KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > web > security > JASPISecurityFilter


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */

22
23 package org.jboss.test.web.security;
24
25 import java.io.IOException JavaDoc;
26
27 import javax.management.MBeanServerConnection JavaDoc;
28 import javax.management.ObjectName JavaDoc;
29 import javax.naming.Context JavaDoc;
30 import javax.naming.InitialContext JavaDoc;
31 import javax.naming.NamingException JavaDoc;
32 import javax.security.auth.callback.CallbackHandler JavaDoc;
33 import javax.security.auth.message.config.AuthConfigFactory;
34 import javax.security.auth.message.config.AuthConfigProvider;
35 import javax.security.auth.message.config.ServerAuthConfig;
36 import javax.security.auth.message.config.ServerAuthContext;
37 import javax.security.jacc.PolicyContext JavaDoc;
38 import javax.servlet.Filter JavaDoc;
39 import javax.servlet.FilterChain JavaDoc;
40 import javax.servlet.FilterConfig JavaDoc;
41 import javax.servlet.ServletException JavaDoc;
42 import javax.servlet.ServletRequest JavaDoc;
43 import javax.servlet.ServletResponse JavaDoc;
44  
45 import org.jboss.logging.Logger;
46 import org.jboss.security.AuthenticationManager;
47 import org.jboss.security.SecurityConstants;
48 import org.jboss.security.SimplePrincipal;
49 import org.jboss.security.auth.callback.SecurityAssociationHandler;
50 import org.jboss.security.auth.login.XMLLoginConfigImpl;
51 import org.jboss.security.auth.message.config.JBossAuthConfigProvider;
52
53
54 //$Id: JASPISecurityFilter.java 45186 2006-05-23 20:31:47Z asaldhana $
55

56 /**
57  * Servlet Filter that is used to test the JASPI Security Framework
58  * You can customize the behavior based on the init params
59  * @author <a HREF="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
60  * @since Jan 6, 2006
61  * @version $Revision: 45186 $
62  */

63 public class JASPISecurityFilter implements Filter JavaDoc
64 {
65    private static Logger log = Logger.getLogger(JASPISecurityFilter.class);
66    
67    private FilterConfig JavaDoc filterConfig = null;
68    
69    private boolean testJASPIServerAuthContext = false;
70    
71    private String JavaDoc securityDomain = null;
72    
73    private String JavaDoc configFile = null;
74    
75    public void init(FilterConfig JavaDoc filterConfig)
76    throws ServletException JavaDoc
77    {
78       this.filterConfig = filterConfig;
79       String JavaDoc testJASPIServerAuthContextStr = filterConfig.getInitParameter("testJASPIServerAuthContext");
80       if(testJASPIServerAuthContextStr != null)
81       {
82          testJASPIServerAuthContext = Boolean.valueOf(testJASPIServerAuthContextStr).booleanValue();
83       }
84       securityDomain = filterConfig.getInitParameter("securityDomain");
85       if(securityDomain == null)
86          securityDomain = "java:/jbsx/other";
87       
88       configFile = filterConfig.getInitParameter("configFile");
89       if(configFile == null)
90          throw new ServletException JavaDoc("Param configFile is missing for the filter:" +JASPISecurityFilter.class );
91    }
92    
93    public void destroy()
94    {
95       this.filterConfig = null;
96    }
97
98    public void doFilter(ServletRequest JavaDoc request, ServletResponse JavaDoc response, FilterChain JavaDoc filterChain)
99    throws IOException JavaDoc, ServletException JavaDoc
100    {
101       if(this.testJASPIServerAuthContext)
102             testServerAuthContext(request);
103    }
104    
105    //PRIVATE METHODS
106
private void testServerAuthContext(ServletRequest JavaDoc request) throws ServletException JavaDoc
107    {
108       try
109       {
110          //Establish the configuration
111
generateConfiguration();
112          String JavaDoc contextId = PolicyContext.getContextID();
113          //Establish the contextid-securitydomain mapping
114
//with the JASPISecurityManager Service
115
MBeanServerConnection JavaDoc server = getMBeanServerConnection();
116          ObjectName JavaDoc oname = new ObjectName JavaDoc("jboss.security:service=JASPISecurityManager");
117          String JavaDoc regSecDom = (String JavaDoc)server.invoke(oname,"getSecurityDomain",
118                new Object JavaDoc[]{contextId},
119                new String JavaDoc[] {"java.lang.String"} );
120          if(regSecDom == null)
121          {
122             server.invoke(oname,"registerSecurityDomain",
123                   new Object JavaDoc[]{securityDomain,contextId},
124                   new String JavaDoc[] {"java.lang.String", "java.lang.String"} );
125          }
126          AuthConfigFactory factory = AuthConfigFactory.getFactory();
127          AuthConfigProvider acp = factory.getConfigProvider(SecurityConstants.SERVLET_LAYER,
128                                             contextId,null);
129          if(acp == null)
130          {
131             acp = new JBossAuthConfigProvider(null);
132          }
133          CallbackHandler JavaDoc cbh = new SecurityAssociationHandler();
134          ServerAuthConfig sc = acp.getServerAuthConfig(SecurityConstants.SERVLET_LAYER,
135                                             contextId,cbh);
136          if(sc == null)
137             throw new ServletException JavaDoc("ServerAuthConfig is null");
138          ServerAuthContext sa = sc.getAuthContext(null,null);
139          if(sa == null)
140             throw new ServletException JavaDoc("ServerAuthContext obtained is null");
141          String JavaDoc username = request.getParameter("user");
142          String JavaDoc pass = request.getParameter("pass");
143          AuthenticationManager am = (AuthenticationManager)sa;
144          boolean isValid = am.isValid(new SimplePrincipal(username),pass);
145          if(isValid == false)
146             throw new ServletException JavaDoc("Validation failed for username=" + username);
147          else
148             log.error("Validation passed for username="+username+". This is good!");
149       }catch(Exception JavaDoc e)
150       {
151          throw new ServletException JavaDoc(e);
152       }
153    }
154    
155    private void generateConfiguration() throws IOException JavaDoc
156    {
157       // Install the custom JAAS configuration
158
XMLLoginConfigImpl config = new XMLLoginConfigImpl();
159       config.setConfigResource(configFile);
160       config.loadConfig();
161    }
162    
163    private MBeanServerConnection JavaDoc getMBeanServerConnection() throws NamingException JavaDoc
164    {
165       Context JavaDoc ctx = new InitialContext JavaDoc();
166       return (MBeanServerConnection JavaDoc)ctx.lookup("jmx/invoker/RMIAdaptor");
167    }
168 }
169
Popular Tags