From 51d861965de400328dc7df308bae94fb01259ed4 Mon Sep 17 00:00:00 2001 From: antelder Date: Wed, 8 Feb 2012 08:37:40 +0000 Subject: Tag for rc0 preview of beta4 release git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1241816 13f79535-47bb-0310-9956-ffa450edef68 --- .../tuscany/sca/policy/security/SecurityUtil.java | 65 +++++++++ .../sca/policy/security/http/ssl/HTTPSPolicy.java | 130 +++++++++++++++++ .../security/http/ssl/HTTPSPolicyProcessor.java | 156 +++++++++++++++++++++ ...AuthenticationImplementationPolicyProvider.java | 60 ++++++++ .../jaas/JaasAuthenticationInterceptor.java | 81 +++++++++++ .../security/jaas/JaasAuthenticationPolicy.java | 71 ++++++++++ .../jaas/JaasAuthenticationPolicyHandler.java | 71 ++++++++++ .../jaas/JaasAuthenticationPolicyProcessor.java | 148 +++++++++++++++++++ .../JaasAuthenticationPolicyProviderFactory.java | 60 ++++++++ 9 files changed, 842 insertions(+) create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityUtil.java create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/http/ssl/HTTPSPolicy.java create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/http/ssl/HTTPSPolicyProcessor.java create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationImplementationPolicyProvider.java create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationInterceptor.java create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicy.java create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyHandler.java create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProcessor.java create mode 100644 sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProviderFactory.java (limited to 'sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security') diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityUtil.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityUtil.java new file mode 100644 index 0000000000..50349cdf88 --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/SecurityUtil.java @@ -0,0 +1,65 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.policy.security; + +import java.security.Principal; + +import javax.security.auth.Subject; + +import org.apache.tuscany.sca.invocation.Message; + + +/** + * Some utilities for dealing with security information in a Tuscany message + * + * @version $Rev$ $Date$ + * @tuscany.spi.extension.asclient + */ +public class SecurityUtil { + + public static String SubjectString = "Subject"; + public static String PrincipalString = "Principal"; + + public static Subject getSubject(Message msg){ + + Subject subject = (Subject)msg.getHeaders().get(SubjectString); + + if (subject == null){ + subject = new Subject(); + msg.getHeaders().put(SubjectString, subject); + } + + return subject; + } + + public static T getPrincipal(Subject subject, Class clazz){ + for (Principal msgPrincipal : subject.getPrincipals() ){ + if (clazz.isInstance(msgPrincipal)){ + return clazz.cast(msgPrincipal); + } + } + + return null; + } + + public static Principal getPrincipal(Message msg){ + + return (Principal)msg.getHeaders().get(PrincipalString); + } +} diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/http/ssl/HTTPSPolicy.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/http/ssl/HTTPSPolicy.java new file mode 100644 index 0000000000..cef6eebadc --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/http/ssl/HTTPSPolicy.java @@ -0,0 +1,130 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.policy.security.http.ssl; + +import java.util.Properties; + +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.assembly.xml.Constants; + +/** + * Models the SCA Implementation Security Policy Assertion for Confidentiality. + * + * This would map to enabling SSL communication and would require + * the following configuration items : + * + * - javax.net.ssl.keyStore + * - javax.net.ssl.keyStorePassword + * - javax.net.ssl.keyStoreType + * + * - javax.net.ssl.trustStoreType + * - javax.net.ssl.trustStore + * - javax.net.ssl.trustStorePassword + * + * @version $Rev$ $Date$ + */ +public class HTTPSPolicy { + public static final QName NAME = new QName(Constants.SCA11_TUSCANY_NS, "https"); + + private String trustStoreType; + private String trustStore; + private String trustStorePassword; + + private String keyStoreType; + private String keyStore; + private String keyStorePassword; + + + public String getTrustStoreType() { + return trustStoreType; + } + + public void setTrustStoreType(String trustStoreType) { + this.trustStoreType = trustStoreType; + } + + public String getTrustStore() { + return trustStore; + } + + public void setTrustStore(String trustStore) { + this.trustStore = trustStore; + } + + public String getTrustStorePassword() { + return trustStorePassword; + } + + public void setTrustStorePassword(String trustStorePassword) { + this.trustStorePassword = trustStorePassword; + } + + public String getKeyStoreType() { + return keyStoreType; + } + + public void setKeyStoreType(String keyStoreType) { + this.keyStoreType = keyStoreType; + } + + public String getKeyStore() { + return keyStore; + } + + public void setKeyStore(String keyStore) { + this.keyStore = keyStore; + } + + public String getKeyStorePassword() { + return keyStorePassword; + } + + public void setKeyStorePassword(String keyStorePassword) { + this.keyStorePassword = keyStorePassword; + } + + public QName getSchemaName() { + return NAME; + } + + public boolean isUnresolved() { + return false; + } + + public void setUnresolved(boolean unresolved) { + + } + + public Properties toProperties() { + Properties properties = new Properties(); + + properties.put("javax.net.ssl.trustStoreType", trustStoreType); + properties.put("javax.net.ssl.trustStore", trustStore); + properties.put("javax.net.ssl.trustStorePassword", trustStorePassword); + + properties.put("javax.net.ssl.keyStoreType", keyStoreType); + properties.put("javax.net.ssl.keyStore", keyStore); + properties.put("javax.net.ssl.keyStorePassword", keyStorePassword); + + return properties; + } + +} diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/http/ssl/HTTPSPolicyProcessor.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/http/ssl/HTTPSPolicyProcessor.java new file mode 100644 index 0000000000..b0d6da194c --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/http/ssl/HTTPSPolicyProcessor.java @@ -0,0 +1,156 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.policy.security.http.ssl; + +import static javax.xml.stream.XMLStreamConstants.END_ELEMENT; +import static javax.xml.stream.XMLStreamConstants.START_ELEMENT; + +import javax.xml.namespace.QName; +import javax.xml.stream.XMLStreamException; +import javax.xml.stream.XMLStreamReader; +import javax.xml.stream.XMLStreamWriter; + +import org.apache.tuscany.sca.assembly.xml.Constants; +import org.apache.tuscany.sca.contribution.processor.ContributionReadException; +import org.apache.tuscany.sca.contribution.processor.ContributionResolveException; +import org.apache.tuscany.sca.contribution.processor.ContributionWriteException; +import org.apache.tuscany.sca.contribution.processor.ProcessorContext; +import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor; +import org.apache.tuscany.sca.contribution.resolver.ModelResolver; +import org.apache.tuscany.sca.core.FactoryExtensionPoint; +import org.apache.tuscany.sca.monitor.Monitor; + +public class HTTPSPolicyProcessor implements StAXArtifactProcessor { + private static final QName KEY_STORE_QNAME = new QName(Constants.SCA11_TUSCANY_NS, "keyStore"); + private static final QName TRUST_STORE_QNAME = new QName(Constants.SCA11_TUSCANY_NS, "trustStore"); + + public HTTPSPolicyProcessor(FactoryExtensionPoint modelFactories) { + } + + public QName getArtifactType() { + return HTTPSPolicy.NAME; + } + + public Class getModelType() { + return HTTPSPolicy.class; + } + + public HTTPSPolicy read(XMLStreamReader reader, ProcessorContext context) throws ContributionReadException, XMLStreamException { + HTTPSPolicy policy = new HTTPSPolicy(); + int event = reader.getEventType(); + QName start = reader.getName(); + QName name = null; + while (true) { + switch (event) { + case START_ELEMENT: + name = reader.getName(); + if(KEY_STORE_QNAME.equals(name)) { + // + String type = reader.getAttributeValue(null, "type"); + if(type == null) { + Monitor.error(context.getMonitor(), + this, + "policy-security-validation-messages", + "RequiredAttributeKeyStoreTypeMissing"); + } else { + policy.setKeyStoreType(type); + } + + String file = reader.getAttributeValue(null, "file"); + if(file == null) { + Monitor.error(context.getMonitor(), + this, + "policy-security-validation-messages", + "RequiredAttributeKeyStoreFileMissing"); + } else { + policy.setKeyStore(file); + } + + String password = reader.getAttributeValue(null, "password"); + if(file == null) { + Monitor.error(context.getMonitor(), + this, + "policy-security-validation-messages", + "RequiredAttributeKeyStorePasswordMissing"); + } else { + policy.setKeyStorePassword(password); + } + + } else if(TRUST_STORE_QNAME.equals(name)) { + // + String type = reader.getAttributeValue(null, "type"); + if(type == null) { + Monitor.error(context.getMonitor(), + this, + "policy-security-validation-messages", + "RequiredAttributeTrustStoreTypeMissing"); + } else { + policy.setTrustStoreType(type); + } + + String file = reader.getAttributeValue(null, "file"); + if(file == null) { + Monitor.error(context.getMonitor(), + this, + "policy-security-validation-messages", + "RequiredAttributeTrustStoreFileMissing"); + } else { + policy.setTrustStore(file); + } + + String password = reader.getAttributeValue(null, "password"); + if(file == null) { + Monitor.error(context.getMonitor(), + this, + "policy-security-validation-messages", + "RequiredAttributeTrustStorePasswordMissing"); + } else { + policy.setTrustStorePassword(password); + } + + } + break; + case END_ELEMENT: + if (start.equals(reader.getName())) { + if (reader.hasNext()) { + reader.next(); + } + return policy; + } + + } + if (reader.hasNext()) { + event = reader.next(); + } else { + return policy; + } + } } + + public void write(HTTPSPolicy model, XMLStreamWriter writer, ProcessorContext context) throws ContributionWriteException, + XMLStreamException { + // TODO + + } + + public void resolve(HTTPSPolicy model, ModelResolver resolver, ProcessorContext context) throws ContributionResolveException { + + } + +} diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationImplementationPolicyProvider.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationImplementationPolicyProvider.java new file mode 100644 index 0000000000..f131d5bed4 --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationImplementationPolicyProvider.java @@ -0,0 +1,60 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.policy.security.jaas; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.tuscany.sca.assembly.Implementation; +import org.apache.tuscany.sca.interfacedef.Operation; +import org.apache.tuscany.sca.invocation.PhasedInterceptor; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.provider.BasePolicyProvider; +import org.apache.tuscany.sca.runtime.RuntimeComponent; + +/** + * Policy handler to handle PolicySet containing JaasAuthenticationPolicy instances + * + * @version $Rev$ $Date$ + */ +public class JaasAuthenticationImplementationPolicyProvider extends BasePolicyProvider { + private RuntimeComponent component; + private Implementation implementation; + + public JaasAuthenticationImplementationPolicyProvider(RuntimeComponent component) { + super(JaasAuthenticationPolicy.class, component.getImplementation()); + this.component = component; + this.implementation = component.getImplementation(); + } + + public PhasedInterceptor createInterceptor(Operation operation) { + List policies = findPolicies(operation); + if (policies == null || policies.isEmpty()) { + return null; + } else { + return new JaasAuthenticationInterceptor(findPolicies(operation)); + } + } + + public void start() { + } + + public void stop() { + } +} diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationInterceptor.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationInterceptor.java new file mode 100644 index 0000000000..247243fcf8 --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationInterceptor.java @@ -0,0 +1,81 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.policy.security.jaas; + +import java.util.List; + +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.login.LoginContext; + +import org.apache.tuscany.sca.invocation.Invoker; +import org.apache.tuscany.sca.invocation.Message; +import org.apache.tuscany.sca.invocation.Phase; +import org.apache.tuscany.sca.invocation.PhasedInterceptor; +import org.oasisopen.sca.ServiceRuntimeException; + +/** + * @version $Rev$ $Date$ + */ +public class JaasAuthenticationInterceptor implements PhasedInterceptor { + private List authenticationPolicies; + private Invoker next; + + public JaasAuthenticationInterceptor(List authenticationPolicies) { + super(); + this.authenticationPolicies = authenticationPolicies; + } + + /** + * @see org.apache.tuscany.sca.invocation.Interceptor#getNext() + */ + public Invoker getNext() { + return next; + } + + /** + * @see org.apache.tuscany.sca.invocation.Interceptor#setNext(org.apache.tuscany.sca.invocation.Invoker) + */ + public void setNext(Invoker next) { + this.next = next; + } + + /** + * @see org.apache.tuscany.sca.invocation.Invoker#invoke(org.apache.tuscany.sca.invocation.Message) + */ + public Message invoke(Message msg) { + try { + for (JaasAuthenticationPolicy policy : authenticationPolicies) { + CallbackHandler callbackHandler = + (CallbackHandler)policy.getCallbackHandlerClass().newInstance(); + LoginContext lc = new LoginContext(policy.getConfigurationName(), callbackHandler); + lc.login(); + // Subject subject = lc.getSubject(); + } + } catch (Exception e) { + throw new ServiceRuntimeException(e); + } + return getNext().invoke(msg); + } + + public String getPhase() { + return Phase.IMPLEMENTATION_POLICY; + } + +} diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicy.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicy.java new file mode 100644 index 0000000000..65d8b5c597 --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicy.java @@ -0,0 +1,71 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.policy.security.jaas; + +import javax.xml.namespace.QName; + +/** + * + * @version $Rev$ $Date$ + */ +public class JaasAuthenticationPolicy { + private static final String SCA10_TUSCANY_NS = "http://tuscany.apache.org/xmlns/sca/1.1"; + public static final QName NAME = new QName(SCA10_TUSCANY_NS, "jaasAuthentication"); + + private String configurationName = "other"; + private String callbackHandlerClassName; + private Class callbackHandlerClass; + + public String getCallbackHandlerClassName() { + return callbackHandlerClassName; + } + + public void setCallbackHandlerClassName(String callbackHandlerClassName) { + this.callbackHandlerClassName = callbackHandlerClassName; + } + + public Class getCallbackHandlerClass() { + return callbackHandlerClass; + } + + public void setCallbackHandlerClass(Class callbackHandlerClass) { + this.callbackHandlerClass = callbackHandlerClass; + } + + public QName getSchemaName() { + return NAME; + } + + public boolean isUnresolved() { + return false; + } + + public void setUnresolved(boolean unresolved) { + } + + public String getConfigurationName() { + return configurationName; + } + + public void setConfigurationName(String configurationName) { + this.configurationName = configurationName; + } + +} diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyHandler.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyHandler.java new file mode 100644 index 0000000000..16629e4c6b --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyHandler.java @@ -0,0 +1,71 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.policy.security.jaas; + +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.login.LoginContext; +import javax.xml.namespace.QName; + +import org.apache.tuscany.sca.policy.PolicySet; + +/** + * Policy handler to handle PolicySet containing JaasAuthenticationPolicy instances + * + * @version $Rev$ $Date$ + */ +public class JaasAuthenticationPolicyHandler { + private static final String jaasPolicy = "JaasPolicy"; + private static final String SCA10_TUSCANY_NS = "http://tuscany.apache.org/xmlns/sca/1.1"; + public static final QName policySetQName = new QName(SCA10_TUSCANY_NS, jaasPolicy); + private PolicySet applicablePolicySet = null; + + public void setUp(Object... context) { + if (applicablePolicySet != null) { + } + } + + public void cleanUp(Object... context) { + } + + public void beforeInvoke(Object... context) { + try { + JaasAuthenticationPolicy policy = (JaasAuthenticationPolicy)applicablePolicySet.getPolicies().get(0); + CallbackHandler callbackHandler = + (CallbackHandler)policy.getCallbackHandlerClass().newInstance(); + LoginContext lc = new LoginContext(policy.getConfigurationName(), callbackHandler); + lc.login(); + } catch (Exception e) { + throw new RuntimeException(e); + } + + } + + public void afterInvoke(Object... context) { + + } + + public PolicySet getApplicablePolicySet() { + return applicablePolicySet; + } + + public void setApplicablePolicySet(PolicySet applicablePolicySet) { + this.applicablePolicySet = applicablePolicySet; + } +} diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProcessor.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProcessor.java new file mode 100644 index 0000000000..b9ab68aa2f --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProcessor.java @@ -0,0 +1,148 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.tuscany.sca.policy.security.jaas; + +import static javax.xml.stream.XMLStreamConstants.END_ELEMENT; +import static javax.xml.stream.XMLStreamConstants.START_ELEMENT; + +import javax.xml.namespace.QName; +import javax.xml.stream.XMLStreamException; +import javax.xml.stream.XMLStreamReader; +import javax.xml.stream.XMLStreamWriter; + +import org.apache.tuscany.sca.contribution.processor.ContributionReadException; +import org.apache.tuscany.sca.contribution.processor.ContributionResolveException; +import org.apache.tuscany.sca.contribution.processor.ContributionWriteException; +import org.apache.tuscany.sca.contribution.processor.ProcessorContext; +import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor; +import org.apache.tuscany.sca.contribution.resolver.ClassReference; +import org.apache.tuscany.sca.contribution.resolver.ModelResolver; +import org.apache.tuscany.sca.core.FactoryExtensionPoint; +import org.apache.tuscany.sca.monitor.Monitor; +import org.apache.tuscany.sca.monitor.Problem; +import org.apache.tuscany.sca.monitor.Problem.Severity; + +/** + * + * @version $Rev$ $Date$ + */ +public class JaasAuthenticationPolicyProcessor implements StAXArtifactProcessor { + private static final QName JAAS_AUTHENTICATION_POLICY_QNAME = JaasAuthenticationPolicy.NAME; + private static final String callbackHandler = "callbackHandler"; + private static final String SCA10_TUSCANY_NS = "http://tuscany.apache.org/xmlns/sca/1.1"; + public static final QName CALLBACK_HANDLER_QNAME = new QName(SCA10_TUSCANY_NS, callbackHandler); + public static final QName CONFIGURATION_QNAME = new QName(SCA10_TUSCANY_NS, "configurationName"); + + + public QName getArtifactType() { + return JAAS_AUTHENTICATION_POLICY_QNAME; + } + + public JaasAuthenticationPolicyProcessor(FactoryExtensionPoint modelFactories) { + } + + /** + * Report a error. + * + * @param problems + * @param message + * @param model + */ + private void error(Monitor monitor, String message, Object model, Object... messageParameters) { + if (monitor != null) { + Problem problem = monitor.createProblem(this.getClass().getName(), "policy-security-validation-messages", Severity.ERROR, model, message, (Object[])messageParameters); + monitor.problem(problem); + } + } + + public JaasAuthenticationPolicy read(XMLStreamReader reader, ProcessorContext context) throws ContributionReadException, XMLStreamException { + JaasAuthenticationPolicy policy = new JaasAuthenticationPolicy(); + int event = reader.getEventType(); + QName name = null; + + while (reader.hasNext()) { + event = reader.getEventType(); + switch (event) { + case START_ELEMENT : { + name = reader.getName(); + if (name.equals(CALLBACK_HANDLER_QNAME)) { + String callbackHandlerClassName = reader.getElementText(); + if (callbackHandlerClassName != null) { + policy.setCallbackHandlerClassName(callbackHandlerClassName.trim()); + } + } + if (name.equals(CONFIGURATION_QNAME)) { + String configurationName = reader.getElementText(); + if (configurationName != null) { + policy.setConfigurationName(configurationName.trim()); + } + } + + break; + } + } + + if ( event == END_ELEMENT ) { + if ( JAAS_AUTHENTICATION_POLICY_QNAME.equals(reader.getName()) ) { + break; + } + } + + //Read the next element + if (reader.hasNext()) { + reader.next(); + } + } + + return policy; + } + + public void write(JaasAuthenticationPolicy policy, XMLStreamWriter writer, ProcessorContext context) throws ContributionWriteException, + XMLStreamException { + String prefix = "tuscany"; + writer.writeStartElement(prefix, + JAAS_AUTHENTICATION_POLICY_QNAME.getLocalPart(), + JAAS_AUTHENTICATION_POLICY_QNAME.getNamespaceURI()); + writer.writeNamespace("tuscany", SCA10_TUSCANY_NS); + + + writer.writeEndElement(); + } + + public Class getModelType() { + return JaasAuthenticationPolicy.class; + } + + public void resolve(JaasAuthenticationPolicy policy, ModelResolver resolver, ProcessorContext context) throws ContributionResolveException { + + if (policy.getCallbackHandlerClassName() != null) { + ClassReference classReference = new ClassReference(policy.getCallbackHandlerClassName()); + classReference = resolver.resolveModel(ClassReference.class, classReference, context); + Class callbackClass = classReference.getJavaClass(); + if (callbackClass == null) { + error(context.getMonitor(), "ClassNotFoundException", resolver, policy.getCallbackHandlerClassName()); + //throw new ContributionResolveException(new ClassNotFoundException(policy.getCallbackHandlerClassName())); + } else { + policy.setCallbackHandlerClass(callbackClass); + policy.setUnresolved(false); + } + } + } + +} diff --git a/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProviderFactory.java b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProviderFactory.java new file mode 100644 index 0000000000..ab1ab1870f --- /dev/null +++ b/sca-java-2.x/tags/2.0-Beta4-RC0/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/security/jaas/JaasAuthenticationPolicyProviderFactory.java @@ -0,0 +1,60 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.policy.security.jaas; + +import org.apache.tuscany.sca.assembly.Endpoint; +import org.apache.tuscany.sca.assembly.EndpointReference; +import org.apache.tuscany.sca.core.ExtensionPointRegistry; +import org.apache.tuscany.sca.provider.PolicyProvider; +import org.apache.tuscany.sca.provider.PolicyProviderFactory; +import org.apache.tuscany.sca.runtime.RuntimeComponent; + +/** + * @version $Rev$ $Date$ + */ +public class JaasAuthenticationPolicyProviderFactory implements PolicyProviderFactory { + + public JaasAuthenticationPolicyProviderFactory(ExtensionPointRegistry registry) { + super(); + } + + public PolicyProvider createImplementationPolicyProvider(RuntimeComponent component) { + return new JaasAuthenticationImplementationPolicyProvider(component); + } + + public PolicyProvider createReferencePolicyProvider(EndpointReference endpointReference) { + return null; + } + + /** + * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createServicePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentService, org.apache.tuscany.sca.assembly.Binding) + */ + public PolicyProvider createServicePolicyProvider(Endpoint endpoint) { + return null; + } + + /** + * @see org.apache.tuscany.sca.provider.ProviderFactory#getModelType() + */ + public Class getModelType() { + return JaasAuthenticationPolicy.class; + } + +} -- cgit v1.2.3