SubjectActions


1   /*
2   * JBoss, the OpenSource J2EE webOS
3   *
4   * Distributable under LGPL license.
5   * See terms of license at gnu.org.
6   */
7   package org.jboss.security.plugins;
8   
9   import java.security.PrivilegedAction  ;
10  import java.security.AccessController  ;
11  import java.security.PrivilegedExceptionAction  ;
12  import java.security.PrivilegedActionException  ;
13  import java.security.Principal  ;
14  import java.util.Set  ;
15  import java.util.Iterator  ;
16  import javax.security.auth.Subject  ;
17  import javax.security.auth.login.LoginContext  ;
18  import javax.security.auth.login.LoginException  ;
19  import javax.security.auth.callback.CallbackHandler  ;
20  
21  import org.jboss.security.SecurityAssociation;
22  
23  /** Common PrivilegedAction used by classes in this package.
24   * 
25   * @author Scott.Stark@jboss.org
26   * @version $Revison:$
27   */
28  class SubjectActions
29  {
30     private static class ToStringSubjectAction implements PrivilegedAction  
31     {
32        Subject   subject;
33        ToStringSubjectAction(Subject   subject)
34        {
35           this.subject = subject;
36        }
37        public Object   run()
38        {
39           StringBuffer   tmp = new StringBuffer  ();
40           tmp.append("Subject(");
41           tmp.append(System.identityHashCode(subject));
42           tmp.append(").principals=");
43           Iterator   principals = subject.getPrincipals().iterator();
44           while( principals.hasNext() )
45           {
46              Object   p = principals.next();
47              Class   c = p.getClass();
48              tmp.append(c.getName());
49              tmp.append('@');
50              tmp.append(System.identityHashCode(c));
51              tmp.append('(');
52              tmp.append(p);
53              tmp.append(')');
54           }
55           return tmp.toString();
56        }
57     }
58  
59     private static class GetSubjectAction implements PrivilegedAction  
60     {
61        static PrivilegedAction   ACTION = new GetSubjectAction();
62        public Object   run()
63        {
64           Subject   subject = SecurityAssociation.getSubject();
65           return subject;
66        }
67     }
68  
69     private static class CopySubjectAction implements PrivilegedAction  
70     {
71        Subject   fromSubject;
72        Subject   toSubject;
73        boolean setReadOnly;
74        CopySubjectAction(Subject   fromSubject, Subject   toSubject, boolean setReadOnly)
75        {
76           this.fromSubject = fromSubject;
77           this.toSubject = toSubject;
78           this.setReadOnly = setReadOnly;
79        }
80        public Object   run()
81        {
82           Set   principals = fromSubject.getPrincipals();
83           Set   principals2 = toSubject.getPrincipals();
84           Iterator   iter = principals.iterator();
85           while( iter.hasNext() )
86              principals2.add(iter.next());
87           Set   privateCreds = fromSubject.getPrivateCredentials();
88           Set   privateCreds2 = toSubject.getPrivateCredentials();
89           iter = privateCreds.iterator();
90           while( iter.hasNext() )
91              privateCreds2.add(iter.next());
92           Set   publicCreds = fromSubject.getPublicCredentials();
93           Set   publicCreds2 = toSubject.getPublicCredentials();
94           iter = publicCreds.iterator();
95           while( iter.hasNext() )
96              publicCreds2.add(iter.next());
97           if( setReadOnly == true )
98              toSubject.setReadOnly();
99           return null;
100       }
101    }
102 
103    private static class LoginContextAction implements PrivilegedExceptionAction  
104    {
105       String   securityDomain;
106       Subject   subject;
107       CallbackHandler   handler;
108       LoginContextAction(String   securityDomain, Subject   subject,
109          CallbackHandler   handler)
110       {
111          this.securityDomain = securityDomain;
112          this.subject = subject;
113          this.handler = handler;
114       }
115       public Object   run() throws Exception  
116       {
117          LoginContext   lc = new LoginContext  (securityDomain, subject, handler);
118          return lc;
119       }
120    }
121 
122    private static class GetTCLAction implements PrivilegedAction  
123    {
124       static PrivilegedAction   ACTION = new GetTCLAction();
125       public Object   run()
126       {
127          ClassLoader   loader = Thread.currentThread().getContextClassLoader();
128          return loader;
129       }
130    }
131 
132    private static class SetContextInfoAction implements PrivilegedAction  
133    {
134       Object   key;
135       Object   value;
136       SetContextInfoAction(Object   key, Object   value)
137       {
138          this.key = key;
139          this.value = value;
140       }
141       public Object   run()
142       {
143          return SecurityAssociation.setContextInfo(key, value);
144       }
145    }
146 
147    interface PrincipalInfoAction
148    {
149       PrincipalInfoAction PRIVILEGED = new PrincipalInfoAction()
150       {
151          public void push(final Principal   principal, final Object   credential,
152             final Subject   subject)
153          {
154             AccessController.doPrivileged(
155                new PrivilegedAction  ()
156                {
157                   public Object   run()
158                   {
159                      SecurityAssociation.pushSubjectContext(subject, principal, credential);
160                      return null;
161                   }
162                }
163             );
164          }
165          public void pop()
166          {
167             AccessController.doPrivileged(
168                new PrivilegedAction  ()
169                {
170                   public Object   run()
171                   {
172                      SecurityAssociation.popSubjectContext();
173                      return null;
174                   }
175                }
176             );
177          }
178       };
179 
180       PrincipalInfoAction NON_PRIVILEGED = new PrincipalInfoAction()
181       {
182          public void push(Principal   principal, Object   credential, Subject   subject)
183          {
184             SecurityAssociation.pushSubjectContext(subject, principal, credential);
185          }
186          public void pop()
187          {
188             SecurityAssociation.popSubjectContext();
189          }
190       };
191 
192       void push(Principal   principal, Object   credential, Subject   subject);
193       void pop();
194    }
195 
196    static Subject   getActiveSubject()
197    {
198       Subject   subject = (Subject  ) AccessController.doPrivileged(GetSubjectAction.ACTION);
199       return subject;
200    }
201    static void copySubject(Subject   fromSubject, Subject   toSubject)
202    {
203       copySubject(fromSubject, toSubject, false);
204    }
205    static void copySubject(Subject   fromSubject, Subject   toSubject, boolean setReadOnly)
206    {
207       CopySubjectAction action = new CopySubjectAction(fromSubject, toSubject, setReadOnly);
208       if( System.getSecurityManager() != null )
209          AccessController.doPrivileged(action);
210       else
211          action.run();
212    }
213 
214    static LoginContext   createLoginContext(String   securityDomain, Subject   subject,
215       CallbackHandler   handler)
216       throws LoginException  
217    {
218       LoginContextAction action = new LoginContextAction(securityDomain, subject, handler);
219       try
220       {
221          LoginContext   lc = (LoginContext  ) AccessController.doPrivileged(action);
222          return lc;
223       }
224       catch(PrivilegedActionException   e)
225       {
226          Exception   ex = e.getException();
227          if( ex instanceof LoginException   )
228             throw (LoginException  ) ex;
229          else
230             throw new LoginException  (ex.getMessage());
231       }
232    }
233 
234    static ClassLoader   getContextClassLoader()
235    {
236       ClassLoader   loader = (ClassLoader  ) AccessController.doPrivileged(GetTCLAction.ACTION);
237       return loader;
238    }
239 
240    static Object   setContextInfo(Object   key, Object   value)
241    {
242       SetContextInfoAction action = new SetContextInfoAction(key, value);
243       Object   prevInfo = AccessController.doPrivileged(action);
244       return prevInfo;
245    }
246 
247    static void pushSubjectContext(Principal   principal, Object   credential,
248       Subject   subject)
249    {
250       if(System.getSecurityManager() == null)
251       {
252          PrincipalInfoAction.NON_PRIVILEGED.push(principal, credential, subject);
253       }
254       else
255       {
256          PrincipalInfoAction.PRIVILEGED.push(principal, credential, subject);
257       }
258    }
259    static void popSubjectContext()
260    {
261       if(System.getSecurityManager() == null)
262       {
263          PrincipalInfoAction.NON_PRIVILEGED.pop();
264       }
265       else
266       {
267          PrincipalInfoAction.PRIVILEGED.pop();
268       }
269    }
270 
271    
272    static String   toString(Subject   subject)
273    {
274       ToStringSubjectAction action = new ToStringSubjectAction(subject);
275       String   info = (String  ) AccessController.doPrivileged(action);
276       return info;
277    }
278 }
279 
280
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags