KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jacorb > security > sas > JsseContext


1 package org.jacorb.security.sas;
2
3 /*
4  * JacORB - a free Java ORB
5  *
6  * Copyright (C) 2002-2004 Gerald Brose
7  *
8  * This library is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU Library General Public
10  * License as published by the Free Software Foundation; either
11  * version 2 of the License, or (at your option) any later version.
12  *
13  * This library is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16  * Library General Public License for more details.
17  *
18  * You should have received a copy of the GNU Library General Public
19  * License along with this library; if not, write to the Free
20  * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21  */
22
23 import java.security.cert.X509Certificate JavaDoc;
24
25 import javax.net.ssl.SSLSocket;
26
27 import org.apache.avalon.framework.configuration.Configuration;
28 import org.apache.avalon.framework.configuration.ConfigurationException;
29 import org.apache.avalon.framework.logger.Logger;
30 import org.jacorb.orb.dsi.ServerRequest;
31 import org.jacorb.orb.giop.GIOPConnection;
32 import org.jacorb.orb.iiop.ServerIIOPConnection;
33 import org.jacorb.orb.portableInterceptor.ServerRequestInfoImpl;
34 import org.omg.CORBA.ORB JavaDoc;
35 import org.omg.CSI.IdentityToken;
36 import org.omg.CSIIOP.CompoundSecMechList;
37 import org.omg.IOP.Codec JavaDoc;
38 import org.omg.PortableInterceptor.ServerRequestInfo JavaDoc;
39
40 public class JsseContext
41     implements ISASContext
42 {
43     /** the logger used by the naming service implementation */
44     private Logger logger = null;
45
46     private X509Certificate JavaDoc client_cert = null;
47
48     public void configure(Configuration configuration)
49         throws ConfigurationException
50     {
51     }
52
53     
54     public JsseContext(Logger logger)
55     {
56         this.logger = logger;
57     }
58
59     public boolean validate(ServerRequestInfo JavaDoc ri, byte[] contextToken)
60     {
61         client_cert = getClientCert(ri);
62         if (client_cert == null)
63             return false;
64         return true;
65     }
66
67     public String JavaDoc getPrincipalName()
68     {
69         if (client_cert == null)
70             return null;
71         return client_cert.getSubjectDN().getName();
72     }
73
74     /**
75      * This method retrievs the received client certificate
76      * from the Credentials.
77      */
78     private X509Certificate JavaDoc getClientCert(ServerRequestInfo JavaDoc ri)
79     {
80         ServerRequest request = ((ServerRequestInfoImpl) ri).request;
81
82         GIOPConnection connection = request.getConnection();
83
84         // lookup for context
85 if (connection == null)
86         {
87             if (logger.isWarnEnabled())
88                 logger.warn("target has no connection!");
89             return null;
90         }
91
92         if( !connection.isSSL() )
93         {
94             return null;
95         }
96
97         ServerIIOPConnection transport =
98             (ServerIIOPConnection) connection.getTransport();
99
100         SSLSocket sslSocket = (SSLSocket) transport.getSocket();
101         try
102         {
103             return (X509Certificate JavaDoc)sslSocket.getSession().getPeerCertificates()[0];
104         }
105         catch( javax.net.ssl.SSLPeerUnverifiedException pue )
106         {
107             if (logger.isDebugEnabled())
108                 logger.debug("SSLPeerUnverifiedException", pue );
109             return null;
110         }
111
112         /*
113
114         KeyAndCert kac = null;
115
116         try
117         {
118         kac =
119         new KeyAndCert( null, sslSocket.getSession().getPeerCertificates() );
120         }
121         catch( javax.net.ssl.SSLPeerUnverifiedException pue )
122         {
123         Debug.output( 2, pue );
124         return;
125         }
126
127         if( kac.chain == null )
128         {
129         Debug.output( 2, "Client sent no certificate chain!" );
130
131         return;
132         }
133
134         SecAttribute [] atts = new SecAttribute[] {
135         attrib_mgr.createAttribute( kac, type ) } ;
136
137         current.set_received_credentials( new ReceivedCredentialsImpl( atts ) );
138
139
140
141
142         SecAttributeManager attrib_mgr = SecAttributeManager.getInstance();
143
144         AttributeType attribute_type =
145         new AttributeType(new ExtensibleFamily((short) 0,
146         (short) 1),
147         AccessId.value);
148
149         AttributeType[] access_id = new AttributeType[] {attribute_type};
150
151         org.omg.SecurityLevel2.Current current = null;
152         try {
153         current = (org.omg.SecurityLevel2.Current)orb.resolve_initial_references( "SecurityCurrent" );
154         } catch (Exception e) {
155         Debug.output(1, "Error getting current: " + e);
156         return null;
157         }
158
159         //get the ReceivedCredentials
160         ReceivedCredentials creds = current.received_credentials();
161
162         if (creds == null)
163         {
164         System.out.println("No received credentials in Current");
165         return null;
166         }
167
168         //get the SecAttributes we're interested in
169         SecAttribute[] attribs = creds.get_attributes( access_id );
170
171         if( attribs.length == 0 )
172         {
173         System.out.println("No attributes in Current credentials");
174         return null;
175         }
176
177         //get the actual contents of the SecAttributes via
178         //the SecAttributeManager
179         KeyAndCert kac = attrib_mgr.getAttributeCertValue( attribs[0] );
180
181         if( kac == null )
182         {
183         System.out.println("Could not get Cert Attribute Value for "+attribs[0]);
184         return null;
185         }
186
187         //return the first (self-signed) certificate of the chain
188         return (X509Certificate) kac.chain[0];
189         */
190     }
191
192     /* (non-Javadoc)
193      * @see org.jacorb.security.sas.ISASContext#createContext(org.omg.PortableInterceptor.ClientRequestInfo)
194      */
195     public byte[] createClientContext(ORB JavaDoc orb, Codec JavaDoc codec, CompoundSecMechList csmList) {
196         // TODO Auto-generated method stub
197 return null;
198     }
199
200     /* (non-Javadoc)
201      * @see org.jacorb.security.sas.ISASContext#getCreatedPrincipal()
202      */
203     public String JavaDoc getClientPrincipal() {
204         // TODO Auto-generated method stub
205 return null;
206     }
207
208     /* (non-Javadoc)
209      * @see org.jacorb.security.sas.ISASContext#validateContext(org.omg.PortableInterceptor.ServerRequestInfo, byte[])
210      */
211     public boolean validateContext(ORB JavaDoc orb, Codec JavaDoc codec, byte[] contextToken) {
212         // TODO Auto-generated method stub
213 return false;
214     }
215
216     /* (non-Javadoc)
217      * @see org.jacorb.security.sas.ISASContext#getValidatedPrincipal()
218      */
219     public String JavaDoc getValidatedPrincipal() {
220         // TODO Auto-generated method stub
221 return null;
222     }
223
224     /* (non-Javadoc)
225      * @see org.jacorb.security.sas.ISASContext#initClient()
226      */
227     public void initClient() {
228         // TODO Auto-generated method stub
229
230     }
231
232     /* (non-Javadoc)
233      * @see org.jacorb.security.sas.ISASContext#initTarget()
234      */
235     public void initTarget() {
236         // TODO Auto-generated method stub
237
238     }
239
240     public String JavaDoc getMechOID() {
241         return "";
242     }
243
244     /* (non-Javadoc)
245      * @see org.jacorb.security.sas.ISASContext#createIdentityToken(org.omg.PortableInterceptor.ClientRequestInfo, org.omg.CSIIOP.CompoundSecMechList)
246      */
247     public IdentityToken createIdentityToken(ORB JavaDoc orb, Codec JavaDoc codec, CompoundSecMechList csmList) {
248         // TODO Auto-generated method stub
249 return null;
250     }
251 }
252
Popular Tags