1 7 8 package org.jboss.security.auth.spi; 9 10 import java.util.Properties ; 11 import java.util.Enumeration ; 12 import java.util.ArrayList ; 13 import java.util.StringTokenizer ; 14 import java.util.HashMap ; 15 import java.io.IOException ; 16 import java.io.InputStream ; 17 import java.net.URL ; 18 import java.net.URLClassLoader ; 19 import java.security.acl.Group ; 20 import java.security.Principal ; 21 import java.sql.Connection ; 22 import java.sql.PreparedStatement ; 23 import java.sql.ResultSet ; 24 import java.sql.SQLException ; 25 26 import javax.security.auth.login.LoginException ; 27 import javax.security.auth.login.FailedLoginException ; 28 import javax.naming.InitialContext ; 29 import javax.naming.NamingException ; 30 import javax.sql.DataSource ; 31 32 import org.jboss.logging.Logger; 33 import org.jboss.security.SimpleGroup; 34 35 41 public class Util 42 { 43 54 static Group [] getRoleSets(String targetUser, Properties roles, 55 char roleGroupSeperator, AbstractServerLoginModule aslm) 56 { 57 Enumeration users = roles.propertyNames(); 58 SimpleGroup rolesGroup = new SimpleGroup("Roles"); 59 ArrayList groups = new ArrayList (); 60 groups.add(rolesGroup); 61 while (users.hasMoreElements() && targetUser != null) 62 { 63 String user = (String ) users.nextElement(); 64 String value = roles.getProperty(user); 65 int index = user.indexOf(roleGroupSeperator); 67 boolean isRoleGroup = false; 68 boolean userMatch = false; 69 if (index > 0 && targetUser.regionMatches(0, user, 0, index) == true) 70 isRoleGroup = true; 71 else 72 userMatch = targetUser.equals(user); 73 74 if (isRoleGroup == true) 76 { 77 String groupName = user.substring(index + 1); 78 if (groupName.equals("Roles")) 79 parseGroupMembers(rolesGroup, value, aslm); 80 else 81 { 82 SimpleGroup group = new SimpleGroup(groupName); 83 parseGroupMembers(group, value, aslm); 84 groups.add(group); 85 } 86 } 87 else if (userMatch == true) 88 { 89 parseGroupMembers(rolesGroup, value, aslm); 91 } 92 } 93 Group [] roleSets = new Group [groups.size()]; 94 groups.toArray(roleSets); 95 return roleSets; 96 } 97 98 103 static Group [] getRoleSets(String username, String dsJndiName, 104 String rolesQuery, AbstractServerLoginModule aslm) 105 throws LoginException 106 { 107 Connection conn = null; 108 HashMap setsMap = new HashMap (); 109 PreparedStatement ps = null; 110 ResultSet rs = null; 111 112 try 113 { 114 InitialContext ctx = new InitialContext (); 115 DataSource ds = (DataSource ) ctx.lookup(dsJndiName); 116 conn = ds.getConnection(); 117 ps = conn.prepareStatement(rolesQuery); 119 try 120 { 121 ps.setString(1, username); 122 } 123 catch(ArrayIndexOutOfBoundsException ignore) 124 { 125 } 127 rs = ps.executeQuery(); 128 if( rs.next() == false ) 129 { 130 if( aslm.getUnauthenticatedIdentity() == null ) 131 throw new FailedLoginException ("No matching username found in Roles"); 132 135 Group [] roleSets = { new SimpleGroup("Roles") }; 136 return roleSets; 137 } 138 139 do 140 { 141 String name = rs.getString(1); 142 String groupName = rs.getString(2); 143 if( groupName == null || groupName.length() == 0 ) 144 groupName = "Roles"; 145 Group group = (Group ) setsMap.get(groupName); 146 if( group == null ) 147 { 148 group = new SimpleGroup(groupName); 149 setsMap.put(groupName, group); 150 } 151 152 try 153 { 154 Principal p = aslm.createIdentity(name); 155 aslm.log.trace("Assign user to role " + name); 156 group.addMember(p); 157 } 158 catch(Exception e) 159 { 160 aslm.log.debug("Failed to create principal: "+name, e); 161 } 162 } while( rs.next() ); 163 } 164 catch(NamingException ex) 165 { 166 throw new LoginException (ex.toString(true)); 167 } 168 catch(SQLException ex) 169 { 170 aslm.log.error("SQL failure", ex); 171 throw new LoginException (ex.toString()); 172 } 173 finally 174 { 175 if( rs != null ) 176 { 177 try 178 { 179 rs.close(); 180 } 181 catch(SQLException e) 182 {} 183 } 184 if( ps != null ) 185 { 186 try 187 { 188 ps.close(); 189 } 190 catch(SQLException e) 191 {} 192 } 193 if( conn != null ) 194 { 195 try 196 { 197 conn.close(); 198 } 199 catch (Exception ex) 200 {} 201 } 202 } 203 204 Group [] roleSets = new Group [setsMap.size()]; 205 setsMap.values().toArray(roleSets); 206 return roleSets; 207 } 208 209 225 static Properties loadProperties(String defaultsName, String propertiesName, Logger log) 226 throws IOException 227 { 228 Properties bundle = null; 229 ClassLoader loader = Thread.currentThread().getContextClassLoader(); 230 URL defaultUrl = null; 231 URL url = null; 232 if( loader instanceof URLClassLoader ) 234 { 235 URLClassLoader ucl = (URLClassLoader ) loader; 236 defaultUrl = ucl.findResource(defaultsName); 237 url = ucl.findResource(propertiesName); 238 log.trace("findResource: "+url); 239 } 240 if( defaultUrl == null ) 242 defaultUrl = loader.getResource(defaultsName); 243 if( url == null ) 244 url = loader.getResource(propertiesName); 245 if( url == null && defaultUrl == null ) 246 { 247 String msg = "No properties file: " + propertiesName 248 + " or defaults: " +defaultsName+ " found"; 249 throw new IOException (msg); 250 } 251 252 log.trace("Properties file=" + url+", defaults="+defaultUrl); 253 Properties defaults = new Properties (); 254 if( defaultUrl != null ) 255 { 256 try 257 { 258 InputStream is = defaultUrl.openStream(); 259 defaults.load(is); 260 is.close(); 261 log.debug("Loaded defaults, users="+defaults.keySet()); 262 } 263 catch(Throwable e) 264 { 265 log.debug("Failed to load defaults", e); 266 } 267 } 268 269 bundle = new Properties (defaults); 270 if( url != null ) 271 { 272 InputStream is = url.openStream(); 273 if (is != null) 274 { 275 bundle.load(is); 276 is.close(); 277 } 278 else 279 { 280 throw new IOException ("Properties file " + propertiesName + " not avilable"); 281 } 282 log.debug("Loaded properties, users="+bundle.keySet()); 283 } 284 285 return bundle; 286 } 287 288 297 static void parseGroupMembers(Group group, String roles, 298 AbstractServerLoginModule aslm) 299 { 300 StringTokenizer tokenizer = new StringTokenizer (roles, ","); 301 while (tokenizer.hasMoreTokens()) 302 { 303 String token = tokenizer.nextToken(); 304 try 305 { 306 Principal p = aslm.createIdentity(token); 307 group.addMember(p); 308 } 309 catch (Exception e) 310 { 311 aslm.log.warn("Failed to create principal for: "+token, e); 312 } 313 } 314 } 315 } 316 | Popular Tags |