WeblogicCarbonAuthenticationProvider


1   /*
2    * The contents of this file are subject to the Sapient Public License
3    * Version 1.0 (the "License"); you may not use this file except in compliance
4    * with the License. You may obtain a copy of the License at
5    * http://carbon.sf.net/License.html.
6    *
7    * Software distributed under the License is distributed on an "AS IS" basis,
8    * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
9    * the specific language governing rights and limitations under the License.
10   *
11   * The Original Code is The Carbon Component Framework.
12   *
13   * The Initial Developer of the Original Code is Sapient Corporation
14   *
15   * Copyright (C) 2003 Sapient Corporation. All Rights Reserved.
16   */
17  
18  package org.sape.carbon.services.security.auth.weblogic7;
19  
20  import java.util.HashMap  ;
21  import java.util.Map  ;
22  
23  import javax.security.auth.login.AppConfigurationEntry  ;
24  import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
25  
26  import org.sape.carbon.services.security.auth.jaas.JaasCarbonLoginModule;
27  
28  import weblogic.management.security.ProviderMBean;
29  import weblogic.security.provider.PrincipalValidatorImpl;
30  import weblogic.security.spi.AuthenticationProvider;
31  import weblogic.security.spi.IdentityAsserter;
32  import weblogic.security.spi.PrincipalValidator;
33  import weblogic.security.spi.SecurityServices;
34  
35  /**
36   * Authentication provider classed used to plug Weblogic 7.0 into Carbon's
37   * User Manager services.
38   * <p>
39   * A Weblogic mdf must be built against this class to generate the mbean
40   * that is placed into Weblogic's plugable mbean directory.  This will
41   * add the class to the list of Authentication Providers installable
42   * inside of Weblogic 7.
43   * </p>
44   * <p>
45   * After adding this provider, either the "system" user must be available
46   * through this service, or the original authenticator must remain with
47   * its control flag set to SUFFICIENT.
48   * </p>
49   *
50   * @author $Author: dvoet $ $Date: 2003/05/05 21:21:35 $
51   * @version $Revision: 1.5 $
52   *
53   * @since carbon 1.2
54   */
55  public class WeblogicCarbonAuthenticationProvider
56      implements AuthenticationProvider {
57  
58      /** Holds the principal validator for the module. */
59      protected PrincipalValidator principalValidator;
60  
61      /**
62       * How this provider's login module should be used during the JAAS
63       * login.  This is set through the mbean interface and will normally
64       * be set as SUFFICIENT to allow interaction with the internal
65       * LDAP authentication system.
66       */
67      protected LoginModuleControlFlag controlFlag;
68  
69      /** Description of this Provider. */
70      protected String   description;
71  
72      /**
73       * Holds the location of the usermanager service.  This is set on
74       * ititialization by the userManagerLocation property on the mbean.
75       */
76      protected String   userManagerLocation;
77  
78  
79      /**
80       * Retreives the configuration information for the login module.
81       * <p>
82       * This sets the option for
83       * <code>JaasCarbonLoginModule.USERMANAGER_COMPONENT_KEY</code>
84       * to the correct location of the UserManager.
85       * </p>
86       *
87       * @return the configuration
88       */
89      public AppConfigurationEntry   getLoginModuleConfiguration() {
90          Map   options = new HashMap  ();
91  
92          options.put(
93              JaasCarbonLoginModule.USERMANAGER_COMPONENT_KEY,
94              userManagerLocation);
95  
96          return new AppConfigurationEntry  (
97              WeblogicJaasCarbonLoginModule.class.getName(), controlFlag,
98              options);
99      }
100 
101     /**
102      * Identity assertion is not supported by this provider.
103      *
104      * @return null
105      */
106     public AppConfigurationEntry   getAssertionModuleConfiguration() {
107         // TODO - Log a bug against this or implement it
108         Map   options = new HashMap  ();
109 
110         return null;
111     }
112 
113     /**
114      * Returns the default principal validator.
115      *
116      * @return the default principal validator
117      */
118     public PrincipalValidator getPrincipalValidator() {
119         return this.principalValidator;
120     }
121 
122     /**
123      * Identity assertion is not supported by this provider.
124      *
125      * @return null
126      */
127     public IdentityAsserter getIdentityAsserter() {
128         return null;
129     }
130 
131     /**
132      * Initalizes the module.
133      *
134      * <p>
135      * Retreives the <code>WeblogicCarbonAuthenticatorMBean</code>
136      * and uses it to configure the object.
137      * </p>
138      *
139      * @param providerMBean the MBean specific to the security provider
140      *        that is used during initialization.
141      * @param securityServices an object from which a security provider
142      *        can get the <code>AuditorService</code>, which limits
143      *        the security provider to using the <code>Auditor</code>
144      *        object's <code>writeEvent</code> method.
145      */
146     public void initialize(
147         ProviderMBean providerMBean, SecurityServices securityServices) {
148         this.principalValidator = new PrincipalValidatorImpl();
149 
150         // Cast the mbean from a generic ProviderMBean to a
151         // WeblogicCarbonAuthenticatorMBean.
152         WeblogicCarbonAuthenticatorMBean weblogicCarbonAuthenticatorMBean =
153             (WeblogicCarbonAuthenticatorMBean) providerMBean;
154 
155         // Set the description to the sample authenticator's mbean's
156         // description and version
157         description =
158             weblogicCarbonAuthenticatorMBean.getDescription() + "\n"
159             + weblogicCarbonAuthenticatorMBean.getVersion();
160 
161         // Extract the JAAS control flag from the authenticator's mbean.
162         // This flag controls how the authenticator's login module is used
163         // by the JAAS login, both for authentication and for identity
164         // assertion.
165         String   flag = weblogicCarbonAuthenticatorMBean.getControlFlag();
166 
167         if (flag.equalsIgnoreCase("REQUIRED")) {
168             controlFlag = LoginModuleControlFlag.REQUIRED;
169         } else if (flag.equalsIgnoreCase("OPTIONAL")) {
170             controlFlag = LoginModuleControlFlag.OPTIONAL;
171         } else if (flag.equalsIgnoreCase("REQUISITE")) {
172             controlFlag = LoginModuleControlFlag.REQUISITE;
173         } else if (flag.equalsIgnoreCase("SUFFICIENT")) {
174             controlFlag = LoginModuleControlFlag.SUFFICIENT;
175         } else {
176             throw new IllegalArgumentException  (
177                 "invalid flag value" + flag);
178         }
179 
180         userManagerLocation =
181             weblogicCarbonAuthenticatorMBean.getUserManagerLocation();
182     }
183 
184     /**
185      * Gets the description of the object.
186      *
187      * @return description of the object
188      */
189     public String   getDescription() {
190         return description;
191     }
192 
193     /**
194      * Empty implementation.
195      */
196     public void shutdown() {
197     }
198 }
199
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags