1 package org.mr.kernel.security.impl.management.jmx; 2 3 import org.mr.kernel.security.*; 4 import org.mr.MantaAgent; 5 import org.apache.commons.logging.Log; 6 import org.apache.commons.logging.LogFactory; 7 8 import javax.management.*; 9 import javax.jms.JMSSecurityException ; 10 11 import org.mr.kernel.security.impl.management.*; 12 import org.mr.kernel.security.authorization.PermissionFactory; 13 import org.mr.kernel.security.authorization.permissions.MantaPermission; 14 15 import java.util.Collection ; 16 17 24 public class SecurityManagementJMX extends StandardMBean implements SecurityManagementJMXMBean, SecurityConfigurationPaths, SecurityConstants { 25 26 private MantaAuthentication _authentication; 27 private ACLManagement _management; 28 private Log _logger; 29 30 39 public SecurityManagementJMX(ACLManagement management) throws NotCompliantMBeanException { 40 super(SecurityManagementJMXMBean.class); 41 42 String authenticationImplementationClass = MantaAgent.getInstance().getSingletonRepository().getConfigManager().getStringProperty(AUTHENTICATION_IMPLEMENTING_CLASS); 43 44 try { 45 if (authenticationImplementationClass != null) 46 _authentication = (MantaAuthentication) Class.forName(authenticationImplementationClass).newInstance(); 47 48 _management = management; 49 } 50 catch (Exception e){ 51 if (getLogger().isErrorEnabled()) 52 getLogger().error("[SecurityManagementJMX] Error in constructor. " + e.getMessage()); 53 throw new NotCompliantMBeanException(e.getMessage()); 54 } 55 } 56 57 74 public void createUserPrincipal(String authenticationUsername, String authenticationPassword, String newUsername, String newUserGroup, String newUserPassword, int newUserGIDNumber, int newUserUIDNumber, String newUserSurname, String newUserCommonName) throws PrincipalAlreadyExistsException, PrincipalNotFoundException, MantaSecurityException, JMSSecurityException { 75 SessionID sessionID = null; 76 try { 77 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 78 UserPrincipal user = new UserPrincipal(newUsername); 79 user.setProperty(PROPERTY_USER_UID, newUsername); 80 user.setProperty(PROPERTY_USER_GROUP, newUserGroup); 81 user.setProperty(PROPERTY_USER_PASSWORD, newUserPassword); 82 user.setProperty(PROPERTY_USER_GID_NUMBER, newUserGIDNumber+""); 83 user.setProperty(PROPERTY_USER_UID_NUMBER, newUserUIDNumber+""); 84 user.setProperty(PROPERTY_USER_SURNAME, newUserSurname); 85 user.setProperty(PROPERTY_USER_COMMON_NAME, newUserCommonName); 86 _management.createPrincipal(sessionID, user); 87 } 88 finally { 89 if (sessionID != null) 90 _authentication.logout(sessionID); 91 } 92 } 93 94 104 public void createGroupPrincipal(String authenticationUsername, String authenticationPassword, String newGroupName) throws PrincipalAlreadyExistsException, MantaSecurityException, JMSSecurityException { 105 SessionID sessionID = null; 106 try { 107 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 108 GroupPrincipal group = new GroupPrincipal(newGroupName); 109 try { 110 _management.createPrincipal(sessionID, group); 111 } 112 catch (PrincipalNotFoundException e) {} 113 } 114 finally { 115 if (sessionID != null) 116 _authentication.logout(sessionID); 117 } 118 } 119 120 132 public void renameUserPrincipal(String authenticationUsername, String authenticationPassword, String oldUsername, String newUsername) throws PrincipalNotFoundException, PrincipalAlreadyExistsException, MantaSecurityException, JMSSecurityException { 133 SessionID sessionID = null; 134 try { 135 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 136 UserPrincipal user = new UserPrincipal(oldUsername); 137 _management.renamePrincipal(sessionID, user, newUsername); 138 } 139 finally { 140 if (sessionID != null) 141 _authentication.logout(sessionID); 142 } 143 } 144 145 157 public void renameGroupPrincipal(String authenticationUsername, String authenticationPassword, String oldGroupName, String newGroupName) throws PrincipalNotFoundException, PrincipalAlreadyExistsException, MantaSecurityException, JMSSecurityException { 158 SessionID sessionID = null; 159 try { 160 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 161 GroupPrincipal group = new GroupPrincipal(oldGroupName); 162 _management.renamePrincipal(sessionID, group, newGroupName); 163 } 164 finally { 165 if (sessionID != null) 166 _authentication.logout(sessionID); 167 } 168 } 169 170 181 public void setUserGroup(String authenticationUsername, String authenticationPassword, String username, String groupName) throws PrincipalNotFoundException, MantaSecurityException, JMSSecurityException { 182 SessionID sessionID = null; 183 try { 184 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 185 UserPrincipal user = new UserPrincipal(username); 186 _management.setUserGroup(sessionID, user, groupName); 187 } 188 finally { 189 if (sessionID != null) 190 _authentication.logout(sessionID); 191 } 192 } 193 194 205 public void setUserPassword(String authenticationUsername, String authenticationPassword, String username, String password) throws PrincipalNotFoundException, MantaSecurityException, JMSSecurityException { 206 SessionID sessionID = null; 207 try { 208 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 209 UserPrincipal user = new UserPrincipal(username); 210 _management.setUserPassword(sessionID, user, password); 211 } 212 finally { 213 if (sessionID != null) 214 _authentication.logout(sessionID); 215 } 216 } 217 218 231 public void createPermissionForUser(String authenticationUsername, String authenticationPassword, String permissionName, String permissionParam, String username) throws PrincipalNotFoundException, PermissionAlreadyExistsException, MantaSecurityException, JMSSecurityException { 232 SessionID sessionID = null; 233 try { 234 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 235 MantaPermission p = PermissionFactory.getInstance().getPermission(permissionName, permissionParam); 236 UserPrincipal user = new UserPrincipal(username); 237 _management.createPermission(sessionID, p, user); 238 } 239 finally { 240 if (sessionID != null) 241 _authentication.logout(sessionID); 242 } 243 } 244 245 258 public void createPermissionForGroup(String authenticationUsername, String authenticationPassword, String permissionName, String permissionParam, String groupName) throws PrincipalNotFoundException, PermissionAlreadyExistsException, MantaSecurityException, JMSSecurityException { 259 SessionID sessionID = null; 260 try { 261 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 262 MantaPermission p = PermissionFactory.getInstance().getPermission(permissionName, permissionParam); 263 GroupPrincipal group = new GroupPrincipal(groupName); 264 _management.createPermission(sessionID, p, group); 265 } 266 finally { 267 if (sessionID != null) 268 _authentication.logout(sessionID); 269 } 270 } 271 272 283 public Collection getPermissionsForUser(String authenticationUsername, String authenticationPassword, String username) throws PrincipalNotFoundException, MantaSecurityException, JMSSecurityException { 284 SessionID sessionID = null; 285 try { 286 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 287 UserPrincipal user = new UserPrincipal(username); 288 return _management.getPermissionsForPrincipal(sessionID, user); 289 } 290 finally { 291 if (sessionID != null) 292 _authentication.logout(sessionID); 293 } 294 } 295 296 307 public Collection getPermissionsForGroup(String authenticationUsername, String authenticationPassword, String groupName) throws PrincipalNotFoundException, MantaSecurityException, JMSSecurityException { 308 SessionID sessionID = null; 309 try { 310 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 311 GroupPrincipal group = new GroupPrincipal(groupName); 312 return _management.getPermissionsForPrincipal(sessionID, group); 313 } 314 finally { 315 if (sessionID != null) 316 _authentication.logout(sessionID); 317 } 318 } 319 320 330 public void deleteUser(String authenticationUsername, String authenticationPassword, String username) throws PrincipalNotFoundException, MantaSecurityException, JMSSecurityException { 331 SessionID sessionID = null; 332 try { 333 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 334 UserPrincipal user = new UserPrincipal(username); 335 _management.deletePrincipal(sessionID, user); 336 } 337 catch (GroupNotEmptyException e){} 338 finally { 339 if (sessionID != null) 340 _authentication.logout(sessionID); 341 } 342 } 343 344 355 public void deleteGroup(String authenticationUsername, String authenticationPassword, String groupName) throws PrincipalNotFoundException, GroupNotEmptyException, MantaSecurityException, JMSSecurityException { 356 SessionID sessionID = null; 357 try { 358 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 359 GroupPrincipal group = new GroupPrincipal(groupName); 360 _management.deletePrincipal(sessionID, group); 361 } 362 finally { 363 if (sessionID != null) 364 _authentication.logout(sessionID); 365 } 366 } 367 368 380 public void deletePermissionForUser(String authenticationUsername, String authenticationPassword, String permissionName, String permissionParam, String username) throws PermissionNotFoundException, MantaSecurityException, JMSSecurityException { 381 SessionID sessionID = null; 382 try { 383 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 384 UserPrincipal user = new UserPrincipal(username); 385 MantaPermission p = PermissionFactory.getInstance().getPermission(permissionName, permissionParam); 386 _management.deletePermission(sessionID, p, user); 387 } 388 finally { 389 if (sessionID != null) 390 _authentication.logout(sessionID); 391 } 392 } 393 394 406 public void deletePermissionForGroup(String authenticationUsername, String authenticationPassword, String permissionName, String permissionParam, String groupName) throws PermissionNotFoundException, MantaSecurityException, JMSSecurityException { 407 SessionID sessionID = null; 408 try { 409 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 410 GroupPrincipal group = new GroupPrincipal(groupName); 411 MantaPermission p = PermissionFactory.getInstance().getPermission(permissionName, permissionParam); 412 _management.deletePermission(sessionID, p, group); 413 } 414 finally { 415 if (sessionID != null) 416 _authentication.logout(sessionID); 417 } 418 } 419 420 430 public void createWhiteListEntry(String authenticationUsername, String authenticationPassword, String whiteListEntry) throws WhiteListEntryAlreadyExistsException, MantaSecurityException, JMSSecurityException { 431 SessionID sessionID = null; 432 try { 433 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 434 _management.createWhiteListEntry(sessionID, whiteListEntry); 435 } 436 finally { 437 if (sessionID != null) 438 _authentication.logout(sessionID); 439 } 440 } 441 442 452 public void deleteWhiteListEntry(String authenticationUsername, String authenticationPassword, String whiteListEntry) throws WhiteListEntryNotFoundException, MantaSecurityException, JMSSecurityException { 453 SessionID sessionID = null; 454 try { 455 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 456 _management.deleteWhiteListEntry(sessionID, whiteListEntry); 457 } 458 finally { 459 if (sessionID != null) 460 _authentication.logout(sessionID); 461 } 462 } 463 464 473 public Collection getUsers(String authenticationUsername, String authenticationPassword) throws MantaSecurityException, JMSSecurityException { 474 SessionID sessionID = null; 475 try { 476 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 477 return _management.getUsers(sessionID); 478 } 479 finally { 480 if (sessionID != null) 481 _authentication.logout(sessionID); 482 } 483 } 484 485 494 public Collection getGroups(String authenticationUsername, String authenticationPassword) throws MantaSecurityException, JMSSecurityException { 495 SessionID sessionID = null; 496 try { 497 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 498 return _management.getGroups(sessionID); 499 } 500 finally { 501 if (sessionID != null) 502 _authentication.logout(sessionID); 503 } 504 } 505 506 515 public Collection getWhiteList(String authenticationUsername, String authenticationPassword) throws MantaSecurityException, JMSSecurityException { 516 SessionID sessionID = null; 517 try { 518 sessionID = _authentication.authenticate(authenticationUsername, authenticationPassword); 519 return _management.getWhiteList(sessionID); 520 } 521 finally { 522 if (sessionID != null) 523 _authentication.logout(sessionID); 524 } 525 } 526 527 528 534 public String getDescription(MBeanInfo mBeanInfo) { 535 return "Used to manage security authentication and authorization."; 536 } 537 538 539 547 public String getParameterName(MBeanOperationInfo mBeanOperationInfo, MBeanParameterInfo mBeanParameterInfo, int i) { 548 if (i==0) 549 return " Authentication username"; 550 else if (i==1) 551 return " Authentication password"; 552 553 else if (mBeanOperationInfo.getName().equals("deletePermissionForGroup")){ 554 if (i==2) 555 return " Permission name"; 556 else if (i==3) 557 return " Permission parameter"; 558 else if (i==4) 559 return " Group name"; 560 } 561 else if (mBeanOperationInfo.getName().equals("deletePermissionForUser")){ 562 if (i==2) 563 return " Permission name"; 564 else if (i==3) 565 return " Permission parameter"; 566 else if (i==4) 567 return " Username"; 568 } 569 else if (mBeanOperationInfo.getName().equals("getPermissionsForGroup")){ 570 if (i==2) 571 return " Group name"; 572 } 573 else if (mBeanOperationInfo.getName().equals("getPermissionsForUser")){ 574 if (i==2) 575 return " Username"; 576 } 577 else if (mBeanOperationInfo.getName().equals("createPermissionForGroup")){ 578 if (i==2) 579 return " Permission name"; 580 else if (i==3) 581 return " Permission parameter"; 582 else if (i==4) 583 return " Group name"; 584 } 585 else if (mBeanOperationInfo.getName().equals("createPermissionForUser")){ 586 if (i==2) 587 return " Permission name"; 588 else if (i==3) 589 return " Permission parameter"; 590 else if (i==4) 591 return " Username"; 592 } 593 else if (mBeanOperationInfo.getName().equals("renameGroupPrincipal")){ 594 if (i==2) 595 return " Old group name"; 596 else if (i==3) 597 return " New group name"; 598 } 599 else if (mBeanOperationInfo.getName().equals("renameUserPrincipal")){ 600 if (i==2) 601 return " Old username"; 602 else if (i==3) 603 return " New username"; 604 } 605 else if (mBeanOperationInfo.getName().equals("deleteGroup")){ 606 if (i==2) 607 return " Group name"; 608 } 609 else if (mBeanOperationInfo.getName().equals("deleteUser")){ 610 if (i==2) 611 return " Username"; 612 } 613 else if (mBeanOperationInfo.getName().equals("createGroupPrincipal")){ 614 if (i==2) 615 return " Group name"; 616 } 617 else if (mBeanOperationInfo.getName().equals("createUserPrincipal")){ 618 if (i==2) 619 return " UID for user"; 620 else if (i==3) 621 return " Group name for user"; 622 else if (i==4) 623 return " Password for new user"; 624 else if (i==5) 625 return " GID number for new user"; 626 else if (i==6) 627 return " UID number for new user"; 628 else if (i==7) 629 return " Surname for new user"; 630 else if (i==8) 631 return " Common name for new user"; 632 } 633 else if (mBeanOperationInfo.getName().equals("getWhiteList")){} 634 else if (mBeanOperationInfo.getName().equals("getGroups")){} 635 else if (mBeanOperationInfo.getName().equals("deleteWhiteListEntry")){} 636 else if (mBeanOperationInfo.getName().equals("createWhiteListEntry")){} 637 else if (mBeanOperationInfo.getName().equals("setUserPassword")){} 638 else if (mBeanOperationInfo.getName().equals("setUserGroup")){} 639 else if (mBeanOperationInfo.getName().equals("getUsers")){} 640 return ""; 641 } 642 643 648 public Log getLogger(){ 649 if (_logger == null){ 650 _logger = LogFactory.getLog(getClass().getName()); 651 } 652 return _logger; 653 } 654 } 655 | Popular Tags |