001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.geronimo.corba.security.config.tss;
018    
019    import java.lang.reflect.Constructor;
020    import java.lang.reflect.InvocationTargetException;
021    import java.security.Principal;
022    import javax.security.auth.Subject;
023    
024    import org.apache.geronimo.security.DomainPrincipal;
025    import org.apache.geronimo.security.PrimaryDomainPrincipal;
026    import org.apache.geronimo.security.PrimaryRealmPrincipal;
027    import org.apache.geronimo.security.RealmPrincipal;
028    import org.omg.CORBA.Any;
029    import org.omg.CSI.GSS_NT_ExportedNameHelper;
030    import org.omg.CSI.ITTPrincipalName;
031    import org.omg.CSI.IdentityToken;
032    import org.omg.GSSUP.GSSUPMechOID;
033    import org.omg.IOP.CodecPackage.FormatMismatch;
034    import org.omg.IOP.CodecPackage.TypeMismatch;
035    import org.apache.geronimo.corba.security.SASException;
036    import org.apache.geronimo.corba.util.Util;
037    
038    
039    /**
040     * @version $Rev: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $
041     */
042    public class TSSITTPrincipalNameGSSUP extends TSSSASIdentityToken {
043    
044        public static final String OID = GSSUPMechOID.value.substring(4);
045        private final Class principalClass;
046        private transient Constructor constructor;
047        private final String realmName;
048        private final String domainName;
049    
050        public TSSITTPrincipalNameGSSUP(Class principalClass, String realmName, String domainName) throws NoSuchMethodException {
051            this.principalClass = principalClass;
052            this.realmName = realmName;
053            this.domainName = domainName;
054            getConstructor();
055        }
056    
057        private void getConstructor() throws NoSuchMethodException {
058            if (constructor == null && principalClass != null) {
059                constructor = principalClass.getConstructor(new Class[]{String.class});
060            }
061        }
062    
063        public short getType() {
064            return ITTPrincipalName.value;
065        }
066    
067        public String getOID() {
068            return OID;
069        }
070    
071        public Subject check(IdentityToken identityToken) throws SASException {
072            assert principalClass != null;
073            byte[] principalNameToken = identityToken.principal_name();
074            Any any = null;
075            try {
076                any = Util.getCodec().decode_value(principalNameToken, GSS_NT_ExportedNameHelper.type());
077            } catch (FormatMismatch formatMismatch) {
078                throw new SASException(1, formatMismatch);
079            } catch (TypeMismatch typeMismatch) {
080                throw new SASException(1, typeMismatch);
081            }
082            byte[] principalNameBytes = GSS_NT_ExportedNameHelper.extract(any);
083            String principalName = Util.decodeGSSExportName(principalNameBytes);
084            principalName = Util.extractUserNameFromScopedName(principalName);
085            Principal basePrincipal = null;
086            try {
087                getConstructor();
088                basePrincipal = (Principal) constructor.newInstance(new Object[]{principalName});
089            } catch (InstantiationException e) {
090                throw new SASException(1, e);
091            } catch (IllegalAccessException e) {
092                throw new SASException(1, e);
093            } catch (InvocationTargetException e) {
094                throw new SASException(1, e);
095            } catch (NoSuchMethodException e) {
096                throw new SASException(1, e);
097            }
098    
099            Subject subject = new Subject();
100            subject.getPrincipals().add(basePrincipal);
101            if (realmName != null && domainName != null) {
102                subject.getPrincipals().add(new RealmPrincipal(realmName, domainName, basePrincipal));
103                subject.getPrincipals().add(new PrimaryRealmPrincipal(realmName, domainName, basePrincipal));
104            }
105            if (domainName != null) {
106                subject.getPrincipals().add(new DomainPrincipal(domainName, basePrincipal));
107                subject.getPrincipals().add(new PrimaryDomainPrincipal(domainName, basePrincipal));
108            }
109    
110            return subject;
111        }
112    
113        public void toString(String spaces, StringBuffer buf) {
114            String moreSpaces = spaces + "  ";
115            buf.append(spaces).append("TSSITTPrincipalNameGSSUP: [\n");
116            buf.append(moreSpaces).append("principalClass: ").append(principalClass).append("\n");
117            buf.append(moreSpaces).append("domain: ").append(domainName).append("\n");
118            buf.append(moreSpaces).append("realm: ").append(realmName).append("\n");
119            buf.append(spaces).append("]\n");
120        }
121    
122    }