001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.geronimo.corba.security.config.css; 018 019 import java.util.Iterator; 020 import java.util.List; 021 022 import org.apache.xmlbeans.XmlException; 023 import org.apache.xmlbeans.XmlObject; 024 import org.omg.CSIIOP.CompositeDelegation; 025 import org.omg.CSIIOP.Confidentiality; 026 import org.omg.CSIIOP.DetectMisordering; 027 import org.omg.CSIIOP.DetectReplay; 028 import org.omg.CSIIOP.EstablishTrustInClient; 029 import org.omg.CSIIOP.EstablishTrustInTarget; 030 import org.omg.CSIIOP.Integrity; 031 import org.omg.CSIIOP.NoDelegation; 032 import org.omg.CSIIOP.NoProtection; 033 import org.omg.CSIIOP.SimpleDelegation; 034 035 import org.apache.geronimo.common.DeploymentException; 036 import org.apache.geronimo.common.propertyeditor.PropertyEditorException; 037 import org.apache.geronimo.deployment.service.XmlAttributeBuilder; 038 import org.apache.geronimo.deployment.xmlbeans.XmlBeansUtil; 039 import org.apache.geronimo.gbean.GBeanInfo; 040 import org.apache.geronimo.gbean.GBeanInfoBuilder; 041 import org.apache.geronimo.kernel.ClassLoading; 042 043 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCompoundSecMechType; 044 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCssType; 045 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSGSSUPDynamicType; 046 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSGSSUPStaticType; 047 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSITTPrincipalNameDynamicType; 048 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSITTPrincipalNameStaticType; 049 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSSSLType; 050 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSSasMechType; 051 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCssDocument; 052 import org.apache.geronimo.corba.xbeans.csiv2.tss.TSSAssociationOption; 053 054 055 /** 056 * @version $Revision: 451417 $ $Date: 2006-09-29 13:13:22 -0700 (Fri, 29 Sep 2006) $ 057 */ 058 public class CSSConfigEditor implements XmlAttributeBuilder { 059 private static final String NAMESPACE = CSSCssDocument.type.getDocumentElementName().getNamespaceURI(); 060 061 public String getNamespace() { 062 return NAMESPACE; 063 } 064 065 public Object getValue(XmlObject xmlObject, String type, ClassLoader cl) throws DeploymentException { 066 067 CSSCssType css; 068 if (xmlObject instanceof CSSCssType) { 069 css = (CSSCssType) xmlObject; 070 } 071 css = (CSSCssType) xmlObject.copy().changeType(CSSCssType.type); 072 try { 073 XmlBeansUtil.validateDD(css); 074 } catch (XmlException e) { 075 throw new DeploymentException("Error parsing CSS configuration", e); 076 } 077 078 CSSConfig cssConfig = new CSSConfig(); 079 080 if (css.isSetCompoundSecMechTypeList()) { 081 CSSCompoundSecMechListConfig mechListConfig = cssConfig.getMechList(); 082 mechListConfig.setStateful(css.getCompoundSecMechTypeList().getStateful()); 083 084 CSSCompoundSecMechType[] mechList = css.getCompoundSecMechTypeList().getCompoundSecMechArray(); 085 for (int i = 0; i < mechList.length; i++) { 086 mechListConfig.add(extractCompoundSecMech(mechList[i], cl)); 087 } 088 } 089 090 return cssConfig; 091 } 092 093 protected static CSSCompoundSecMechConfig extractCompoundSecMech(CSSCompoundSecMechType mechType, ClassLoader cl) throws DeploymentException { 094 095 CSSCompoundSecMechConfig result = new CSSCompoundSecMechConfig(); 096 097 if (mechType.isSetSSL()) { 098 result.setTransport_mech(extractSSLTransport(mechType.getSSL())); 099 } else if (mechType.isSetSECIOP()) { 100 throw new PropertyEditorException("SECIOP processing not implemented"); 101 } else { 102 result.setTransport_mech(new CSSNULLTransportConfig()); 103 } 104 105 if (mechType.isSetGSSUPStatic()) { 106 result.setAs_mech(extractGSSUPStatic(mechType.getGSSUPStatic())); 107 } else if (mechType.isSetGSSUPDynamic()) { 108 result.setAs_mech(extractGSSUPDynamic(mechType.getGSSUPDynamic())); 109 } else { 110 result.setAs_mech(new CSSNULLASMechConfig()); 111 } 112 113 result.setSas_mech(extractSASMech(mechType.getSasMech(), cl)); 114 115 return result; 116 } 117 118 protected static CSSTransportMechConfig extractSSLTransport(CSSSSLType sslType) { 119 CSSSSLTransportConfig result = new CSSSSLTransportConfig(); 120 121 result.setSupports(extractAssociationOptions(sslType.getSupports())); 122 result.setRequires(extractAssociationOptions(sslType.getRequires())); 123 124 return result; 125 } 126 127 protected static CSSASMechConfig extractGSSUPStatic(CSSGSSUPStaticType gssupType) { 128 return new CSSGSSUPMechConfigStatic(gssupType.getUsername(), gssupType.getPassword(), gssupType.getDomain()); 129 } 130 131 protected static CSSASMechConfig extractGSSUPDynamic(CSSGSSUPDynamicType gssupType) { 132 return new CSSGSSUPMechConfigDynamic(gssupType.getDomain()); 133 } 134 135 protected static CSSSASMechConfig extractSASMech(CSSSasMechType sasMechType, ClassLoader cl) throws DeploymentException { 136 CSSSASMechConfig result = new CSSSASMechConfig(); 137 138 if (sasMechType == null) { 139 result.setIdentityToken(new CSSSASITTAbsent()); 140 } else if (sasMechType.isSetITTAbsent()) { 141 result.setIdentityToken(new CSSSASITTAbsent()); 142 } else if (sasMechType.isSetITTAnonymous()) { 143 result.setIdentityToken(new CSSSASITTAnonymous()); 144 } else if (sasMechType.isSetITTPrincipalNameStatic()) { 145 CSSITTPrincipalNameStaticType principal = sasMechType.getITTPrincipalNameStatic(); 146 result.setIdentityToken(new CSSSASITTPrincipalNameStatic(principal.getOid(), principal.getName())); 147 } else if (sasMechType.isSetITTPrincipalNameDynamic()) { 148 CSSITTPrincipalNameDynamicType principal = sasMechType.getITTPrincipalNameDynamic(); 149 String principalClassName = principal.getPrincipalClass(); 150 Class principalClass = null; 151 try { 152 principalClass = ClassLoading.loadClass(principalClassName, cl); 153 } catch (ClassNotFoundException e) { 154 throw new DeploymentException("Could not load principal class", e); 155 } 156 String domainName = principal.getDomain(); 157 String realmName = null; 158 if (domainName != null) { 159 realmName = principal.getRealm(); 160 } 161 result.setIdentityToken(new CSSSASITTPrincipalNameDynamic(principal.getOid(), principalClass, domainName, realmName)); 162 } 163 164 return result; 165 } 166 167 protected static short extractAssociationOptions(List list) { 168 short result = 0; 169 170 for (Iterator iter = list.iterator(); iter.hasNext();) { 171 TSSAssociationOption.Enum obj = TSSAssociationOption.Enum.forString((String) iter.next()); 172 173 if (TSSAssociationOption.NO_PROTECTION.equals(obj)) { 174 result |= NoProtection.value; 175 } else if (TSSAssociationOption.INTEGRITY.equals(obj)) { 176 result |= Integrity.value; 177 } else if (TSSAssociationOption.CONFIDENTIALITY.equals(obj)) { 178 result |= Confidentiality.value; 179 } else if (TSSAssociationOption.DETECT_REPLAY.equals(obj)) { 180 result |= DetectReplay.value; 181 } else if (TSSAssociationOption.DETECT_MISORDERING.equals(obj)) { 182 result |= DetectMisordering.value; 183 } else if (TSSAssociationOption.ESTABLISH_TRUST_IN_TARGET.equals(obj)) { 184 result |= EstablishTrustInTarget.value; 185 } else if (TSSAssociationOption.ESTABLISH_TRUST_IN_CLIENT.equals(obj)) { 186 result |= EstablishTrustInClient.value; 187 } else if (TSSAssociationOption.NO_DELEGATION.equals(obj)) { 188 result |= NoDelegation.value; 189 } else if (TSSAssociationOption.SIMPLE_DELEGATION.equals(obj)) { 190 result |= SimpleDelegation.value; 191 } else if (TSSAssociationOption.COMPOSITE_DELEGATION.equals(obj)) { 192 result |= CompositeDelegation.value; 193 } 194 } 195 return result; 196 } 197 198 public static final GBeanInfo GBEAN_INFO; 199 200 static { 201 GBeanInfoBuilder infoBuilder = GBeanInfoBuilder.createStatic(CSSConfigEditor.class, "XmlAttributeBuilder"); 202 infoBuilder.addInterface(XmlAttributeBuilder.class); 203 GBEAN_INFO = infoBuilder.getBeanInfo(); 204 } 205 206 public static GBeanInfo getGBeanInfo() { 207 return GBEAN_INFO; 208 } 209 210 }