001    /**
002     *  Licensed to the Apache Software Foundation (ASF) under one or more
003     *  contributor license agreements.  See the NOTICE file distributed with
004     *  this work for additional information regarding copyright ownership.
005     *  The ASF licenses this file to You under the Apache License, Version 2.0
006     *  (the "License"); you may not use this file except in compliance with
007     *  the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     *  Unless required by applicable law or agreed to in writing, software
012     *  distributed under the License is distributed on an "AS IS" BASIS,
013     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     *  See the License for the specific language governing permissions and
015     *  limitations under the License.
016     */
017    
018    package org.apache.geronimo.security.util;
019    
020    import java.lang.reflect.Constructor;
021    import java.security.AccessController;
022    import java.security.PrivilegedActionException;
023    import java.security.PrivilegedExceptionAction;
024    
025    import javax.security.auth.x500.X500Principal;
026    import javax.security.jacc.PolicyContext;
027    import javax.security.jacc.PolicyContextException;
028    import javax.security.jacc.PolicyContextHandler;
029    
030    import org.apache.geronimo.common.DeploymentException;
031    import org.apache.geronimo.security.DomainPrincipal;
032    import org.apache.geronimo.security.PrimaryDomainPrincipal;
033    import org.apache.geronimo.security.PrimaryPrincipal;
034    import org.apache.geronimo.security.PrimaryRealmPrincipal;
035    import org.apache.geronimo.security.RealmPrincipal;
036    import org.apache.geronimo.security.deploy.PrincipalInfo;
037    
038    
039    /**
040     * A collection of utility functions that assist with the configuration of
041     * <code>PolicyConfiguration</code>s.
042     *
043     * @version $Rev: 545781 $ $Date: 2007-06-09 13:44:02 -0400 (Sat, 09 Jun 2007) $
044     * @see javax.security.jacc.PolicyConfiguration
045     * @see "JSR 115" Java Authorization Contract for Containers
046     */
047    public class ConfigurationUtil {
048    
049        /**
050         * Create an X500Principal from a deployment description.
051         *
052         * @param name the distinguished name of the principal
053         * @return an X500Principal from a deployment description
054         */
055        public static X500Principal generateX500Principal(String name) {
056            return new X500Principal(name);
057        }
058    
059        /**
060         * Create a Principal from a deployment description.
061         *
062         * @param principalInfo the deployment description of the principal to be created.
063         * @param classLoader
064         * @return a RealmPrincipal from a deployment description
065         */
066        public static java.security.Principal generatePrincipal(final PrincipalInfo principalInfo, ClassLoader classLoader) {
067            return generatePrincipal(principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
068        }
069    
070        public static java.security.Principal generatePrincipal(final String className, final String principalName, final ClassLoader classLoader) {
071            try {
072                return (java.security.Principal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
073                    public Object run() throws Exception {
074                        Class clazz = classLoader.loadClass(className);
075                        Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
076                        return (java.security.Principal) constructor.newInstance(new Object[]{principalName});
077                    }
078                });
079            } catch (PrivilegedActionException e) {
080                e.printStackTrace();
081                if (e.getException() != null) {
082                    e.getException().printStackTrace();
083                }
084                return null;
085            }
086        }
087    
088        /**
089         * Create a RealmPrincipal from a deployment description.
090         *
091         * @param principalInfo the deployment description of the principal to be created.
092         * @param classLoader
093         * @return a RealmPrincipal from a deployment description
094         */
095        public static RealmPrincipal generateRealmPrincipal(final String realm, final String loginDomain, final PrincipalInfo principalInfo, ClassLoader classLoader) {
096            return generateRealmPrincipal(realm, loginDomain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
097        }
098    
099        public static RealmPrincipal generateRealmPrincipal(final String realm, final String loginDomain, final String className, final String principalName,
100                                                            ClassLoader classLoader)
101        {
102            return new RealmPrincipal(realm, loginDomain, generatePrincipal(className, principalName, classLoader));
103        }
104    
105        /**
106         * Create a DomainPrincipal from a deployment description.
107         *
108         * @param principalInfo the deployment description of the principal to be created.
109         * @param classLoader
110         * @return a RealmPrincipal from a deployment description
111         */
112        public static DomainPrincipal generateDomainPrincipal(final String loginDomain, final PrincipalInfo principalInfo, ClassLoader classLoader) {
113            return generateDomainPrincipal(loginDomain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
114        }
115    
116        public static DomainPrincipal generateDomainPrincipal(final String loginDomain, final String className, final String principalName, ClassLoader classLoader) {
117            return new DomainPrincipal(loginDomain, generatePrincipal(className, principalName, classLoader));
118        }
119    
120        /**
121         * Create a RealmPrincipal from a deployment description.
122         *
123         * @param principalInfo the deployment description of the principal to be created.
124         * @param classLoader
125         * @return a PrimaryRealmPrincipal from a deployment description
126         */
127        public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String realm, final String domain, final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException {
128            return generatePrimaryRealmPrincipal(realm, domain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
129        }
130    
131        public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String realm, final String domain, final String className, final String principalName,
132                                                                          final ClassLoader classLoader) throws DeploymentException
133        {
134            try {
135                return (PrimaryRealmPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
136                    public Object run() throws Exception {
137                        java.security.Principal p = null;
138                        Class clazz = classLoader.loadClass(className);
139                        Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
140                        p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
141    
142                        return new PrimaryRealmPrincipal(realm, domain, p);
143                    }
144                });
145            } catch (PrivilegedActionException pae) {
146                throw new DeploymentException("Unable to create realm principal", pae.getException());
147            }
148        }
149    
150        /**
151         * Create a DomainPrincipal from a deployment description.
152         *
153         * @param principalInfo the deployment description of the principal to be created.
154         * @param classLoader
155         * @return a PrimaryDomainPrincipal from a deployment description
156         */
157        public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(final String domain, final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException {
158            return generatePrimaryDomainPrincipal(domain, principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
159        }
160    
161        public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(final String domain, final String className, final String principalName,
162                                                                            final ClassLoader classLoader) throws DeploymentException
163        {
164            try {
165                return (PrimaryDomainPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
166                    public Object run() throws Exception {
167                        java.security.Principal p = null;
168                        Class clazz = classLoader.loadClass(className);
169                        Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
170                        p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
171    
172                        return new PrimaryDomainPrincipal(domain, p);
173                    }
174                });
175            } catch (PrivilegedActionException pae) {
176                throw new DeploymentException("Unable to create domain principal", pae.getException());
177            }
178        }
179    
180        /**
181         * Create a Principal from a deployment description.
182         *
183         * @param principalInfo the deployment description of the principal to be created.
184         * @param classLoader
185         * @return a Principal from a deployment description
186         */
187        public static PrimaryPrincipal generatePrimaryPrincipal(final PrincipalInfo principalInfo, ClassLoader classLoader) throws DeploymentException {
188            return generatePrimaryPrincipal(principalInfo.getClassName(), principalInfo.getPrincipalName(), classLoader);
189        }
190    
191        public static PrimaryPrincipal generatePrimaryPrincipal(final String className, final String principalName, final ClassLoader classLoader) throws DeploymentException {
192            try {
193                return (PrimaryPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
194                    public Object run() throws Exception {
195                        java.security.Principal p = null;
196                        Class clazz = classLoader.loadClass(className);
197                        Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
198                        p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
199    
200                        return new PrimaryPrincipal(p);
201                    }
202                });
203            } catch (PrivilegedActionException pae) {
204                throw new DeploymentException("Unable to create principal", pae.getException());
205            }
206        }
207    
208        /**
209         * A simple helper method to register PolicyContextHandlers
210         *
211         * @param handler an object that implements the <code>PolicyContextHandler</code>
212         *                interface. The value of this parameter must not be null.
213         * @param replace this boolean value defines the behavior of this method
214         *                if, when it is called, a <code>PolicyContextHandler</code> has already
215         *                been registered to handle the same key. In that case, and if the value
216         *                of this argument is true, the existing handler is replaced with the
217         *                argument handler. If the value of this parameter is false the existing
218         *                registration is preserved and an exception is thrown.
219         */
220        public static void registerPolicyContextHandler(PolicyContextHandler handler, boolean replace) throws PolicyContextException {
221            String[] keys = handler.getKeys();
222    
223            for (int i = 0; i < keys.length; i++) {
224                PolicyContext.registerHandler(keys[i], handler, replace);
225            }
226        }
227    
228    
229    }