1 22 package org.jboss.jmx.connector.invoker; 23 24 import java.security.Principal ; 25 import javax.naming.InitialContext ; 26 import javax.security.auth.Subject ; 27 28 import org.jboss.mx.server.Invocation; 29 import org.jboss.mx.interceptor.AbstractInterceptor; 30 import org.jboss.mx.interceptor.Interceptor; 31 import org.jboss.security.SubjectSecurityManager; 32 import org.jboss.security.SecurityContext.SubjectInfo; 33 import org.jboss.security.plugins.JBossSecurityContext; 34 35 36 47 public final class AuthenticationInterceptor 48 extends AbstractInterceptor 49 { 50 private SubjectSecurityManager securityMgr; 51 52 public void setSecurityDomain(String securityDomain) 53 throws Exception 54 { 55 try 56 { 57 InitialContext ctx = new InitialContext (); 58 securityMgr = (SubjectSecurityManager) ctx.lookup(securityDomain); 59 } 60 catch(Exception e) 61 { 62 63 } 64 65 } 66 67 73 public Object invoke(Invocation invocation) throws Throwable 74 { 75 String type = invocation.getType(); 76 Subject subject = null; 77 if( type == Invocation.OP_INVOKE && securityMgr != null ) 78 { 79 String opName = invocation.getName(); 80 if( opName.equals("invoke") ) 81 { 82 Object [] args = invocation.getArgs(); 83 org.jboss.invocation.Invocation inv = (org.jboss.invocation.Invocation) args[0]; 84 Principal caller = inv.getPrincipal(); 86 Object credential = inv.getCredential(); 87 subject = new Subject (); 88 boolean isValid = securityMgr.isValid(caller, credential, subject); 89 if( isValid == false ) 90 { 91 String msg = "Failed to authenticate principal="+caller 92 +", securityDomain="+securityMgr.getSecurityDomain(); 93 throw new SecurityException (msg); 94 95 } 96 SecurityActions.pushSubjectContext(caller, credential, subject); 98 establishSecurityContext(securityMgr.getSecurityDomain(), caller, 100 credential, subject); 101 } 102 } 103 104 try 105 { 106 Interceptor i = invocation.nextInterceptor(); 107 return i.invoke(invocation); 108 } 109 finally 110 { 111 if( subject != null ) 113 SecurityActions.popSubjectContext(); 114 } 115 } 116 private void establishSecurityContext(String domain, Principal p, Object cred, 118 Subject subject) 119 { 120 JBossSecurityContext jsc = new JBossSecurityContext(domain); 121 SubjectInfo si = jsc.new SubjectInfo(); 122 si.setAuthenticatedSubject(subject); 123 si.setAuthenticationCredential(cred); 124 si.setAuthenticationPrincipal(p); 125 jsc.setSubjectInfo(si); 126 SecurityActions.setSecurityContext(jsc, domain); 127 } 128 } 129 | Popular Tags |