001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 018 package org.apache.geronimo.security.util; 019 020 import java.lang.reflect.Constructor; 021 import java.security.AccessController; 022 import java.security.PrivilegedActionException; 023 import java.security.PrivilegedExceptionAction; 024 025 import javax.security.auth.x500.X500Principal; 026 import javax.security.jacc.PolicyContext; 027 import javax.security.jacc.PolicyContextException; 028 import javax.security.jacc.PolicyContextHandler; 029 030 import org.apache.geronimo.common.DeploymentException; 031 import org.apache.geronimo.security.DomainPrincipal; 032 import org.apache.geronimo.security.PrimaryDomainPrincipal; 033 import org.apache.geronimo.security.PrimaryPrincipal; 034 import org.apache.geronimo.security.PrimaryRealmPrincipal; 035 import org.apache.geronimo.security.RealmPrincipal; 036 import org.apache.geronimo.security.deploy.PrincipalInfo; 037 038 039 /** 040 * A collection of utility functions that assist with the configuration of 041 * <code>PolicyConfiguration</code>s. 042 * 043 * @version $Rev: 545781 $ $Date: 2007-06-09 13:44:02 -0400 (Sat, 09 Jun 2007) $ 044 * @see javax.security.jacc.PolicyConfiguration 045 * @see "JSR 115" Java Authorization Contract for Containers 046 */ 047 public class ConfigurationUtil { 048 049 /** 050 * Create an X500Principal from a deployment description. 051 * 052 * @param name the distinguished name of the principal 053 * @return an X500Principal from a deployment description 054 */ 055 public static X500Principal generateX500Principal(String name) { 056 return new X500Principal(name); 057 } 058 059 /** 060 * Create a Principal from a deployment description. 061 * 062 * @param principalInfo the deployment description of the principal to be created. 063 * @param classLoader 064 * @return a RealmPrincipal from a deployment description 065 */ 066 public static java.security.Principal generatePrincipal(final PrincipalInfo principalInfo, ClassLoader classLoader) { 067 return generatePrincipal(principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader); 068 } 069 070 public static java.security.Principal generatePrincipal(final String className, final String principalName, final ClassLoader classLoader) { 071 try { 072 return (java.security.Principal) AccessController.doPrivileged(new PrivilegedExceptionAction() { 073 public Object run() throws Exception { 074 Class clazz = classLoader.loadClass(className); 075 Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class}); 076 return (java.security.Principal) constructor.newInstance(new Object[]{principalName}); 077 } 078 }); 079 } catch (PrivilegedActionException e) { 080 e.printStackTrace(); 081 if (e.getException() != null) { 082 e.getException().printStackTrace(); 083 } 084 return null; 085 } 086 } 087 088 /** 089 * Create a RealmPrincipal from a deployment description. 090 * 091 * @param principalInfo the deployment description of the principal to be created. 092 * @param classLoader 093 * @return a RealmPrincipal from a deployment description 094 */ 095 public static RealmPrincipal generateRealmPrincipal(final String realm, final String loginDomain, final PrincipalInfo principalInfo, ClassLoader classLoader) { 096 return generateRealmPrincipal(realm, loginDomain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader); 097 } 098 099 public static RealmPrincipal generateRealmPrincipal(final String realm, final String loginDomain, final String className, final String principalName, 100 ClassLoader classLoader) 101 { 102 return new RealmPrincipal(realm, loginDomain, generatePrincipal(className, principalName, classLoader)); 103 } 104 105 /** 106 * Create a DomainPrincipal from a deployment description. 107 * 108 * @param principalInfo the deployment description of the principal to be created. 109 * @param classLoader 110 * @return a RealmPrincipal from a deployment description 111 */ 112 public static DomainPrincipal generateDomainPrincipal(final String loginDomain, final PrincipalInfo principalInfo, ClassLoader classLoader) { 113 return generateDomainPrincipal(loginDomain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader); 114 } 115 116 public static DomainPrincipal generateDomainPrincipal(final String loginDomain, final String className, final String principalName, ClassLoader classLoader) { 117 return new DomainPrincipal(loginDomain, generatePrincipal(className, principalName, classLoader)); 118 } 119 120 /** 121 * Create a RealmPrincipal from a deployment description. 122 * 123 * @param principalInfo the deployment description of the principal to be created. 124 * @param classLoader 125 * @return a PrimaryRealmPrincipal from a deployment description 126 */ 127 public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String realm, final String domain, final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException { 128 return generatePrimaryRealmPrincipal(realm, domain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader); 129 } 130 131 public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String realm, final String domain, final String className, final String principalName, 132 final ClassLoader classLoader) throws DeploymentException 133 { 134 try { 135 return (PrimaryRealmPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() { 136 public Object run() throws Exception { 137 java.security.Principal p = null; 138 Class clazz = classLoader.loadClass(className); 139 Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class}); 140 p = (java.security.Principal) constructor.newInstance(new Object[]{principalName}); 141 142 return new PrimaryRealmPrincipal(realm, domain, p); 143 } 144 }); 145 } catch (PrivilegedActionException pae) { 146 throw new DeploymentException("Unable to create realm principal", pae.getException()); 147 } 148 } 149 150 /** 151 * Create a DomainPrincipal from a deployment description. 152 * 153 * @param principalInfo the deployment description of the principal to be created. 154 * @param classLoader 155 * @return a PrimaryDomainPrincipal from a deployment description 156 */ 157 public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(final String domain, final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException { 158 return generatePrimaryDomainPrincipal(domain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader); 159 } 160 161 public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(final String domain, final String className, final String principalName, 162 final ClassLoader classLoader) throws DeploymentException 163 { 164 try { 165 return (PrimaryDomainPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() { 166 public Object run() throws Exception { 167 java.security.Principal p = null; 168 Class clazz = classLoader.loadClass(className); 169 Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class}); 170 p = (java.security.Principal) constructor.newInstance(new Object[]{principalName}); 171 172 return new PrimaryDomainPrincipal(domain, p); 173 } 174 }); 175 } catch (PrivilegedActionException pae) { 176 throw new DeploymentException("Unable to create domain principal", pae.getException()); 177 } 178 } 179 180 /** 181 * Create a Principal from a deployment description. 182 * 183 * @param principalInfo the deployment description of the principal to be created. 184 * @param classLoader 185 * @return a Principal from a deployment description 186 */ 187 public static PrimaryPrincipal generatePrimaryPrincipal(final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException { 188 return generatePrimaryPrincipal(principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader); 189 } 190 191 public static PrimaryPrincipal generatePrimaryPrincipal(final String className, final String principalName, final ClassLoader classLoader) throws DeploymentException { 192 try { 193 return (PrimaryPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() { 194 public Object run() throws Exception { 195 java.security.Principal p = null; 196 Class clazz = classLoader.loadClass(className); 197 Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class}); 198 p = (java.security.Principal) constructor.newInstance(new Object[]{principalName}); 199 200 return new PrimaryPrincipal(p); 201 } 202 }); 203 } catch (PrivilegedActionException pae) { 204 throw new DeploymentException("Unable to create principal", pae.getException()); 205 } 206 } 207 208 /** 209 * A simple helper method to register PolicyContextHandlers 210 * 211 * @param handler an object that implements the <code>PolicyContextHandler</code> 212 * interface. The value of this parameter must not be null. 213 * @param replace this boolean value defines the behavior of this method 214 * if, when it is called, a <code>PolicyContextHandler</code> has already 215 * been registered to handle the same key. In that case, and if the value 216 * of this argument is true, the existing handler is replaced with the 217 * argument handler. If the value of this parameter is false the existing 218 * registration is preserved and an exception is thrown. 219 */ 220 public static void registerPolicyContextHandler(PolicyContextHandler handler, boolean replace) throws PolicyContextException { 221 String[] keys = handler.getKeys(); 222 223 for (int i = 0; i < keys.length; i++) { 224 PolicyContext.registerHandler(keys[i], handler, replace); 225 } 226 } 227 228 229 }