001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.geronimo.corba.security.config.tss; 018 019 import java.io.UnsupportedEncodingException; 020 021 import javax.security.auth.Subject; 022 import javax.security.auth.login.LoginContext; 023 import javax.security.auth.login.LoginException; 024 025 import org.omg.CORBA.ORB; 026 import org.omg.CSI.EstablishContext; 027 import org.omg.CSIIOP.AS_ContextSec; 028 import org.omg.CSIIOP.EstablishTrustInClient; 029 import org.omg.GSSUP.GSSUPMechOID; 030 import org.omg.GSSUP.InitialContextToken; 031 import org.omg.IOP.Codec; 032 033 import org.apache.geronimo.security.jaas.UsernamePasswordCallback; 034 import org.apache.geronimo.security.ContextManager; 035 036 import org.apache.geronimo.corba.security.SASException; 037 import org.apache.geronimo.corba.util.Util; 038 039 040 /** 041 * @version $Rev: 503493 $ $Date: 2007-02-04 13:47:55 -0800 (Sun, 04 Feb 2007) $ 042 */ 043 public class TSSGSSUPMechConfig extends TSSASMechConfig { 044 045 private String targetName; 046 private boolean required; 047 048 public TSSGSSUPMechConfig() { 049 } 050 051 public TSSGSSUPMechConfig(AS_ContextSec context) { 052 targetName = Util.decodeGSSExportName(context.target_name); 053 required = (context.target_requires == EstablishTrustInClient.value); 054 } 055 056 public String getTargetName() { 057 return targetName; 058 } 059 060 public void setTargetName(String targetName) { 061 this.targetName = targetName; 062 } 063 064 public boolean isRequired() { 065 return required; 066 } 067 068 public void setRequired(boolean required) { 069 this.required = required; 070 } 071 072 public short getSupports() { 073 return EstablishTrustInClient.value; 074 } 075 076 public short getRequires() { 077 return (required ? EstablishTrustInClient.value : 0); 078 } 079 080 public AS_ContextSec encodeIOR(ORB orb, Codec codec) throws Exception { 081 AS_ContextSec result = new AS_ContextSec(); 082 083 result.target_supports = EstablishTrustInClient.value; 084 result.target_requires = (required ? EstablishTrustInClient.value : 0); 085 result.client_authentication_mech = Util.encodeOID(GSSUPMechOID.value); 086 result.target_name = Util.encodeGSSExportName(GSSUPMechOID.value, targetName); 087 088 return result; 089 } 090 091 public Subject check(EstablishContext msg) throws SASException { 092 Subject result = null; 093 094 try { 095 if (msg.client_authentication_token != null && msg.client_authentication_token.length > 0) { 096 InitialContextToken token = new InitialContextToken(); 097 098 if (!Util.decodeGSSUPToken(Util.getCodec(), msg.client_authentication_token, token)) 099 throw new SASException(2); 100 101 if (token.target_name == null) return null; 102 103 String tokenTargetName = (token.target_name == null ? targetName : new String(token.target_name, "UTF8")); 104 105 if (!targetName.equals(tokenTargetName)) throw new SASException(2); 106 String userName = Util.extractUserNameFromScopedName(token.username); 107 108 LoginContext context = ContextManager.login(tokenTargetName, 109 new UsernamePasswordCallback(userName, 110 new String(token.password, "UTF8").toCharArray())); 111 result = context.getSubject(); 112 } 113 } catch (UnsupportedEncodingException e) { 114 throw new SASException(1, e); 115 } catch (LoginException e) { 116 throw new SASException(1, e); 117 } 118 119 120 return result; 121 } 122 123 public String toString() { 124 StringBuffer buf = new StringBuffer(); 125 toString("", buf); 126 return buf.toString(); 127 } 128 129 public void toString(String spaces, StringBuffer buf) { 130 String moreSpaces = spaces + " "; 131 buf.append(spaces).append("TSSGSSUPMechConfig: [\n"); 132 buf.append(moreSpaces).append("targetName: ").append(targetName).append("\n"); 133 buf.append(moreSpaces).append("required : ").append(required).append("\n"); 134 buf.append(spaces).append("]\n"); 135 } 136 137 }