1 7 8 10 package org.jboss.net.axis.server; 11 12 import org.jboss.axis.AxisFault; 13 import org.jboss.axis.MessageContext; 14 import org.jboss.axis.handlers.BasicHandler; 15 import org.jboss.security.NobodyPrincipal; 16 import org.jboss.security.SecurityAssociation; 17 import org.jboss.security.SimplePrincipal; 18 import org.jboss.security.SubjectSecurityManager; 19 20 import javax.naming.InitialContext ; 21 import javax.naming.NamingException ; 22 import javax.security.auth.Subject ; 23 import java.security.Principal ; 24 25 54 public class JBossAuthenticationHandler extends BasicHandler 55 { 56 57 61 62 protected boolean isInitialised; 63 64 65 protected boolean shouldValidateUnauthenticatedCalls; 66 67 72 protected SubjectSecurityManager authMgr; 73 74 78 79 public JBossAuthenticationHandler() 80 { 81 } 82 83 87 91 protected void initialise() throws AxisFault 92 { 93 isInitialised = true; 94 authMgr = null; 95 shouldValidateUnauthenticatedCalls = false; 96 String securityDomain = (String )getOption(Constants.SECURITY_DOMAIN_OPTION); 97 if (securityDomain != null) 98 { 99 try 100 { 101 authMgr = 103 (SubjectSecurityManager)new InitialContext ().lookup(securityDomain); 104 } 105 catch (NamingException e) 106 { 107 throw new AxisFault("Could not lookup associated security domain " + securityDomain, 108 e); 109 } 110 } 111 String unauthenticatedCalls = (String )getOption(Constants.VALIDATE_UNAUTHENTICATED_CALLS_OPTION); 112 if (unauthenticatedCalls != null) 113 { 114 try 115 { 116 shouldValidateUnauthenticatedCalls = new Boolean (unauthenticatedCalls).booleanValue(); 118 } 119 catch (Exception e) 120 { 121 throw new AxisFault("Could not set validateUnauthenticatedCalls option.", e); 122 } 123 } 124 } 125 126 130 protected Principal getPrincipal(String userName) 131 { 132 if (userName == null) 133 { 134 return NobodyPrincipal.NOBODY_PRINCIPAL; 135 } 136 else 137 { 138 return new SimplePrincipal(userName); 139 } 140 } 141 142 143 protected Subject validate(Principal userPrincipal, String passwd) throws AxisFault 144 { 145 char[] passChars = passwd != null ? passwd.toCharArray() : null; 147 Subject subject = null; 149 if (shouldValidateUnauthenticatedCalls || userPrincipal != NobodyPrincipal.NOBODY_PRINCIPAL) 150 { 151 subject = new Subject (); 152 if (!authMgr.isValid(userPrincipal, passChars, subject)) 154 { 155 throw new AxisFault("Server.Unauthenticated", 156 org.jboss.axis.utils.Messages.getMessage 157 ("cantAuth01", 158 userPrincipal.getName()), 159 null, null); 160 } 161 } 162 return subject; 163 } 164 165 166 protected void associate(Principal userPrincipal, String passwd, Subject subject) 167 { 168 if (shouldValidateUnauthenticatedCalls || userPrincipal != NobodyPrincipal.NOBODY_PRINCIPAL) 170 { 171 SecurityAssociation.pushSubjectContext(subject, userPrincipal, passwd); 172 } 173 else 174 { 175 SecurityAssociation.setPrincipal(null); 177 SecurityAssociation.setCredential(null); 178 } 179 } 180 181 185 191 192 public void invoke(MessageContext msgContext) throws AxisFault 193 { 194 195 if (!isInitialised) 197 { 198 synchronized (this) 199 { 200 if (!isInitialised) 201 { 202 initialise(); 203 } 204 } 205 } 206 207 if (authMgr == null) 208 { 209 throw new AxisFault("No security domain associated."); 210 } 211 212 String userID = msgContext.getUsername(); 214 Principal userPrincipal = getPrincipal(userID); 216 String passwd = msgContext.getPassword(); 218 Subject subject = validate(userPrincipal, passwd); 220 associate(userPrincipal, passwd, subject); 222 msgContext.setProperty(MessageContext.AUTHUSER, subject); 224 } 225 226 } | Popular Tags |