From aebfad596fc190f05539520471d7d45392db28c1 Mon Sep 17 00:00:00 2001 From: lresende Date: Thu, 19 Mar 2009 06:52:58 +0000 Subject: Adding support for Jaas authentication policy to component services git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@755850 13f79535-47bb-0310-9956-ffa450edef68 --- .../jaas/JaasAuthenticationInterceptor.java | 8 +- .../JaasAuthenticationPolicyProviderFactory.java | 2 +- .../JaasAuthenticationServicePolicyProvider.java | 111 +++++++++++++++++++++ 3 files changed, 117 insertions(+), 4 deletions(-) create mode 100644 branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationServicePolicyProvider.java (limited to 'branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca') diff --git a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationInterceptor.java b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationInterceptor.java index 328c290fad..9b30ff13c8 100644 --- a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationInterceptor.java +++ b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationInterceptor.java @@ -21,6 +21,7 @@ package org.apache.tuscany.sca.policy.security.jaas; import java.util.List; +import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.LoginContext; @@ -61,11 +62,12 @@ public class JaasAuthenticationInterceptor implements Interceptor { public Message invoke(Message msg) { try { for (JaasAuthenticationPolicy policy : authenticationPolicies) { - CallbackHandler callbackHandler = - (CallbackHandler)policy.getCallbackHandlerClass().newInstance(); + CallbackHandler callbackHandler = (CallbackHandler)policy.getCallbackHandlerClass().newInstance(); LoginContext lc = new LoginContext(policy.getConfigurationName(), callbackHandler); lc.login(); - // Subject subject = lc.getSubject(); + // + Subject subject = lc.getSubject(); + System.out.println(">>> Security subject:" + subject.toString()); } } catch (Exception e) { throw new ServiceRuntimeException(e); diff --git a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProviderFactory.java b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProviderFactory.java index 48a42eb711..e7529671a6 100644 --- a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProviderFactory.java +++ b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProviderFactory.java @@ -59,7 +59,7 @@ public class JaasAuthenticationPolicyProviderFactory implements PolicyProviderFa public PolicyProvider createServicePolicyProvider(RuntimeComponent component, RuntimeComponentService service, Binding binding) { - return null; + return new JaasAuthenticationServicePolicyProvider(component, service, binding); } /** diff --git a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationServicePolicyProvider.java b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationServicePolicyProvider.java new file mode 100644 index 0000000000..1ad0467b3a --- /dev/null +++ b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationServicePolicyProvider.java @@ -0,0 +1,111 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.policy.security.jaas; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.tuscany.sca.assembly.Binding; +import org.apache.tuscany.sca.assembly.ConfiguredOperation; +import org.apache.tuscany.sca.assembly.Implementation; +import org.apache.tuscany.sca.assembly.OperationsConfigurator; +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.Interceptor; +import org.apache.tuscany.sca.invocation.Phase; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.provider.PolicyProvider; +import org.apache.tuscany.sca.runtime.RuntimeComponent; +import org.apache.tuscany.sca.runtime.RuntimeComponentService; + +/** + * Policy handler to handle PolicySet containing JaasAuthenticationPolicy instances + * + * @version $Rev$ $Date$ + */ +public class JaasAuthenticationServicePolicyProvider implements PolicyProvider { + private RuntimeComponent component; + private RuntimeComponentService service; + private Binding binding; + + private List operations = new ArrayList(); + + public JaasAuthenticationServicePolicyProvider(RuntimeComponent component, RuntimeComponentService service, Binding binding) { + super(); + this.component = component; + this.service = service; + this.binding = binding; + + this.operations.addAll(service.getInterfaceContract().getInterface().getOperations()); + } + + private List findPolicies(Operation op) { + List polices = new ArrayList(); + // FIXME: How do we get a list of effective policySets for a given operation? + for(Operation operation : operations) { + if (operation.getName().equals(op.getName())) { + for (PolicySet ps : operation.getPolicySets()) { + for (Object p : ps.getPolicies()) { + if (JaasAuthenticationPolicy.class.isInstance(p)) { + polices.add((JaasAuthenticationPolicy)p); + } + } + } + } + } + + if (service instanceof OperationsConfigurator) { + OperationsConfigurator operationsConfigurator = (OperationsConfigurator)service; + for (ConfiguredOperation cop : operationsConfigurator.getConfiguredOperations()) { + if (cop.getName().equals(op.getName())) { + for (PolicySet ps : cop.getApplicablePolicySets()) { + for (Object p : ps.getPolicies()) { + if (JaasAuthenticationPolicy.class.isInstance(p)) { + polices.add((JaasAuthenticationPolicy)p); + } + } + } + } + } + } + + List policySets = service.getPolicySets(); + for (PolicySet ps : policySets) { + for (Object p : ps.getPolicies()) { + if (JaasAuthenticationPolicy.class.isInstance(p)) { + polices.add((JaasAuthenticationPolicy)p); + } + } + } + + return polices; + } + + public Interceptor createInterceptor(Operation operation) { + List policies = findPolicies(operation); + if (policies == null || policies.isEmpty()) { + return null; + } else { + return new JaasAuthenticationInterceptor(policies); + } + } + + public String getPhase() { + return Phase.SERVICE_BINDING_POLICY; + } +} -- cgit v1.2.3