1 /**
2 *
3 * Copyright 2003-2004 The Apache Software Foundation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18 package org.apache.geronimo.security.jaas;
19
20 import java.util.Collection;
21 import java.util.Collections;
22 import java.util.Hashtable;
23 import java.util.Iterator;
24 import java.util.Map;
25 import javax.security.auth.login.AppConfigurationEntry;
26 import javax.security.auth.login.Configuration;
27
28 import org.apache.commons.logging.Log;
29 import org.apache.commons.logging.LogFactory;
30 import org.apache.geronimo.gbean.GBeanInfo;
31 import org.apache.geronimo.gbean.GBeanInfoBuilder;
32 import org.apache.geronimo.gbean.GBeanLifecycle;
33 import org.apache.geronimo.gbean.ReferenceCollection;
34 import org.apache.geronimo.gbean.ReferenceCollectionEvent;
35 import org.apache.geronimo.gbean.ReferenceCollectionListener;
36 import org.apache.geronimo.security.SecurityServiceImpl;
37 import org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration;
38
39
40 /**
41 * A JAAS configuration mechanism (associating JAAS configuration names with
42 * specific LoginModule configurations). This is a drop-in replacement for the
43 * normal file-reading JAAS configuration mechanism. Instead of getting
44 * its configuration from its file, it gets its configuration from other
45 * GBeans running in Geronimo.
46 *
47 * @version $Rev: 386763 $ $Date: 2006-03-17 15:15:27 -0800 (Fri, 17 Mar 2006) $
48 */
49 public class GeronimoLoginConfiguration extends Configuration implements GBeanLifecycle, ReferenceCollectionListener {
50
51 private final Log log = LogFactory.getLog(GeronimoLoginConfiguration.class);
52 private static Map entries = new Hashtable();
53 private Configuration oldConfiguration;
54 private Collection configurations = Collections.EMPTY_SET;
55
56
57 public Collection getConfigurations() {
58 SecurityManager sm = System.getSecurityManager();
59 if (sm != null) sm.checkPermission(SecurityServiceImpl.CONFIGURE);
60
61 return configurations;
62 }
63
64 public void setConfigurations(Collection configurations) {
65 SecurityManager sm = System.getSecurityManager();
66 if (sm != null) sm.checkPermission(SecurityServiceImpl.CONFIGURE);
67
68 if (configurations instanceof ReferenceCollection) {
69 ReferenceCollection ref = (ReferenceCollection) configurations;
70 ref.addReferenceCollectionListener(this);
71 }
72
73 this.configurations = configurations;
74
75 for (Iterator iter = configurations.iterator(); iter.hasNext();) {
76 addConfiguration((ConfigurationEntryFactory) iter.next());
77 }
78 }
79
80 public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
81 AppConfigurationEntry entry = (AppConfigurationEntry) entries.get(name);
82
83 if (entry == null) return null;
84
85 return new AppConfigurationEntry[]{entry};
86 }
87
88 public void refresh() {
89 }
90
91 public void memberAdded(ReferenceCollectionEvent event) {
92 SecurityManager sm = System.getSecurityManager();
93 if (sm != null) sm.checkPermission(SecurityServiceImpl.CONFIGURE);
94
95 ConfigurationEntryFactory factory = (ConfigurationEntryFactory) event.getMember();
96 addConfiguration(factory);
97 }
98
99 public void memberRemoved(ReferenceCollectionEvent event) {
100 SecurityManager sm = System.getSecurityManager();
101 if (sm != null) sm.checkPermission(SecurityServiceImpl.CONFIGURE);
102
103 ConfigurationEntryFactory factory = (ConfigurationEntryFactory) event.getMember();
104
105 entries.remove(factory.getConfigurationName());
106 log.debug("Removed Application Configuration Entry " + factory.getConfigurationName());
107 }
108
109 private final void addConfiguration(ConfigurationEntryFactory factory) {
110 JaasLoginModuleConfiguration config = factory.generateConfiguration();
111 if(config.getLoginDomainName() == null) {
112 throw new IllegalArgumentException("A login module to be registered standalone must have a domain name!");
113 }
114 if (entries.containsKey(factory.getConfigurationName())) {
115 throw new java.lang.IllegalArgumentException("ConfigurationEntry already registered");
116 }
117 AppConfigurationEntry ace = new AppConfigurationEntry(config.getLoginModuleClassName(), config.getFlag().getFlag(), config.getOptions());
118
119 entries.put(factory.getConfigurationName(), ace);
120 log.debug("Added Application Configuration Entry " + factory.getConfigurationName());
121 }
122
123 public void doStart() throws Exception {
124 try {
125 oldConfiguration = Configuration.getConfiguration();
126 } catch (SecurityException e) {
127 oldConfiguration = null;
128 }
129 Configuration.setConfiguration(this);
130 log.debug("Installed Geronimo login configuration");
131 }
132
133 public void doStop() throws Exception {
134 Configuration.setConfiguration(oldConfiguration);
135
136 for (Iterator iter = entries.keySet().iterator(); iter.hasNext();){
137 log.debug("Removed Application Configuration Entry " + iter.next());
138 }
139 entries.clear();
140
141 log.debug("Uninstalled Geronimo login configuration");
142 }
143
144 public void doFail() {
145 Configuration.setConfiguration(oldConfiguration);
146 log.debug("Uninstalled Geronimo login configuration");
147 }
148
149 public static GBeanInfo getGBeanInfo() {
150 return GBEAN_INFO;
151 }
152
153 private static final GBeanInfo GBEAN_INFO;
154
155 static {
156 GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic(GeronimoLoginConfiguration.class);
157 infoFactory.addReference("Configurations", ConfigurationEntryFactory.class, null);
158
159 GBEAN_INFO = infoFactory.getBeanInfo();
160 }
161
162 }