User: stark
Date: 01/03/05 02:26:20
Modified: src/main/org/jboss/security/plugins
JaasSecurityManagerService.java
JaasSecurityManagerServiceMBean.java
Removed: src/main/org/jboss/security/plugins
AbstractServerLoginModule.java
DatabaseServerLoginModule.java
JaasSecurityManager.java
Log:
Moved key security classes to the JBossSX module
Revision Changes Path
1.2 +184 -86
jboss/src/main/org/jboss/security/plugins/JaasSecurityManagerService.java
Index: JaasSecurityManagerService.java
===================================================================
RCS file:
/products/cvs/ejboss/jboss/src/main/org/jboss/security/plugins/JaasSecurityManagerService.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- JaasSecurityManagerService.java 2001/01/10 01:24:11 1.1
+++ JaasSecurityManagerService.java 2001/03/05 10:26:19 1.2
@@ -7,11 +7,9 @@
package org.jboss.security.plugins;
-import java.io.File;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Method;
import java.net.URL;
-import java.rmi.server.UnicastRemoteObject;
-import java.rmi.RemoteException;
-import java.rmi.ServerException;
import java.util.Hashtable;
import java.util.ArrayList;
import java.util.Iterator;
@@ -22,6 +20,7 @@
import javax.naming.RefAddr;
import javax.naming.StringRefAddr;
import javax.naming.Name;
+import javax.naming.NamingException;
import javax.naming.spi.ObjectFactory;
import javax.naming.spi.NamingManager;
import javax.naming.CommunicationException;
@@ -30,75 +29,149 @@
import javax.management.MBeanServer;
import javax.management.ObjectName;
-import javax.security.auth.login.Configuration;
-
import org.jboss.logging.Log;
+import org.jboss.security.SecurityProxyFactory;
import org.jboss.util.ServiceMBeanSupport;
-import org.jboss.security.EJBSecurityManager;
-
import org.jnp.server.NamingServer;
import org.jnp.interfaces.NamingContext;
+import org.jboss.util.CachePolicy;
/**
- * This is a JMX service which manages JaasSecurityManagers.
- * JaasSecurityManagers are responsible for validating credentials
- * associated with principals.
+ * This is a JMX service which manages JAAS based SecurityManagers.
+ * JAAS SecurityManagers are responsible for validating credentials
+ * associated with principals. The service defaults to the
+ * org.jboss.security.plugins.JaasSecurityManager implementation but
+ * this can be changed via the securityManagerClass property.
*
* @see JaasSecurityManager
+ * @see SubjectSecurityManager
* @author <a href="[EMAIL PROTECTED]">Oleg Nitz</a>
* @author <a href="[EMAIL PROTECTED]">Rickard Oberg</a>
+ * @author <a href="mailto:[EMAIL PROTECTED]">Scott Stark</a>
*/
public class JaasSecurityManagerService
extends ServiceMBeanSupport
- implements JaasSecurityManagerServiceMBean, ObjectFactory {
-
- MBeanServer server;
-
- static NamingServer srv;
- static Hashtable jsmMap = new Hashtable();
-
- public String getName()
- {
- return "JAAS Security Manager";
- }
+ implements JaasSecurityManagerServiceMBean, ObjectFactory
+{
+ /** The class that provides the security manager implementation */
+ private static String securityMgrClassName;
+ /** The loaded securityMgrClassName */
+ private static Class securityMgrClass;
+ /** The security credential cache policy, shared by all security mgrs */
+ private static CachePolicy cachePolicy;
+ private static String cacheJndiName;
+ /** The class that provides the SecurityProxyFactory implementation */
+ private static String securityProxyFactoryClassName;
+ private static Class securityProxyFactoryClass;
+
+ static NamingServer srv;
+ static Hashtable jsmMap = new Hashtable();
+
+ public JaasSecurityManagerService()
+ {
+ try
+ { // Use JaasSecurityManager as the default
+
setSecurityManagerClassName("org.jboss.security.plugins.JaasSecurityManager");
+ // Use SubjectSecurityProxyFactory as the default SecurityProxyFactory
+
setSecurityProxyFactoryClassName("org.jboss.security.SubjectSecurityProxyFactory");
+ }
+ catch(ClassNotFoundException e)
+ {
+ }
+ }
+
+ public String getSecurityManagerClassName()
+ {
+ return securityMgrClassName;
+ }
+ public void setSecurityManagerClassName(String className)
+ throws ClassNotFoundException
+ {
+ securityMgrClassName = className;
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ securityMgrClass = loader.loadClass(securityMgrClassName);
+ }
+ public String getSecurityProxyFactoryClassName()
+ {
+ return securityProxyFactoryClassName;
+ }
+ public void setSecurityProxyFactoryClassName(String className)
+ throws ClassNotFoundException
+ {
+ securityProxyFactoryClassName = className;
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ securityProxyFactoryClass = loader.loadClass(securityProxyFactoryClassName);
+ }
+ /** Get the jndi name under which the authentication cache policy is found
+ */
+ public String getAuthenticationCacheJndiName()
+ {
+ return cacheJndiName;
+ }
+ /** Set the jndi name under which the authentication cache policy is found
+ */
+ public void setAuthenticationCacheJndiName(String jndiName)
+ {
+ this.cacheJndiName = jndiName;
+ }
+
+ public String getName()
+ {
+ return "JAAS Security Manager";
+ }
protected ObjectName getObjectName(MBeanServer server, ObjectName name)
throws javax.management.MalformedObjectNameException
{
- this.server = server;
return new ObjectName(OBJECT_NAME);
}
- protected void startService() throws Exception
- {
- srv = new NamingServer();
-
- InitialContext ic = new InitialContext();
-
- // Bind reference to SM subcontext in JNDI
- // Uses JNDI federation to handle the "java:jaas" context ourselves
- RefAddr refAddr = new StringRefAddr("nns", "JSM");
- Reference jsmsRef = new Reference("javax.naming.Context",
refAddr,getClass().getName(), null);
- Context ctx = (Context)new InitialContext();
- ctx.rebind("java:/jaas", jsmsRef);
- }
-
- protected void stopService()
- {
- InitialContext ic;
- try
- {
- ic = new InitialContext();
- ic.unbind("java:/jaas");
- } catch (CommunicationException e)
- {
+ protected void startService() throws Exception
+ {
+ srv = new NamingServer();
+
+ InitialContext ic = new InitialContext();
+
+ // Bind reference to SM subcontext in JNDI
+ // Uses JNDI federation to handle the "java:jaas" context ourselves
+ RefAddr refAddr = new StringRefAddr("nns", "JSM");
+ Reference jsmsRef = new Reference("javax.naming.Context",
refAddr,getClass().getName(), null);
+ Context ctx = new InitialContext();
+ ctx.rebind("java:/jaas", jsmsRef);
+
+ try
+ {
+ if( cacheJndiName != null )
+ cachePolicy = (CachePolicy) ctx.lookup(cacheJndiName);
+ }
+ catch(NamingException e)
+ {
+ }
+ System.out.println("JAAS.startService, cachePolicy="+cachePolicy);
+ // Bind the default SecurityProxyFactory instance under
java:/SecurityProxyFactory
+ SecurityProxyFactory proxyFactory = (SecurityProxyFactory)
securityProxyFactoryClass.newInstance();
+ ctx.bind("java:/SecurityProxyFactory", proxyFactory);
+ System.out.println("JAAS.startService, SecurityProxyFactory="+proxyFactory);
+ }
+
+ protected void stopService()
+ {
+ InitialContext ic;
+ try
+ {
+ ic = new InitialContext();
+ ic.unbind("java:/jaas");
+ }
+ catch (CommunicationException e)
+ {
// Do nothing, the naming services is already stopped
- } catch (Exception e)
- {
- log.exception(e);
- }
- }
+ }
+ catch (Exception e)
+ {
+ log.exception(e);
+ }
+ }
// ObjectFactory implementation ----------------------------------
@@ -122,39 +195,64 @@
* @return
* @exception Exception
*/
- public Object getObjectInstance(Object obj, Name name, Context nameCtx,
Hashtable environment)
- throws Exception
- {
- if (name != null)
- {
- // Handle JaasSecurityManager lookup
- if (name.size() == 0)
- return nameCtx;
-
- return jsmMap.get(name);
- } else
- {
- // Handle "java:jaas" context
- CannotProceedException cpe =
(CannotProceedException)environment.get(NamingManager.CPE);
- Name remainingName = cpe.getRemainingName();
-
- Context ctx = new NamingContext(environment, null, srv);
-
- // Make sure that JSM is available
- try
- {
- srv.lookup(remainingName);
- } catch (Exception e)
- {
- // Not found - add reference to JNDI, and a real JSM to a map
- Reference jsmRef = new Reference(JaasSecurityManager.class.getName(),
getClass().getName(), null);
- ctx.rebind(remainingName, jsmRef);
- jsmMap.put(remainingName, new
JaasSecurityManager(remainingName.toString()));
- }
-
- return ctx;
- }
- }
+ public Object getObjectInstance(Object obj, Name name, Context nameCtx,
Hashtable environment)
+ throws Exception
+ {
+ if (name != null)
+ {
+ // Handle securityManager lookup
+ if (name.size() == 0)
+ return nameCtx;
+ return jsmMap.get(name);
+ }
+ else
+ {
+ // Handle "java:jaas" context
+ CannotProceedException cpe =
(CannotProceedException)environment.get(NamingManager.CPE);
+ Name remainingName = cpe.getRemainingName();
+
+ Context ctx = new NamingContext(environment, null, srv);
+ // Make sure that JSM is available
+ try
+ {
+ srv.lookup(remainingName);
+ }
+ catch(Exception e)
+ {
+ // Not found - add reference to JNDI, and a real security mgr to a
map
+ Reference jsmRef = new Reference(securityMgrClass.getName(),
getClass().getName(), null);
+ ctx.rebind(remainingName, jsmRef);
+ String securityDomain = remainingName.toString();
+ try
+ { // Create instance of securityMgrClass
+ Class[] parameterTypes = {String.class};
+ Constructor ctor =
securityMgrClass.getConstructor(parameterTypes);
+ Object[] args = {securityDomain};
+ Object securityMgr = ctor.newInstance(args);
+System.out.println("JAAS.Created securityMgr="+securityMgr);
+ // See if the security mgr supports an externalized cache policy
+ try
+ {
+ parameterTypes[0] = CachePolicy.class;
+ Method m = securityMgrClass.getMethod("setCachePolicy",
parameterTypes);
+ args[0] = cachePolicy;
+System.out.println("JAAS.setCachePolicy, c="+args[0]);
+ m.invoke(securityMgr, args);
+ }
+ catch(Exception e2)
+ { // No cache policy support, this is ok
+ }
+System.out.println("JAAS.Added "+remainingName+", "+securityMgr+" to map");
+ jsmMap.put(remainingName, securityMgr);
+ }
+ catch(Exception e2)
+ {
+e2.printStackTrace();
+ log.exception(e2);
+ throw e2;
+ }
+ }
+ return ctx;
+ }
+ }
}
-
-
1.2 +22 -0
jboss/src/main/org/jboss/security/plugins/JaasSecurityManagerServiceMBean.java
Index: JaasSecurityManagerServiceMBean.java
===================================================================
RCS file:
/products/cvs/ejboss/jboss/src/main/org/jboss/security/plugins/JaasSecurityManagerServiceMBean.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- JaasSecurityManagerServiceMBean.java 2001/01/10 01:24:12 1.1
+++ JaasSecurityManagerServiceMBean.java 2001/03/05 10:26:20 1.2
@@ -7,6 +7,8 @@
package org.jboss.security.plugins;
+/** The interface for the JaasSecurityManagerService mbean.
+*/
public interface JaasSecurityManagerServiceMBean
extends org.jboss.util.ServiceMBean
{
@@ -14,4 +16,24 @@
public static final String OBJECT_NAME = ":service=JaasSecurityManager";
// Public --------------------------------------------------------
+ /** Get the name of the class that provides the security manager implementation.
+ */
+ public String getSecurityManagerClassName();
+ /** Set the name of the class that provides the security manager implementation.
+ */
+ public void setSecurityManagerClassName(String className) throws
ClassNotFoundException;
+ /** Get the name of the class that provides the SecurityProxyFactory
implementation.
+ */
+ public String getSecurityProxyFactoryClassName();
+ /** Set the name of the class that provides the SecurityProxyFactory
implementation.
+ */
+ public void setSecurityProxyFactoryClassName(String className) throws
ClassNotFoundException;
+ /** Get the jndi name under which the authentication CachePolicy implenentation
+ is found
+ */
+ public String getAuthenticationCacheJndiName();
+ /** Set the jndi name under which the authentication CachePolicy implenentation
+ is found
+ */
+ public void setAuthenticationCacheJndiName(String jndiName);
}
