Home » geronimo-2.2-source-release » org.apache.geronimo.security.credentialstore » [javadoc | source]

    1   /*
    2    * Licensed to the Apache Software Foundation (ASF) under one
    3    * or more contributor license agreements.  See the NOTICE file
    4    * distributed with this work for additional information
    5    * regarding copyright ownership.  The ASF licenses this file
    6    * to you under the Apache License, Version 2.0 (the
    7    * "License"); you may not use this file except in compliance
    8    * with the License.  You may obtain a copy of the License at
    9    *
   10    *  http://www.apache.org/licenses/LICENSE-2.0
   11    *
   12    * Unless required by applicable law or agreed to in writing,
   13    * software distributed under the License is distributed on an
   14    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   15    * KIND, either express or implied.  See the License for the
   16    * specific language governing permissions and limitations
   17    * under the License.
   18    */
   19   
   20   
   21   package org.apache.geronimo.security.credentialstore;
   22   
   23   import java.util.HashMap;
   24   import java.util.Map;
   25   import java.util.Collection;
   26   import java.lang.reflect.Constructor;
   27   
   28   import javax.security.auth.Subject;
   29   import javax.security.auth.callback.Callback;
   30   import javax.security.auth.callback.CallbackHandler;
   31   import javax.security.auth.callback.UnsupportedCallbackException;
   32   import javax.security.auth.login.LoginContext;
   33   import javax.security.auth.login.LoginException;
   34   import javax.security.auth.login.Configuration;
   35   
   36   import org.apache.geronimo.gbean.GBeanInfo;
   37   import org.apache.geronimo.gbean.GBeanInfoBuilder;
   38   import org.apache.geronimo.gbean.annotation.GBean;
   39   import org.apache.geronimo.gbean.annotation.ParamAttribute;
   40   import org.apache.geronimo.gbean.annotation.ParamReference;
   41   import org.apache.geronimo.gbean.annotation.ParamSpecial;
   42   import org.apache.geronimo.gbean.annotation.SpecialAttributeType;
   43   import org.apache.geronimo.security.ContextManager;
   44   import org.apache.geronimo.security.SecurityNames;
   45   import org.apache.geronimo.security.jaas.ConfigurationEntryFactory;
   46   import org.apache.geronimo.security.jaas.GeronimoLoginConfiguration;
   47   
   48   /**
   49    * @version $Rev: 723240 $ $Date: 2008-12-04 00:19:31 -0800 (Thu, 04 Dec 2008) $
   50    */
   51   @GBean
   52   public class SimpleCredentialStoreImpl implements CredentialStore {
   53   
   54       private final Map<String, Map<String, Map<String, SingleCallbackHandler>>> credentialStore = new HashMap<String, Map<String, Map<String, SingleCallbackHandler>>>();
   55       private final Configuration configuration;
   56   
   57       public SimpleCredentialStoreImpl(@ParamAttribute(name="credentialStore")Map<String, Map<String, Map<String, String>>> credentials,
   58                                        @ParamReference(name="Realms", namingType = SecurityNames.SECURITY_REALM)Collection<ConfigurationEntryFactory> realms,
   59                                        @ParamSpecial(type = SpecialAttributeType.classLoader)ClassLoader cl) {
   60           if (realms != null) {
   61               configuration = new GeronimoLoginConfiguration(realms, true);
   62           } else {
   63               configuration = null;
   64           }
   65           if (credentials != null) {
   66               for (Map.Entry<String, Map<String, Map<String, String>>> realmData: credentials.entrySet()) {
   67                   String realmName = realmData.getKey();
   68                   Map<String, Map<String, SingleCallbackHandler>> realm = getRealm(realmName);
   69                   for  (Map.Entry<String, Map<String, String>> subjectData: realmData.getValue().entrySet()) {
   70                       String subjectId = subjectData.getKey();
   71                       Map<String, SingleCallbackHandler> subject = getSubject(realm, subjectId);
   72                       for (Map.Entry<String, String> credentialData: subjectData.getValue().entrySet()) {
   73                           String handlerType = credentialData.getKey();
   74                           String value = credentialData.getValue();
   75                           try {
   76                               Class<? extends SingleCallbackHandler> clazz = (Class<? extends SingleCallbackHandler>) cl.loadClass(handlerType);
   77                               Constructor<? extends SingleCallbackHandler> c = clazz.getConstructor(String.class);
   78                               SingleCallbackHandler handler = c.newInstance(value);
   79                               String callbackType = handler.getCallbackType();
   80                               subject.put(callbackType, handler);
   81                           } catch (Exception e) {
   82                               throw new IllegalArgumentException("Could not construct SingleCallbackHandler of type: " + handlerType + " and value: " + value + " for subjectId: " + subjectId + " and realm: " + realmName, e);
   83                           }
   84                       }
   85                   }
   86   
   87               }
   88           }
   89       }
   90   
   91       public Subject getSubject(String realm, String id) throws LoginException {
   92           Map<String, Map<String, SingleCallbackHandler>> idMap = credentialStore.get(realm);
   93           if (idMap == null) {
   94               throw new LoginException("Unknown realm: " + realm);
   95           }
   96           final Map<String, SingleCallbackHandler> callbackInfos = idMap.get(id);
   97           if (callbackInfos == null) {
   98               throw new LoginException("Unknown id: " + id + " in realm: " + realm);
   99           }
  100           LoginContext loginContext = ContextManager.login(realm, new CallbackHandler() {
  101   
  102               public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
  103                   for (Callback callback: callbacks) {
  104                       if (!callbackInfos.containsKey(callback.getClass().getName())) {
  105                           throw new UnsupportedCallbackException(callback);
  106                       }
  107                       SingleCallbackHandler singleCallbackHandler = callbackInfos.get(callback.getClass().getName());
  108                       singleCallbackHandler.handle(callback);
  109                   }
  110               }
  111           },
  112                   configuration);
  113           return loginContext.getSubject();
  114       }
  115   
  116       public void addEntry(String realm, String id, Map<String, SingleCallbackHandler> callbackInfos) {
  117           Map<String, Map<String, SingleCallbackHandler>> idMap = getRealm(realm);
  118           idMap.put(id, callbackInfos);
  119       }
  120   
  121       private Map<String, Map<String, SingleCallbackHandler>> getRealm(String realm) {
  122           Map<String, Map<String, SingleCallbackHandler>> idMap = credentialStore.get(realm);
  123           if (idMap == null) {
  124               idMap = new HashMap<String, Map<String, SingleCallbackHandler>>();
  125               credentialStore.put(realm, idMap);
  126           }
  127           return idMap;
  128       }
  129   
  130       private Map<String, SingleCallbackHandler> getSubject(Map<String, Map<String, SingleCallbackHandler>> realm, String subjectId) {
  131           Map<String, SingleCallbackHandler> subject = realm.get(subjectId);
  132           if (subject == null) {
  133               subject = new HashMap<String, SingleCallbackHandler>();
  134               realm.put(subjectId, subject);
  135           }
  136           return subject;
  137       }
  138   
  139   }

Home » geronimo-2.2-source-release » org.apache.geronimo.security.credentialstore » [javadoc | source]