1 22 23 package org.jboss.test.web.security; 24 25 import java.io.IOException ; 26 27 import javax.management.MBeanServerConnection ; 28 import javax.management.ObjectName ; 29 import javax.naming.Context ; 30 import javax.naming.InitialContext ; 31 import javax.naming.NamingException ; 32 import javax.security.auth.callback.CallbackHandler ; 33 import javax.security.auth.message.config.AuthConfigFactory; 34 import javax.security.auth.message.config.AuthConfigProvider; 35 import javax.security.auth.message.config.ServerAuthConfig; 36 import javax.security.auth.message.config.ServerAuthContext; 37 import javax.security.jacc.PolicyContext ; 38 import javax.servlet.Filter ; 39 import javax.servlet.FilterChain ; 40 import javax.servlet.FilterConfig ; 41 import javax.servlet.ServletException ; 42 import javax.servlet.ServletRequest ; 43 import javax.servlet.ServletResponse ; 44 45 import org.jboss.logging.Logger; 46 import org.jboss.security.AuthenticationManager; 47 import org.jboss.security.SecurityConstants; 48 import org.jboss.security.SimplePrincipal; 49 import org.jboss.security.auth.callback.SecurityAssociationHandler; 50 import org.jboss.security.auth.login.XMLLoginConfigImpl; 51 import org.jboss.security.auth.message.config.JBossAuthConfigProvider; 52 53 54 56 63 public class JASPISecurityFilter implements Filter 64 { 65 private static Logger log = Logger.getLogger(JASPISecurityFilter.class); 66 67 private FilterConfig filterConfig = null; 68 69 private boolean testJASPIServerAuthContext = false; 70 71 private String securityDomain = null; 72 73 private String configFile = null; 74 75 public void init(FilterConfig filterConfig) 76 throws ServletException 77 { 78 this.filterConfig = filterConfig; 79 String testJASPIServerAuthContextStr = filterConfig.getInitParameter("testJASPIServerAuthContext"); 80 if(testJASPIServerAuthContextStr != null) 81 { 82 testJASPIServerAuthContext = Boolean.valueOf(testJASPIServerAuthContextStr).booleanValue(); 83 } 84 securityDomain = filterConfig.getInitParameter("securityDomain"); 85 if(securityDomain == null) 86 securityDomain = "java:/jbsx/other"; 87 88 configFile = filterConfig.getInitParameter("configFile"); 89 if(configFile == null) 90 throw new ServletException ("Param configFile is missing for the filter:" +JASPISecurityFilter.class ); 91 } 92 93 public void destroy() 94 { 95 this.filterConfig = null; 96 } 97 98 public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) 99 throws IOException , ServletException 100 { 101 if(this.testJASPIServerAuthContext) 102 testServerAuthContext(request); 103 } 104 105 private void testServerAuthContext(ServletRequest request) throws ServletException 107 { 108 try 109 { 110 generateConfiguration(); 112 String contextId = PolicyContext.getContextID(); 113 MBeanServerConnection server = getMBeanServerConnection(); 116 ObjectName oname = new ObjectName ("jboss.security:service=JASPISecurityManager"); 117 String regSecDom = (String )server.invoke(oname,"getSecurityDomain", 118 new Object []{contextId}, 119 new String [] {"java.lang.String"} ); 120 if(regSecDom == null) 121 { 122 server.invoke(oname,"registerSecurityDomain", 123 new Object []{securityDomain,contextId}, 124 new String [] {"java.lang.String", "java.lang.String"} ); 125 } 126 AuthConfigFactory factory = AuthConfigFactory.getFactory(); 127 AuthConfigProvider acp = factory.getConfigProvider(SecurityConstants.SERVLET_LAYER, 128 contextId,null); 129 if(acp == null) 130 { 131 acp = new JBossAuthConfigProvider(null); 132 } 133 CallbackHandler cbh = new SecurityAssociationHandler(); 134 ServerAuthConfig sc = acp.getServerAuthConfig(SecurityConstants.SERVLET_LAYER, 135 contextId,cbh); 136 if(sc == null) 137 throw new ServletException ("ServerAuthConfig is null"); 138 ServerAuthContext sa = sc.getAuthContext(null,null); 139 if(sa == null) 140 throw new ServletException ("ServerAuthContext obtained is null"); 141 String username = request.getParameter("user"); 142 String pass = request.getParameter("pass"); 143 AuthenticationManager am = (AuthenticationManager)sa; 144 boolean isValid = am.isValid(new SimplePrincipal(username),pass); 145 if(isValid == false) 146 throw new ServletException ("Validation failed for username=" + username); 147 else 148 log.error("Validation passed for username="+username+". This is good!"); 149 }catch(Exception e) 150 { 151 throw new ServletException (e); 152 } 153 } 154 155 private void generateConfiguration() throws IOException 156 { 157 XMLLoginConfigImpl config = new XMLLoginConfigImpl(); 159 config.setConfigResource(configFile); 160 config.loadConfig(); 161 } 162 163 private MBeanServerConnection getMBeanServerConnection() throws NamingException 164 { 165 Context ctx = new InitialContext (); 166 return (MBeanServerConnection )ctx.lookup("jmx/invoker/RMIAdaptor"); 167 } 168 } 169 | Popular Tags |