001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017 package org.apache.geronimo.corba.security.config.tss;
018
019 import javax.security.auth.Subject;
020 import javax.security.auth.x500.X500Principal;
021
022 import org.omg.CORBA.Any;
023 import org.omg.CSI.ITTDistinguishedName;
024 import org.omg.CSI.IdentityToken;
025 import org.omg.CSI.X501DistinguishedNameHelper;
026 import org.omg.IOP.CodecPackage.FormatMismatch;
027 import org.omg.IOP.CodecPackage.TypeMismatch;
028
029 import org.apache.geronimo.security.DomainPrincipal;
030 import org.apache.geronimo.security.PrimaryDomainPrincipal;
031 import org.apache.geronimo.security.PrimaryRealmPrincipal;
032 import org.apache.geronimo.security.RealmPrincipal;
033
034 import org.apache.geronimo.corba.security.SASException;
035 import org.apache.geronimo.corba.util.Util;
036
037
038 /**
039 * @version $Rev: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $
040 */
041 public class TSSITTDistinguishedName extends TSSSASIdentityToken {
042
043 public static final String OID = "";
044 private final String realmName;
045 private final String domainName;
046
047 public TSSITTDistinguishedName(String realmName, String domainName) {
048 this.realmName = realmName;
049 this.domainName = domainName;
050 }
051
052 public short getType() {
053 return ITTDistinguishedName.value;
054 }
055
056 public String getOID() {
057 return OID;
058 }
059
060 public Subject check(IdentityToken identityToken) throws SASException {
061 byte[] distinguishedNameToken = identityToken.dn();
062 Any any = null;
063 try {
064 any = Util.getCodec().decode_value(distinguishedNameToken, X501DistinguishedNameHelper.type());
065 } catch (FormatMismatch formatMismatch) {
066 throw new SASException(1, formatMismatch);
067 } catch (TypeMismatch typeMismatch) {
068 throw new SASException(1, typeMismatch);
069 }
070
071 byte[] principalNameBytes = X501DistinguishedNameHelper.extract(any);
072 Subject subject = new Subject();
073 X500Principal x500Principal = new X500Principal(principalNameBytes);
074 subject.getPrincipals().add(x500Principal);
075
076 if (realmName != null && domainName != null) {
077 subject.getPrincipals().add(new RealmPrincipal(realmName, domainName, x500Principal));
078 subject.getPrincipals().add(new PrimaryRealmPrincipal(realmName, domainName, x500Principal));
079 }
080 if (domainName != null) {
081 subject.getPrincipals().add(new DomainPrincipal(domainName, x500Principal));
082 subject.getPrincipals().add(new PrimaryDomainPrincipal(domainName, x500Principal));
083 }
084
085 return subject;
086 }
087
088 public void toString(String spaces, StringBuffer buf) {
089 String moreSpaces = spaces + " ";
090 buf.append(spaces).append("TSSITTDistinguishedName: [\n");
091 buf.append(moreSpaces).append("domain: ").append(domainName).append("\n");
092 buf.append(moreSpaces).append("realm: ").append(realmName).append("\n");
093 buf.append(spaces).append("]\n");
094 }
095
096 }