[]{0};
78      }
79  
80      public AuthenticationStatus authenticate(int method,
81                                               String   mechanism,
82                                               String   security_name, //user name
83                                               byte[] auth_data, //  passwd
84                                               SecAttribute[] privileges,
85                                               CredentialsHolder creds,
86                                               OpaqueHolder continuation_data,
87                                               OpaqueHolder auth_specific_data
88                                               )
89      {
90          if (logger.isInfoEnabled())
91              logger.info( "starting authentication" );
92  
93      try
94      {
95          registerProvider();
96              String   alias = security_name;
97              String   password = new String  ( auth_data );
98  
99              if (( keyStoreLocation == null ) ||
100                 ( storePassphrase == null ) ||
101                 ( alias == null ) ||
102                 ( password == null ))
103             {
104                 return AuthenticationStatus.SecAuthFailure;
105             }
106 
107             java.security.KeyStore   keyStore = 
108                 java.security.KeyStore.getInstance("JKS"/*, "SUN"*/);
109 
110             keyStore.load(new FileInputStream(keyStoreLocation), storePassphrase.toCharArray());
111             //KeyStore keyStore =
112             //    KeyStoreUtil.getKeyStore( keyStoreLocation,
113             //                              storePassphrase.toCharArray() );
114 
115             java.security.cert.Certificate  [] cert_chain = 
116                 keyStore.getCertificateChain( alias );
117 
118             if( cert_chain == null )
119             {
120                 if (logger.isErrorEnabled())
121                 {
122                     logger.error( "No keys found in keystore for alias \""+
123                                   alias + "\"!" );
124                 }
125                 return org.omg.Security.AuthenticationStatus.SecAuthFailure;
126             }
127 
128             PrivateKey priv_key = 
129                 (PrivateKey)keyStore.getKey( alias, password.toCharArray() );
130 
131             KeyAndCert k_a_c = new KeyAndCert( priv_key, cert_chain );
132 
133             AttributeType type = 
134                 new AttributeType( new ExtensibleFamily( (short) 0,
135                                                          (short) 1 ),
136                                    AccessId.value );
137 
138 
139             SecAttributeManager attrib_mgr = SecAttributeManager.getInstance();
140             SecAttribute attrib = attrib_mgr.createAttribute( k_a_c, type );
141 
142             CredentialsImpl credsImpl =
143                 new CredentialsImpl( new SecAttribute[]{ attrib },
144                                      AuthenticationStatus.SecAuthSuccess,
145                                      InvocationCredentialsType.SecOwnCredentials);
146 
147             /*
148             credsImpl.accepting_options_supported( (short) Environment.getIntProperty( "jacorb.security.ssl.client.supported_options", 16 ));
149 
150             credsImpl.accepting_options_required( (short) Environment.getIntProperty( "jacorb.security.ssl.client.required_options", 16 ));
151 
152             credsImpl.invocation_options_supported( (short) Environment.getIntProperty( "jacorb.security.ssl.client.supported_options", 16 ));
153 
154             credsImpl.invocation_options_required( (short) Environment.getIntProperty( "jacorb.security.ssl.client.required_options", 16 ));
155             */
156 
157             creds.value = credsImpl;
158 
159             if (logger.isInfoEnabled())
160                 logger.info( "authentication succesfull" );
161 
162             return AuthenticationStatus.SecAuthSuccess;
163     }
164     catch (Exception   e)
165     {
166             if (logger.isDebugEnabled())
167                 logger.debug( "Exception: " + e );
168             
169             if (logger.isInfoEnabled())
170                 logger.info( "authentication failed" );
171 
172         return org.omg.Security.AuthenticationStatus.SecAuthFailure;
173     }
174     }
175 
176     /**
177      * not implemented
178      */
179 
180     public AuthenticationStatus continue_authentication(byte[] response_data,
181                             Credentials creds,
182                             OpaqueHolder continuation_data,
183                             OpaqueHolder auth_specific_data)
184     {
185         throw new org.omg.CORBA.NO_IMPLEMENT  ();
186     }
187 
188 
189     private void registerProvider()
190     {
191         //iaik.security.provider.IAIK.addAsProvider();
192     }
193 }
194 
195 
196 
197 
198 
199 
200 
201 
202 
203 
204
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags