001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.geronimo.corba.security.config.tss; 018 019 import java.lang.reflect.Constructor; 020 import java.lang.reflect.InvocationTargetException; 021 import java.security.Principal; 022 import javax.security.auth.Subject; 023 024 import org.apache.geronimo.security.DomainPrincipal; 025 import org.apache.geronimo.security.PrimaryDomainPrincipal; 026 import org.apache.geronimo.security.PrimaryRealmPrincipal; 027 import org.apache.geronimo.security.RealmPrincipal; 028 import org.omg.CORBA.Any; 029 import org.omg.CSI.GSS_NT_ExportedNameHelper; 030 import org.omg.CSI.ITTPrincipalName; 031 import org.omg.CSI.IdentityToken; 032 import org.omg.GSSUP.GSSUPMechOID; 033 import org.omg.IOP.CodecPackage.FormatMismatch; 034 import org.omg.IOP.CodecPackage.TypeMismatch; 035 import org.apache.geronimo.corba.security.SASException; 036 import org.apache.geronimo.corba.util.Util; 037 038 039 /** 040 * @version $Rev: 503493 $ $Date: 2007-02-04 13:47:55 -0800 (Sun, 04 Feb 2007) $ 041 */ 042 public class TSSITTPrincipalNameGSSUP extends TSSSASIdentityToken { 043 044 public static final String OID = GSSUPMechOID.value.substring(4); 045 private final Class principalClass; 046 private transient Constructor constructor; 047 private final String realmName; 048 private final String domainName; 049 050 public TSSITTPrincipalNameGSSUP(Class principalClass, String realmName, String domainName) throws NoSuchMethodException { 051 this.principalClass = principalClass; 052 this.realmName = realmName; 053 this.domainName = domainName; 054 getConstructor(); 055 } 056 057 private void getConstructor() throws NoSuchMethodException { 058 if (constructor == null && principalClass != null) { 059 constructor = principalClass.getConstructor(new Class[]{String.class}); 060 } 061 } 062 063 public short getType() { 064 return ITTPrincipalName.value; 065 } 066 067 public String getOID() { 068 return OID; 069 } 070 071 public Subject check(IdentityToken identityToken) throws SASException { 072 assert principalClass != null; 073 byte[] principalNameToken = identityToken.principal_name(); 074 Any any = null; 075 try { 076 any = Util.getCodec().decode_value(principalNameToken, GSS_NT_ExportedNameHelper.type()); 077 } catch (FormatMismatch formatMismatch) { 078 throw new SASException(1, formatMismatch); 079 } catch (TypeMismatch typeMismatch) { 080 throw new SASException(1, typeMismatch); 081 } 082 byte[] principalNameBytes = GSS_NT_ExportedNameHelper.extract(any); 083 String principalName = Util.decodeGSSExportName(principalNameBytes); 084 principalName = Util.extractUserNameFromScopedName(principalName); 085 Principal basePrincipal = null; 086 try { 087 getConstructor(); 088 basePrincipal = (Principal) constructor.newInstance(new Object[]{principalName}); 089 } catch (InstantiationException e) { 090 throw new SASException(1, e); 091 } catch (IllegalAccessException e) { 092 throw new SASException(1, e); 093 } catch (InvocationTargetException e) { 094 throw new SASException(1, e); 095 } catch (NoSuchMethodException e) { 096 throw new SASException(1, e); 097 } 098 099 Subject subject = new Subject(); 100 subject.getPrincipals().add(basePrincipal); 101 if (realmName != null && domainName != null) { 102 subject.getPrincipals().add(new RealmPrincipal(realmName, domainName, basePrincipal)); 103 subject.getPrincipals().add(new PrimaryRealmPrincipal(realmName, domainName, basePrincipal)); 104 } 105 if (domainName != null) { 106 subject.getPrincipals().add(new DomainPrincipal(domainName, basePrincipal)); 107 subject.getPrincipals().add(new PrimaryDomainPrincipal(domainName, basePrincipal)); 108 } 109 110 return subject; 111 } 112 113 public void toString(String spaces, StringBuffer buf) { 114 String moreSpaces = spaces + " "; 115 buf.append(spaces).append("TSSITTPrincipalNameGSSUP: [\n"); 116 buf.append(moreSpaces).append("principalClass: ").append(principalClass).append("\n"); 117 buf.append(moreSpaces).append("domain: ").append(domainName).append("\n"); 118 buf.append(moreSpaces).append("realm: ").append(realmName).append("\n"); 119 buf.append(spaces).append("]\n"); 120 } 121 122 }