001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017 package org.apache.geronimo.corba.security.config.css;
018
019 import java.util.Iterator;
020 import java.util.List;
021
022 import org.apache.xmlbeans.XmlException;
023 import org.apache.xmlbeans.XmlObject;
024 import org.omg.CSIIOP.CompositeDelegation;
025 import org.omg.CSIIOP.Confidentiality;
026 import org.omg.CSIIOP.DetectMisordering;
027 import org.omg.CSIIOP.DetectReplay;
028 import org.omg.CSIIOP.EstablishTrustInClient;
029 import org.omg.CSIIOP.EstablishTrustInTarget;
030 import org.omg.CSIIOP.Integrity;
031 import org.omg.CSIIOP.NoDelegation;
032 import org.omg.CSIIOP.NoProtection;
033 import org.omg.CSIIOP.SimpleDelegation;
034
035 import org.apache.geronimo.common.DeploymentException;
036 import org.apache.geronimo.common.propertyeditor.PropertyEditorException;
037 import org.apache.geronimo.deployment.service.XmlAttributeBuilder;
038 import org.apache.geronimo.deployment.xmlbeans.XmlBeansUtil;
039 import org.apache.geronimo.gbean.GBeanInfo;
040 import org.apache.geronimo.gbean.GBeanInfoBuilder;
041 import org.apache.geronimo.kernel.ClassLoading;
042
043 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCompoundSecMechType;
044 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCssType;
045 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSGSSUPDynamicType;
046 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSGSSUPStaticType;
047 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSITTPrincipalNameDynamicType;
048 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSITTPrincipalNameStaticType;
049 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSSSLType;
050 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSSasMechType;
051 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCssDocument;
052 import org.apache.geronimo.corba.xbeans.csiv2.tss.TSSAssociationOption;
053
054
055 /**
056 * @version $Revision: 451417 $ $Date: 2006-09-29 13:13:22 -0700 (Fri, 29 Sep 2006) $
057 */
058 public class CSSConfigEditor implements XmlAttributeBuilder {
059 private static final String NAMESPACE = CSSCssDocument.type.getDocumentElementName().getNamespaceURI();
060
061 public String getNamespace() {
062 return NAMESPACE;
063 }
064
065 public Object getValue(XmlObject xmlObject, String type, ClassLoader cl) throws DeploymentException {
066
067 CSSCssType css;
068 if (xmlObject instanceof CSSCssType) {
069 css = (CSSCssType) xmlObject;
070 }
071 css = (CSSCssType) xmlObject.copy().changeType(CSSCssType.type);
072 try {
073 XmlBeansUtil.validateDD(css);
074 } catch (XmlException e) {
075 throw new DeploymentException("Error parsing CSS configuration", e);
076 }
077
078 CSSConfig cssConfig = new CSSConfig();
079
080 if (css.isSetCompoundSecMechTypeList()) {
081 CSSCompoundSecMechListConfig mechListConfig = cssConfig.getMechList();
082 mechListConfig.setStateful(css.getCompoundSecMechTypeList().getStateful());
083
084 CSSCompoundSecMechType[] mechList = css.getCompoundSecMechTypeList().getCompoundSecMechArray();
085 for (int i = 0; i < mechList.length; i++) {
086 mechListConfig.add(extractCompoundSecMech(mechList[i], cl));
087 }
088 }
089
090 return cssConfig;
091 }
092
093 protected static CSSCompoundSecMechConfig extractCompoundSecMech(CSSCompoundSecMechType mechType, ClassLoader cl) throws DeploymentException {
094
095 CSSCompoundSecMechConfig result = new CSSCompoundSecMechConfig();
096
097 if (mechType.isSetSSL()) {
098 result.setTransport_mech(extractSSLTransport(mechType.getSSL()));
099 } else if (mechType.isSetSECIOP()) {
100 throw new PropertyEditorException("SECIOP processing not implemented");
101 } else {
102 result.setTransport_mech(new CSSNULLTransportConfig());
103 }
104
105 if (mechType.isSetGSSUPStatic()) {
106 result.setAs_mech(extractGSSUPStatic(mechType.getGSSUPStatic()));
107 } else if (mechType.isSetGSSUPDynamic()) {
108 result.setAs_mech(extractGSSUPDynamic(mechType.getGSSUPDynamic()));
109 } else {
110 result.setAs_mech(new CSSNULLASMechConfig());
111 }
112
113 result.setSas_mech(extractSASMech(mechType.getSasMech(), cl));
114
115 return result;
116 }
117
118 protected static CSSTransportMechConfig extractSSLTransport(CSSSSLType sslType) {
119 CSSSSLTransportConfig result = new CSSSSLTransportConfig();
120
121 result.setSupports(extractAssociationOptions(sslType.getSupports()));
122 result.setRequires(extractAssociationOptions(sslType.getRequires()));
123
124 return result;
125 }
126
127 protected static CSSASMechConfig extractGSSUPStatic(CSSGSSUPStaticType gssupType) {
128 return new CSSGSSUPMechConfigStatic(gssupType.getUsername(), gssupType.getPassword(), gssupType.getDomain());
129 }
130
131 protected static CSSASMechConfig extractGSSUPDynamic(CSSGSSUPDynamicType gssupType) {
132 return new CSSGSSUPMechConfigDynamic(gssupType.getDomain());
133 }
134
135 protected static CSSSASMechConfig extractSASMech(CSSSasMechType sasMechType, ClassLoader cl) throws DeploymentException {
136 CSSSASMechConfig result = new CSSSASMechConfig();
137
138 if (sasMechType == null) {
139 result.setIdentityToken(new CSSSASITTAbsent());
140 } else if (sasMechType.isSetITTAbsent()) {
141 result.setIdentityToken(new CSSSASITTAbsent());
142 } else if (sasMechType.isSetITTAnonymous()) {
143 result.setIdentityToken(new CSSSASITTAnonymous());
144 } else if (sasMechType.isSetITTPrincipalNameStatic()) {
145 CSSITTPrincipalNameStaticType principal = sasMechType.getITTPrincipalNameStatic();
146 result.setIdentityToken(new CSSSASITTPrincipalNameStatic(principal.getOid(), principal.getName()));
147 } else if (sasMechType.isSetITTPrincipalNameDynamic()) {
148 CSSITTPrincipalNameDynamicType principal = sasMechType.getITTPrincipalNameDynamic();
149 String principalClassName = principal.getPrincipalClass();
150 Class principalClass = null;
151 try {
152 principalClass = ClassLoading.loadClass(principalClassName, cl);
153 } catch (ClassNotFoundException e) {
154 throw new DeploymentException("Could not load principal class", e);
155 }
156 String domainName = principal.getDomain();
157 String realmName = null;
158 if (domainName != null) {
159 realmName = principal.getRealm();
160 }
161 result.setIdentityToken(new CSSSASITTPrincipalNameDynamic(principal.getOid(), principalClass, domainName, realmName));
162 }
163
164 return result;
165 }
166
167 protected static short extractAssociationOptions(List list) {
168 short result = 0;
169
170 for (Iterator iter = list.iterator(); iter.hasNext();) {
171 TSSAssociationOption.Enum obj = TSSAssociationOption.Enum.forString((String) iter.next());
172
173 if (TSSAssociationOption.NO_PROTECTION.equals(obj)) {
174 result |= NoProtection.value;
175 } else if (TSSAssociationOption.INTEGRITY.equals(obj)) {
176 result |= Integrity.value;
177 } else if (TSSAssociationOption.CONFIDENTIALITY.equals(obj)) {
178 result |= Confidentiality.value;
179 } else if (TSSAssociationOption.DETECT_REPLAY.equals(obj)) {
180 result |= DetectReplay.value;
181 } else if (TSSAssociationOption.DETECT_MISORDERING.equals(obj)) {
182 result |= DetectMisordering.value;
183 } else if (TSSAssociationOption.ESTABLISH_TRUST_IN_TARGET.equals(obj)) {
184 result |= EstablishTrustInTarget.value;
185 } else if (TSSAssociationOption.ESTABLISH_TRUST_IN_CLIENT.equals(obj)) {
186 result |= EstablishTrustInClient.value;
187 } else if (TSSAssociationOption.NO_DELEGATION.equals(obj)) {
188 result |= NoDelegation.value;
189 } else if (TSSAssociationOption.SIMPLE_DELEGATION.equals(obj)) {
190 result |= SimpleDelegation.value;
191 } else if (TSSAssociationOption.COMPOSITE_DELEGATION.equals(obj)) {
192 result |= CompositeDelegation.value;
193 }
194 }
195 return result;
196 }
197
198 public static final GBeanInfo GBEAN_INFO;
199
200 static {
201 GBeanInfoBuilder infoBuilder = GBeanInfoBuilder.createStatic(CSSConfigEditor.class, "XmlAttributeBuilder");
202 infoBuilder.addInterface(XmlAttributeBuilder.class);
203 GBEAN_INFO = infoBuilder.getBeanInfo();
204 }
205
206 public static GBeanInfo getGBeanInfo() {
207 return GBEAN_INFO;
208 }
209
210 }