KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > jonas > security > iiop > SecurityContextHelper


1 /**
2  * JOnAS: Java(TM) Open Application Server
3  * Copyright (C) 2004 Bull S.A.
4  * Contact: jonas-team@objectweb.org
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19  * USA
20  *
21  * --------------------------------------------------------------------------
22  * $Id: SecurityContextHelper.java,v 1.3 2005/01/07 13:28:28 joaninh Exp $
23  * --------------------------------------------------------------------------
24  */
25 package org.objectweb.jonas.security.iiop;
26
27 import java.io.UnsupportedEncodingException JavaDoc;
28
29 import org.omg.GSSUP.InitialContextToken;
30
31 import org.objectweb.carol.util.csiv2.gss.GSSHelper;
32
33 import org.objectweb.jonas.common.Log;
34 import org.objectweb.jonas.security.AbsSecurityContextHelper;
35
36 import org.objectweb.security.context.SecurityContext;
37 import org.objectweb.security.context.SecurityCurrent;
38
39 import org.objectweb.util.monolog.api.Logger;
40
41
42 /**
43  * This class is used by Csiv2 server interceptor and by the JOnAS EJB provider Web Service.
44  * It allows to authenticate users.
45  * @author Florent Benoit : Initial developper
46  * @author Helene Joanin : Refactoring
47  */
48 public class SecurityContextHelper extends AbsSecurityContextHelper {
49
50     /**
51      * The singleton instance
52      */
53     private static SecurityContextHelper instance = null;
54
55     /**
56      * Csiv2 Realm key
57      */
58     private static final String JavaDoc CSIV2_REALM_KEY = "jonas.service.security.csiv2.realm";
59
60     /**
61      * Default Interop resource name
62      */
63     private static final String JavaDoc DEFAULT_CSIV2_REALM = "memrlm_1";
64
65
66     /**
67      * Domain separator
68      */
69     private static final String JavaDoc DOMAIN_SEPARATOR = "@";
70
71     /**
72      * Default domain name
73      */
74     private static final String JavaDoc DEFAULT_DOMAIN_NAME = "default";
75
76     /**
77      * Encoding
78      */
79     private static final String JavaDoc ENCODING = "UTF-8";
80
81     /**
82      * Logger
83      */
84     private static Logger logger = Log.getLogger(Log.JONAS_CSIV2_SECURITY_PREFIX);
85
86     /**
87      * Private constructor because of singleton
88      */
89     private SecurityContextHelper() {
90     }
91     
92     /**
93      * @return return the singleton instance
94      */
95     public static SecurityContextHelper getInstance() {
96         if (instance == null) {
97             instance = new SecurityContextHelper();
98         }
99         return instance;
100     }
101     
102     /**
103      * @return the associated logger
104      */
105     protected Logger getLogger() {
106         return logger;
107     }
108     
109     /**
110      * @return return the CSIV2 Realm key
111      */
112     protected String JavaDoc getRealmKey() {
113         return CSIV2_REALM_KEY;
114     }
115     
116     /**
117      * @return return the CSIV2 default Realm
118      */
119     protected String JavaDoc getRealmDefault() {
120         return DEFAULT_CSIV2_REALM;
121     }
122
123     /**
124      * Authenticate with csiv2 authentication token
125      * @param userName user for login
126      * @param password of the user
127      */
128     protected void loginAuthenticationToken(String JavaDoc userName, String JavaDoc password) {
129         // need to remove domain of userName which is GSS NT_USERNAME
130 String JavaDoc principalName = userName.split(DOMAIN_SEPARATOR)[0];
131         String JavaDoc credential = password;
132         login(principalName, credential);
133     }
134
135     /**
136      * Authenticate with csiv2 identity token (no password)
137      * @param principalName the username
138      */
139     protected void loginIdentiyToken(String JavaDoc principalName) {
140         String JavaDoc credential = principalName;
141         login(principalName, credential);
142     }
143
144     /**
145      * @return the identity of the authenticated user.
146      * In run-as, it returns run-as identity.
147      */
148     public String JavaDoc getIdentityToken() {
149         SecurityCurrent current = SecurityCurrent.getCurrent();
150         SecurityContext securityContext = current.getSecurityContext();
151
152         if (securityContext.peekRunAsPrincipal() != null) {
153             return securityContext.peekRunAsPrincipal();
154         } else {
155             return securityContext.getCallerPrincipal(false).getName();
156         }
157    }
158
159     /**
160      * @return the identity of the authenticated user.
161      * In run-as, it returns run-as identity.
162      * @throws UnsupportedEncodingException if UTF-8 encoding is not supported
163      */
164     public InitialContextToken getInitialContextToken() throws UnsupportedEncodingException JavaDoc {
165         SecurityCurrent current = SecurityCurrent.getCurrent();
166         SecurityContext securityContext = current.getSecurityContext();
167         String JavaDoc principalName = securityContext.getPrincipalName();
168         String JavaDoc userName = principalName + DOMAIN_SEPARATOR + DEFAULT_DOMAIN_NAME;
169         String JavaDoc password = principalName;
170         byte[] user = userName.getBytes(ENCODING);
171         byte[] pass = password.getBytes(ENCODING);
172         byte[] domain = GSSHelper.encodeExported(DEFAULT_DOMAIN_NAME);
173         return new InitialContextToken(user, pass, domain);
174
175    }
176
177
178 }
179
Popular Tags