KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > easybeans > security > propagation > jonas > JOnASSecurityContext


1 /**
2  * EasyBeans
3  * Copyright (C) 2006 Bull S.A.S.
4  * Contact: easybeans@objectweb.org
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19  * USA
20  *
21  * --------------------------------------------------------------------------
22  * $Id: JOnASSecurityContext.java 1121 2006-09-27 08:51:06Z benoitf $
23  * --------------------------------------------------------------------------
24  */
25
26 package org.objectweb.easybeans.security.propagation.jonas;
27
28 import java.lang.reflect.InvocationTargetException JavaDoc;
29 import java.lang.reflect.Method JavaDoc;
30 import java.security.Principal JavaDoc;
31 import java.security.acl.Group JavaDoc;
32
33 import javax.security.auth.Subject JavaDoc;
34
35 import org.objectweb.easybeans.security.api.EZBSecurityContext;
36 import org.objectweb.easybeans.security.struct.JPrincipal;
37
38 /**
39  * Wrapper class for the JOnAS security.<br>
40  * It will propagate and read JOnAS security context.
41  * @author Florent Benoit
42  */
43 public class JOnASSecurityContext implements EZBSecurityContext {
44
45     /**
46      * Wrapped security context of JOnAS.
47      */
48     private Object JavaDoc jonasSecurityContext = null;
49
50     /**
51      * Builds a security context around JOnAS security context.
52      * @param jonasSecurityContext the JOnAS context
53      */
54     public JOnASSecurityContext(final Object JavaDoc jonasSecurityContext) {
55         this.jonasSecurityContext = jonasSecurityContext;
56     }
57
58     /**
59      * Gets the caller's principal.
60      * @param runAsBean if true, the bean is a run-as bean.
61      * @return principal of the caller.
62      */
63     public Principal JavaDoc getCallerPrincipal(final boolean runAsBean) {
64         Method JavaDoc m = null;
65         try {
66             m = jonasSecurityContext.getClass().getMethod("getCallerPrincipal", new Class JavaDoc[] {boolean.class});
67         } catch (SecurityException JavaDoc e) {
68             throw new IllegalStateException JavaDoc("Cannot get the method getCallerPrincipal on the JOnAS security context", e);
69         } catch (NoSuchMethodException JavaDoc e) {
70             throw new IllegalStateException JavaDoc("Cannot get the method getCallerPrincipal on the JOnAS security context", e);
71         }
72
73         try {
74             return (Principal JavaDoc) m.invoke(jonasSecurityContext, Boolean.valueOf(runAsBean));
75         } catch (IllegalArgumentException JavaDoc e) {
76             throw new IllegalStateException JavaDoc("Cannot call getCallerPrincipal method on the JOnAS security context", e);
77         } catch (IllegalAccessException JavaDoc e) {
78             throw new IllegalStateException JavaDoc("Cannot call getCallerPrincipal method on the JOnAS security context", e);
79         } catch (InvocationTargetException JavaDoc e) {
80             throw new IllegalStateException JavaDoc("Cannot call getCallerPrincipal method on the JOnAS security context", e);
81         }
82     }
83
84     /**
85      * Gets the caller's roles.
86      * @param runAsBean if true, the bean is a run-as bean.
87      * @return array of roles of the caller.
88      */
89     public Principal JavaDoc[] getCallerRoles(final boolean runAsBean) {
90         Method JavaDoc m = null;
91         try {
92             m = jonasSecurityContext.getClass().getMethod("getCallerPrincipalRoles", new Class JavaDoc[] {boolean.class});
93         } catch (SecurityException JavaDoc e) {
94             throw new IllegalStateException JavaDoc("Cannot get the method getCallerPrincipalRoles on the JOnAS security context", e);
95         } catch (NoSuchMethodException JavaDoc e) {
96             throw new IllegalStateException JavaDoc("Cannot get the method getCallerPrincipalRoles on the JOnAS security context", e);
97         }
98
99         String JavaDoc[] roles = null;
100         try {
101             roles = (String JavaDoc[]) m.invoke(jonasSecurityContext, Boolean.valueOf(runAsBean));
102         } catch (IllegalArgumentException JavaDoc e) {
103             throw new IllegalStateException JavaDoc("Cannot call getCallerPrincipalRoles method on the JOnAS security context", e);
104         } catch (IllegalAccessException JavaDoc e) {
105             throw new IllegalStateException JavaDoc("Cannot call getCallerPrincipalRoles method on the JOnAS security context", e);
106         } catch (InvocationTargetException JavaDoc e) {
107             throw new IllegalStateException JavaDoc("Cannot call getCallerPrincipalRoles method on the JOnAS security context", e);
108         }
109
110         if (roles == null) {
111             throw new IllegalStateException JavaDoc("No roles found on the JOnAS security context");
112         }
113
114         Principal JavaDoc[] principals = new Principal JavaDoc[roles.length];
115         int i = 0;
116         for (String JavaDoc role : roles) {
117             principals[i++] = new JPrincipal(role);
118         }
119         return principals;
120     }
121
122     /**
123      * Enters in run-as mode with the given subject.<br>
124      * The previous subject is stored and will be restored when run-as mode will
125      * be ended.
126      * @param runAsSubject the subject to used in run-as mode.
127      * @return the previous subject.
128      */
129     public Subject JavaDoc enterRunAs(final Subject JavaDoc runAsSubject) {
130
131         Method JavaDoc m = null;
132         try {
133             m = jonasSecurityContext.getClass().getMethod("pushRunAs", new Class JavaDoc[] {String JavaDoc.class, String JavaDoc.class, String JavaDoc[].class});
134         } catch (SecurityException JavaDoc e) {
135             throw new IllegalStateException JavaDoc("Cannot get the method pushRunAs on the JOnAS security context", e);
136         } catch (NoSuchMethodException JavaDoc e) {
137             throw new IllegalStateException JavaDoc("Cannot get the method pushRunAs on the JOnAS security context", e);
138         }
139
140         // Get principal name from subject
141 String JavaDoc principalName = null;
142         for (Principal JavaDoc principal : runAsSubject.getPrincipals(Principal JavaDoc.class)) {
143             if (!(principal instanceof Group JavaDoc)) {
144                 principalName = principal.getName();
145                 break;
146             }
147         }
148
149         // Get role from subject
150 String JavaDoc role = null;
151         for (Principal JavaDoc principal : runAsSubject.getPrincipals(Principal JavaDoc.class)) {
152             if (principal instanceof Group JavaDoc) {
153                 role = ((Group JavaDoc) principal).members().nextElement().getName();
154             }
155         }
156
157         try {
158             m.invoke(jonasSecurityContext, role, principalName, new String JavaDoc[] {role});
159         } catch (IllegalArgumentException JavaDoc e) {
160             throw new IllegalStateException JavaDoc("Cannot call pushRunAs method on the JOnAS security context", e);
161         } catch (IllegalAccessException JavaDoc e) {
162             throw new IllegalStateException JavaDoc("Cannot call pushRunAs method on the JOnAS security context", e);
163         } catch (InvocationTargetException JavaDoc e) {
164             throw new IllegalStateException JavaDoc("Cannot call pushRunAs method on the JOnAS security context", e);
165         }
166
167         // Not used with JOnAS security context
168 return null;
169
170     }
171
172     /**
173      * Ends the run-as mode and then restore the context stored by container.
174      * @param oldSubject subject kept by container and restored.
175      */
176     public void endsRunAs(final Subject JavaDoc oldSubject) {
177         Method JavaDoc m = null;
178         try {
179             m = jonasSecurityContext.getClass().getMethod("popRunAs");
180         } catch (SecurityException JavaDoc e) {
181             throw new IllegalStateException JavaDoc("Cannot get the method popRunAs on the JOnAS security context", e);
182         } catch (NoSuchMethodException JavaDoc e) {
183             throw new IllegalStateException JavaDoc("Cannot get the method popRunAs on the JOnAS security context", e);
184         }
185
186         try {
187             m.invoke(jonasSecurityContext);
188         } catch (IllegalArgumentException JavaDoc e) {
189             throw new IllegalStateException JavaDoc("Cannot call popRunAs method on the JOnAS security context", e);
190         } catch (IllegalAccessException JavaDoc e) {
191             throw new IllegalStateException JavaDoc("Cannot call popRunAs method on the JOnAS security context", e);
192         } catch (InvocationTargetException JavaDoc e) {
193             throw new IllegalStateException JavaDoc("Cannot call popRunAs method on the JOnAS security context", e);
194         }
195     }
196
197
198
199 }
200
Popular Tags