001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017
018 package org.apache.geronimo.security.util;
019
020 import java.lang.reflect.Constructor;
021 import java.security.AccessController;
022 import java.security.PrivilegedActionException;
023 import java.security.PrivilegedExceptionAction;
024
025 import javax.security.auth.x500.X500Principal;
026 import javax.security.jacc.PolicyContext;
027 import javax.security.jacc.PolicyContextException;
028 import javax.security.jacc.PolicyContextHandler;
029
030 import org.apache.geronimo.common.DeploymentException;
031 import org.apache.geronimo.security.DomainPrincipal;
032 import org.apache.geronimo.security.PrimaryDomainPrincipal;
033 import org.apache.geronimo.security.PrimaryPrincipal;
034 import org.apache.geronimo.security.PrimaryRealmPrincipal;
035 import org.apache.geronimo.security.RealmPrincipal;
036 import org.apache.geronimo.security.deploy.PrincipalInfo;
037
038
039 /**
040 * A collection of utility functions that assist with the configuration of
041 * <code>PolicyConfiguration</code>s.
042 *
043 * @version $Rev: 545781 $ $Date: 2007-06-09 13:44:02 -0400 (Sat, 09 Jun 2007) $
044 * @see javax.security.jacc.PolicyConfiguration
045 * @see "JSR 115" Java Authorization Contract for Containers
046 */
047 public class ConfigurationUtil {
048
049 /**
050 * Create an X500Principal from a deployment description.
051 *
052 * @param name the distinguished name of the principal
053 * @return an X500Principal from a deployment description
054 */
055 public static X500Principal generateX500Principal(String name) {
056 return new X500Principal(name);
057 }
058
059 /**
060 * Create a Principal from a deployment description.
061 *
062 * @param principalInfo the deployment description of the principal to be created.
063 * @param classLoader
064 * @return a RealmPrincipal from a deployment description
065 */
066 public static java.security.Principal generatePrincipal(final PrincipalInfo principalInfo, ClassLoader classLoader) {
067 return generatePrincipal(principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
068 }
069
070 public static java.security.Principal generatePrincipal(final String className, final String principalName, final ClassLoader classLoader) {
071 try {
072 return (java.security.Principal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
073 public Object run() throws Exception {
074 Class clazz = classLoader.loadClass(className);
075 Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
076 return (java.security.Principal) constructor.newInstance(new Object[]{principalName});
077 }
078 });
079 } catch (PrivilegedActionException e) {
080 e.printStackTrace();
081 if (e.getException() != null) {
082 e.getException().printStackTrace();
083 }
084 return null;
085 }
086 }
087
088 /**
089 * Create a RealmPrincipal from a deployment description.
090 *
091 * @param principalInfo the deployment description of the principal to be created.
092 * @param classLoader
093 * @return a RealmPrincipal from a deployment description
094 */
095 public static RealmPrincipal generateRealmPrincipal(final String realm, final String loginDomain, final PrincipalInfo principalInfo, ClassLoader classLoader) {
096 return generateRealmPrincipal(realm, loginDomain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
097 }
098
099 public static RealmPrincipal generateRealmPrincipal(final String realm, final String loginDomain, final String className, final String principalName,
100 ClassLoader classLoader)
101 {
102 return new RealmPrincipal(realm, loginDomain, generatePrincipal(className, principalName, classLoader));
103 }
104
105 /**
106 * Create a DomainPrincipal from a deployment description.
107 *
108 * @param principalInfo the deployment description of the principal to be created.
109 * @param classLoader
110 * @return a RealmPrincipal from a deployment description
111 */
112 public static DomainPrincipal generateDomainPrincipal(final String loginDomain, final PrincipalInfo principalInfo, ClassLoader classLoader) {
113 return generateDomainPrincipal(loginDomain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
114 }
115
116 public static DomainPrincipal generateDomainPrincipal(final String loginDomain, final String className, final String principalName, ClassLoader classLoader) {
117 return new DomainPrincipal(loginDomain, generatePrincipal(className, principalName, classLoader));
118 }
119
120 /**
121 * Create a RealmPrincipal from a deployment description.
122 *
123 * @param principalInfo the deployment description of the principal to be created.
124 * @param classLoader
125 * @return a PrimaryRealmPrincipal from a deployment description
126 */
127 public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String realm, final String domain, final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException {
128 return generatePrimaryRealmPrincipal(realm, domain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
129 }
130
131 public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String realm, final String domain, final String className, final String principalName,
132 final ClassLoader classLoader) throws DeploymentException
133 {
134 try {
135 return (PrimaryRealmPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
136 public Object run() throws Exception {
137 java.security.Principal p = null;
138 Class clazz = classLoader.loadClass(className);
139 Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
140 p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
141
142 return new PrimaryRealmPrincipal(realm, domain, p);
143 }
144 });
145 } catch (PrivilegedActionException pae) {
146 throw new DeploymentException("Unable to create realm principal", pae.getException());
147 }
148 }
149
150 /**
151 * Create a DomainPrincipal from a deployment description.
152 *
153 * @param principalInfo the deployment description of the principal to be created.
154 * @param classLoader
155 * @return a PrimaryDomainPrincipal from a deployment description
156 */
157 public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(final String domain, final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException {
158 return generatePrimaryDomainPrincipal(domain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
159 }
160
161 public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(final String domain, final String className, final String principalName,
162 final ClassLoader classLoader) throws DeploymentException
163 {
164 try {
165 return (PrimaryDomainPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
166 public Object run() throws Exception {
167 java.security.Principal p = null;
168 Class clazz = classLoader.loadClass(className);
169 Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
170 p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
171
172 return new PrimaryDomainPrincipal(domain, p);
173 }
174 });
175 } catch (PrivilegedActionException pae) {
176 throw new DeploymentException("Unable to create domain principal", pae.getException());
177 }
178 }
179
180 /**
181 * Create a Principal from a deployment description.
182 *
183 * @param principalInfo the deployment description of the principal to be created.
184 * @param classLoader
185 * @return a Principal from a deployment description
186 */
187 public static PrimaryPrincipal generatePrimaryPrincipal(final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException {
188 return generatePrimaryPrincipal(principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
189 }
190
191 public static PrimaryPrincipal generatePrimaryPrincipal(final String className, final String principalName, final ClassLoader classLoader) throws DeploymentException {
192 try {
193 return (PrimaryPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
194 public Object run() throws Exception {
195 java.security.Principal p = null;
196 Class clazz = classLoader.loadClass(className);
197 Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
198 p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
199
200 return new PrimaryPrincipal(p);
201 }
202 });
203 } catch (PrivilegedActionException pae) {
204 throw new DeploymentException("Unable to create principal", pae.getException());
205 }
206 }
207
208 /**
209 * A simple helper method to register PolicyContextHandlers
210 *
211 * @param handler an object that implements the <code>PolicyContextHandler</code>
212 * interface. The value of this parameter must not be null.
213 * @param replace this boolean value defines the behavior of this method
214 * if, when it is called, a <code>PolicyContextHandler</code> has already
215 * been registered to handle the same key. In that case, and if the value
216 * of this argument is true, the existing handler is replaced with the
217 * argument handler. If the value of this parameter is false the existing
218 * registration is preserved and an exception is thrown.
219 */
220 public static void registerPolicyContextHandler(PolicyContextHandler handler, boolean replace) throws PolicyContextException {
221 String[] keys = handler.getKeys();
222
223 for (int i = 0; i < keys.length; i++) {
224 PolicyContext.registerHandler(keys[i], handler, replace);
225 }
226 }
227
228
229 }