ApplicationPolicyConfigurationManager xref

View Javadoc

1   /**
2    *
3    * Copyright 2003-2004 The Apache Software Foundation
4    *
5    *  Licensed under the Apache License, Version 2.0 (the "License");
6    *  you may not use this file except in compliance with the License.
7    *  You may obtain a copy of the License at
8    *
9    *     http://www.apache.org/licenses/LICENSE-2.0
10   *
11   *  Unless required by applicable law or agreed to in writing, software
12   *  distributed under the License is distributed on an "AS IS" BASIS,
13   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   *  See the License for the specific language governing permissions and
15   *  limitations under the License.
16   */
17  package org.apache.geronimo.security.jacc;
18  
19  import java.security.Permission;
20  import java.security.PermissionCollection;
21  import java.security.Policy;
22  import java.util.Enumeration;
23  import java.util.HashMap;
24  import java.util.Iterator;
25  import java.util.Map;
26  import javax.security.auth.Subject;
27  import javax.security.jacc.PolicyConfiguration;
28  import javax.security.jacc.PolicyConfigurationFactory;
29  import javax.security.jacc.PolicyContextException;
30  
31  import org.apache.geronimo.gbean.GBeanInfo;
32  import org.apache.geronimo.gbean.GBeanInfoBuilder;
33  import org.apache.geronimo.gbean.GBeanLifecycle;
34  import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
35  import org.apache.geronimo.security.ContextManager;
36  import org.apache.geronimo.security.IdentificationPrincipal;
37  import org.apache.geronimo.security.SubjectId;
38  
39  /**
40   * @version $Rev: 431706 $ $Date: 2006-08-15 14:19:27 -0700 (Tue, 15 Aug 2006) $
41   */
42  public class ApplicationPolicyConfigurationManager implements GBeanLifecycle {
43  
44      private final Map contextIdToPolicyConfigurationMap = new HashMap();
45      private final Map roleDesignates;
46      private final PrincipalRoleMapper principalRoleMapper;
47  
48      public ApplicationPolicyConfigurationManager(Map contextIdToPermissionsMap, Map roleDesignates, ClassLoader cl, PrincipalRoleMapper principalRoleMapper) throws PolicyContextException, ClassNotFoundException {
49          this.principalRoleMapper = principalRoleMapper;
50          Thread currentThread = Thread.currentThread();
51          ClassLoader oldClassLoader = currentThread.getContextClassLoader();
52          currentThread.setContextClassLoader(cl);
53          PolicyConfigurationFactory policyConfigurationFactory;
54          try {
55              policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
56          } finally {
57              currentThread.setContextClassLoader(oldClassLoader);
58          }
59  
60          for (Iterator iterator = contextIdToPermissionsMap.entrySet().iterator(); iterator.hasNext();) {
61              Map.Entry entry = (Map.Entry) iterator.next();
62              String contextID = (String) entry.getKey();
63              ComponentPermissions componentPermissions = (ComponentPermissions) entry.getValue();
64  
65              PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(contextID, true);
66              contextIdToPolicyConfigurationMap.put(contextID, policyConfiguration);
67              policyConfiguration.addToExcludedPolicy(componentPermissions.getExcludedPermissions());
68              policyConfiguration.addToUncheckedPolicy(componentPermissions.getUncheckedPermissions());
69              for (Iterator roleIterator = componentPermissions.getRolePermissions().entrySet().iterator(); roleIterator.hasNext();) {
70                  Map.Entry roleEntry = (Map.Entry) roleIterator.next();
71                  String roleName = (String) roleEntry.getKey();
72                  PermissionCollection rolePermissions = (PermissionCollection) roleEntry.getValue();
73                  for (Enumeration permissions = rolePermissions.elements(); permissions.hasMoreElements();) {
74                      Permission permission = (Permission) permissions.nextElement();
75                      policyConfiguration.addToRole(roleName, permission);
76  
77                  }
78              }
79          }
80  
81          if (principalRoleMapper != null) {
82              principalRoleMapper.install(contextIdToPermissionsMap.keySet());
83          }
84  
85          //link everything together
86          for (Iterator iterator = contextIdToPolicyConfigurationMap.values().iterator(); iterator.hasNext();) {
87              PolicyConfiguration policyConfiguration = (PolicyConfiguration) iterator.next();
88              for (Iterator iterator2 = contextIdToPolicyConfigurationMap.values().iterator(); iterator2.hasNext();) {
89                  PolicyConfiguration policyConfiguration2 = (PolicyConfiguration) iterator2.next();
90                  if (policyConfiguration != policyConfiguration2) {
91                      policyConfiguration.linkConfiguration(policyConfiguration2);
92                  }
93              }
94          }
95  
96          //commit
97          for (Iterator iterator = contextIdToPolicyConfigurationMap.values().iterator(); iterator.hasNext();) {
98              PolicyConfiguration policyConfiguration = (PolicyConfiguration) iterator.next();
99              policyConfiguration.commit();
100         }
101 
102         //refresh policy
103         Policy policy = Policy.getPolicy();
104         policy.refresh();
105 
106         for (Iterator iterator = roleDesignates.entrySet().iterator(); iterator.hasNext();) {
107             Map.Entry entry = (Map.Entry) iterator.next();
108             Subject roleDesignate = (Subject) entry.getValue();
109             ContextManager.registerSubject(roleDesignate);
110             SubjectId id = ContextManager.getSubjectId(roleDesignate);
111             roleDesignate.getPrincipals().add(new IdentificationPrincipal(id));
112         }
113         this.roleDesignates = roleDesignates;
114     }
115 
116     public void doStart() throws Exception {
117 
118     }
119 
120     public void doStop() throws Exception {
121         for (Iterator iterator = roleDesignates.entrySet().iterator(); iterator.hasNext();) {
122              Map.Entry entry = (Map.Entry) iterator.next();
123              Subject roleDesignate = (Subject) entry.getValue();
124              ContextManager.unregisterSubject(roleDesignate);
125          }
126 
127         if (principalRoleMapper != null) {
128             principalRoleMapper.uninstall();
129         }
130 
131         for (Iterator iterator = contextIdToPolicyConfigurationMap.values().iterator(); iterator.hasNext();) {
132             PolicyConfiguration policyConfiguration = (PolicyConfiguration) iterator.next();
133             policyConfiguration.delete();
134         }
135     }
136 
137     public void doFail() {
138 
139     }
140 
141     public static final GBeanInfo GBEAN_INFO;
142 
143     static {
144         GBeanInfoBuilder infoBuilder = GBeanInfoBuilder.createStatic(ApplicationPolicyConfigurationManager.class, NameFactory.JACC_MANAGER);
145         infoBuilder.addAttribute("contextIdToPermissionsMap", Map.class, true);
146         infoBuilder.addAttribute("roleDesignates", Map.class, true);
147         infoBuilder.addAttribute("classLoader", ClassLoader.class, false);
148         infoBuilder.addReference("PrincipalRoleMapper", PrincipalRoleMapper.class, NameFactory.JACC_MANAGER);
149         infoBuilder.setConstructor(new String[] {"contextIdToPermissionsMap", "roleDesignates", "classLoader", "PrincipalRoleMapper"});
150         GBEAN_INFO = infoBuilder.getBeanInfo();
151     }
152 
153     public static GBeanInfo getGBeanInfo() {
154         return GBEAN_INFO;
155     }
156 }