001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.geronimo.corba.security.config.tss; 018 019 import javax.security.auth.Subject; 020 import javax.security.auth.x500.X500Principal; 021 022 import org.omg.CORBA.Any; 023 import org.omg.CSI.ITTDistinguishedName; 024 import org.omg.CSI.IdentityToken; 025 import org.omg.CSI.X501DistinguishedNameHelper; 026 import org.omg.IOP.CodecPackage.FormatMismatch; 027 import org.omg.IOP.CodecPackage.TypeMismatch; 028 029 import org.apache.geronimo.security.DomainPrincipal; 030 import org.apache.geronimo.security.PrimaryDomainPrincipal; 031 import org.apache.geronimo.security.PrimaryRealmPrincipal; 032 import org.apache.geronimo.security.RealmPrincipal; 033 034 import org.apache.geronimo.corba.security.SASException; 035 import org.apache.geronimo.corba.util.Util; 036 037 038 /** 039 * @version $Rev: 503274 $ $Date: 2007-02-03 10:19:18 -0800 (Sat, 03 Feb 2007) $ 040 */ 041 public class TSSITTDistinguishedName extends TSSSASIdentityToken { 042 043 public static final String OID = ""; 044 private final String realmName; 045 private final String domainName; 046 047 public TSSITTDistinguishedName(String realmName, String domainName) { 048 this.realmName = realmName; 049 this.domainName = domainName; 050 } 051 052 public short getType() { 053 return ITTDistinguishedName.value; 054 } 055 056 public String getOID() { 057 return OID; 058 } 059 060 public Subject check(IdentityToken identityToken) throws SASException { 061 byte[] distinguishedNameToken = identityToken.dn(); 062 Any any = null; 063 try { 064 any = Util.getCodec().decode_value(distinguishedNameToken, X501DistinguishedNameHelper.type()); 065 } catch (FormatMismatch formatMismatch) { 066 throw new SASException(1, formatMismatch); 067 } catch (TypeMismatch typeMismatch) { 068 throw new SASException(1, typeMismatch); 069 } 070 071 byte[] principalNameBytes = X501DistinguishedNameHelper.extract(any); 072 Subject subject = new Subject(); 073 X500Principal x500Principal = new X500Principal(principalNameBytes); 074 subject.getPrincipals().add(x500Principal); 075 076 if (realmName != null && domainName != null) { 077 subject.getPrincipals().add(new RealmPrincipal(realmName, domainName, x500Principal)); 078 subject.getPrincipals().add(new PrimaryRealmPrincipal(realmName, domainName, x500Principal)); 079 } 080 if (domainName != null) { 081 subject.getPrincipals().add(new DomainPrincipal(domainName, x500Principal)); 082 subject.getPrincipals().add(new PrimaryDomainPrincipal(domainName, x500Principal)); 083 } 084 085 return subject; 086 } 087 088 public void toString(String spaces, StringBuffer buf) { 089 String moreSpaces = spaces + " "; 090 buf.append(spaces).append("TSSITTDistinguishedName: [\n"); 091 buf.append(moreSpaces).append("domain: ").append(domainName).append("\n"); 092 buf.append(moreSpaces).append("realm: ").append(realmName).append("\n"); 093 buf.append(spaces).append("]\n"); 094 } 095 096 }