/* * JBoss, Home of Professional Open Source * Copyright 2007, JBoss Inc., and individual contributors as indicated * by the @authors tag. See the copyright.txt in the distribution for a * full listing of individual contributors. * * This is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this software; if not, write to the Free * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ package org.jboss.security.client; import java.security.AccessController; import java.security.Principal; import java.security.PrivilegedAction; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; import org.jboss.security.SecurityContext; import org.jboss.security.SecurityContextAssociation; import org.jboss.security.SecurityContextFactory; import org.jboss.security.SimplePrincipal; /** * Implementation of the SecurityClient contract
* * Usage: * 
 *  SecurityClient sc = SecurityClientFactory.getSecurityClient(JBossSecurityClient.class)
 *  sc.setUserName(somestring);
 *  etc...
 *  sc.login();
 *
* @author Anil.Saldhana@redhat.com * @since May 1, 2007 * @version $Revision$ */ public class JBossSecurityClient extends SecurityClient { protected LoginContext lc = null; private SecurityContext previousSecurityContext = null; @Override protected void peformSASLLogin() { throw new UnsupportedOperationException(); } @Override protected void performJAASLogin() throws LoginException { lc = new LoginContext(this.loginConfigName, this.callbackHandler); lc.login(); } @Override protected void performSimpleLogin() { Principal up = null; if(userPrincipal instanceof String) up = new SimplePrincipal((String)userPrincipal); else up = (Principal) userPrincipal; SecurityManager sm = System.getSecurityManager(); if (sm != null) { previousSecurityContext = RuntimeActions.PRIVILEGED.getSecurityContext(); } else { previousSecurityContext = RuntimeActions.NON_PRIVILEGED.getSecurityContext(); } SecurityContext sc = null; try { if (sm != null) { sc = RuntimeActions.PRIVILEGED.createClientSecurityContext(); } else { sc = RuntimeActions.NON_PRIVILEGED.createClientSecurityContext(); } } catch (Exception e) { throw new RuntimeException(e); } if (sm != null) { RuntimeActions.PRIVILEGED.createSubjectInfo(sc, up, credential, null); RuntimeActions.PRIVILEGED.setSecurityContext(sc); } else { RuntimeActions.NON_PRIVILEGED.createSubjectInfo(sc, up, credential, null); RuntimeActions.NON_PRIVILEGED.setSecurityContext(sc); } } @Override protected void cleanUp() { SecurityManager sm = System.getSecurityManager(); if (sm != null) { RuntimeActions.PRIVILEGED.setSecurityContext(previousSecurityContext); } else { RuntimeActions.NON_PRIVILEGED.setSecurityContext(previousSecurityContext); } if(lc != null) try { lc.logout(); } catch (LoginException e) { throw new RuntimeException(e); } } interface RuntimeActions { SecurityContext getSecurityContext(); SecurityContext createClientSecurityContext() throws Exception; void setSecurityContext(SecurityContext securityContext); void createSubjectInfo(SecurityContext securityContext, Principal principal, Object credential, Subject subject); RuntimeActions NON_PRIVILEGED = new RuntimeActions() { @Override public SecurityContext getSecurityContext() { return SecurityContextAssociation.getSecurityContext(); } @Override public SecurityContext createClientSecurityContext() throws Exception { return SecurityContextFactory.createSecurityContext("CLIENT"); } @Override public void setSecurityContext(SecurityContext securityContext) { SecurityContextAssociation.setSecurityContext(securityContext); } @Override public void createSubjectInfo(SecurityContext securityContext, Principal principal, Object credential, Subject subject) { securityContext.getUtil().createSubjectInfo(principal, credential, subject); } }; RuntimeActions PRIVILEGED = new RuntimeActions() { @Override public SecurityContext getSecurityContext() { return AccessController.doPrivileged(new PrivilegedAction() { @Override public SecurityContext run() { return NON_PRIVILEGED.getSecurityContext(); } }); } @Override public SecurityContext createClientSecurityContext() throws Exception { try { return AccessController.doPrivileged(new PrivilegedExceptionAction() { @Override public SecurityContext run() throws Exception { return NON_PRIVILEGED.createClientSecurityContext(); } }); } catch (PrivilegedActionException pae) { throw pae.getException(); } } @Override public void setSecurityContext(final SecurityContext securityContext) { AccessController.doPrivileged(new PrivilegedAction() { @Override public Void run() { NON_PRIVILEGED.setSecurityContext(securityContext); return null; } }); } @Override public void createSubjectInfo(final SecurityContext securityContext, final Principal principal, final Object credential, final Subject subject) { AccessController.doPrivileged(new PrivilegedAction() { @Override public Void run() { NON_PRIVILEGED.createSubjectInfo(securityContext, principal, credential, subject); return null; } }); } }; } }