001: /*
002: jGuard is a security framework based on top of jaas (java authentication and authorization security).
003: it is written for web applications, to resolve simply, access control problems.
004: version $Name$
005: http://sourceforge.net/projects/jguard/
006:
007: Copyright (C) 2004 Charles GAY
008:
009: This library is free software; you can redistribute it and/or
010: modify it under the terms of the GNU Lesser General Public
011: License as published by the Free Software Foundation; either
012: version 2.1 of the License, or (at your option) any later version.
013:
014: This library is distributed in the hope that it will be useful,
015: but WITHOUT ANY WARRANTY; without even the implied warranty of
016: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
017: Lesser General Public License for more details.
018:
019: You should have received a copy of the GNU Lesser General Public
020: License along with this library; if not, write to the Free Software
021: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
022:
023:
024: jGuard project home page:
025: http://sourceforge.net/projects/jguard/
026:
027: */
028: package net.sf.jguard.core.authentication.configuration;
029:
030: import java.util.ArrayList;
031: import java.util.Iterator;
032: import java.util.List;
033: import java.util.Map;
034: import java.util.logging.Level;
035: import java.util.logging.Logger;
036:
037: import javax.security.auth.login.AppConfigurationEntry;
038: import javax.security.auth.login.Configuration;
039:
040: import net.sf.jguard.core.CoreConstants;
041:
042: /**
043: * utility class to deal with the {@link javax.security.auth.login.Configuration} class.
044: * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
045: */
046: public class ConfigurationHelper {
047:
048: private static String scope;
049:
050: private static boolean configurationInstalled = false;
051: private static Logger logger = Logger
052: .getLogger(ConfigurationHelper.class.getName());
053: private final static String COM_SUN_SECURITY_AUTH_LOGIN_CONFIG_FILE = "com.sun.security.auth.login.ConfigFile";
054:
055: /**
056: * add the required AppConfigurationEntry when no none is configured for the webapp.
057: * @param applicationName
058: * @param authenticationSettings
059: * @param debug
060: */
061: public static void addConfigurationEntryForWebapp(
062: JGuardConfiguration configuration, String applicationName,
063: Map authenticationSettings, boolean debug) {
064: List webappEntries = buildAppConfigurationEntries(
065: applicationName, authenticationSettings, debug);
066: configuration.addConfigEntriesForApplication(applicationName,
067: webappEntries);
068: }
069:
070: /**
071: * install JGuardConfiguration.
072: * @param includeOldConfiguration include informations contained in the replaced configuration instance
073: * @param includeConfigFromJavaParam
074: * @throws RuntimeException
075: */
076: public static void installConfiguration(
077: boolean includeOldConfiguration,
078: boolean includeConfigFromJavaParam) throws RuntimeException {
079: if (!configurationInstalled) {
080: includeConfigFromJavaParam = false;
081: }
082: JGuardConfiguration jGuardConf = installWithOldConfig(includeOldConfiguration);
083:
084: if (includeConfigFromJavaParam) {
085: //TODO build a Configuration object to include from the configuration file
086: try {
087: Class defaultConfigClass = Class
088: .forName(ConfigurationHelper.COM_SUN_SECURITY_AUTH_LOGIN_CONFIG_FILE);
089: Configuration defaultConfiguration = (Configuration) defaultConfigClass
090: .newInstance();
091: jGuardConf.includeConfiguration(defaultConfiguration);
092: } catch (ClassNotFoundException e) {
093: logger
094: .log(
095: Level.SEVERE,
096: ConfigurationHelper.COM_SUN_SECURITY_AUTH_LOGIN_CONFIG_FILE
097: + " class cannot be found "
098: + e.getMessage());
099: } catch (InstantiationException e) {
100: logger
101: .log(
102: Level.SEVERE,
103: ConfigurationHelper.COM_SUN_SECURITY_AUTH_LOGIN_CONFIG_FILE
104: + " class cannot be instantiated "
105: + e.getMessage());
106: } catch (IllegalAccessException e) {
107: logger
108: .log(
109: Level.SEVERE,
110: ConfigurationHelper.COM_SUN_SECURITY_AUTH_LOGIN_CONFIG_FILE
111: + " class cannot be accessed "
112: + e.getMessage());
113: }
114:
115: }
116:
117: }
118:
119: /**
120: *
121: * @param includeOldConfiguration
122: * @return
123: * @throws RuntimeException
124: */
125: private static JGuardConfiguration installWithOldConfig(
126: boolean includeOldConfiguration) throws RuntimeException {
127: JGuardConfiguration jGuardConf;
128: Configuration oldConfiguration = null;
129: boolean skipOldConfig = false;
130: try {
131: oldConfiguration = Configuration.getConfiguration();
132: logger.log(Level.FINE, " oldConfiguration="
133: + oldConfiguration.getClass().getName());
134: logger.log(Level.FINE, " oldConfiguration="
135: + oldConfiguration);
136:
137: } catch (SecurityException sex) {
138: skipOldConfig = true;
139: logger
140: .log(
141: Level.FINE,
142: " addConfigurationEntryForWebapp() - exception raised when we try to retrieve the default Configuration instance ");
143: logger.log(Level.FINE,
144: " addConfigurationEntryForWebapp() - "
145: + sex.getMessage());
146: logger.log(Level.FINE,
147: " jGuard will not include the old Configuration ");
148: } catch (NullPointerException npe) {
149: skipOldConfig = true;
150: logger
151: .log(
152: Level.FINE,
153: "addConfigurationEntryForWebapp() - a NullPointerException has been raised when the default configuration :no configuration is defined ");
154: logger.log(Level.FINE,
155: "addConfigurationEntryForWebapp() - "
156: + npe.getMessage());
157: }
158:
159: //we override the current Configuration to JGuardConfiguration
160: //only if the current Configuration is not a JGuardConfiguration instance
161: if (oldConfiguration == null
162: || (!oldConfiguration.getClass().getName().equals(
163: JGuardConfiguration.class.getName()))) {
164: jGuardConf = new JGuardConfiguration();
165: Configuration.setConfiguration(jGuardConf);
166: logger.log(Level.INFO, " JGuardConfiguration is set ");
167: //it is a JGuardConfiguration but with a class not loaded with this classloader
168: } else if (!oldConfiguration.getClass().equals(
169: JGuardConfiguration.class)
170: && oldConfiguration.getClass().getName().equals(
171: JGuardConfiguration.class.getName())) {
172: logger
173: .log(
174: Level.SEVERE,
175: " jGuard_jvm must be placed under the shared libraries directory or on the jvm side, not in the WEB-INF/lib directory of the webapp ");
176: throw new RuntimeException(
177: " jGuard_jvm must be placed under the shared libraries directory or on the jvm side, not in the WEB-INF/lib directory of the webapp ");
178: } else {
179: jGuardConf = (JGuardConfiguration) Configuration
180: .getConfiguration();
181: logger.log(Level.FINE, "configuration="
182: + oldConfiguration.getClass().getName());
183: logger.log(Level.FINE,
184: " JGuardConfiguration is already set ");
185: // we don't include the old Configuration
186: //because the old Configuration is kept: it's already a jGuardConfiguration
187: skipOldConfig = true;
188: }
189:
190: //there is no configuration entries for the webapp
191: if (!skipOldConfig && includeOldConfiguration == true) {
192: logger.log(Level.INFO,
193: " jGuard include the old Configuration ");
194: jGuardConf.includeConfiguration(oldConfiguration);
195: }
196:
197: //we should only execute one time this method per webapp
198: configurationInstalled = true;
199: return jGuardConf;
200: }
201:
202: /**
203: * build the list of AppConfigurationEntry.
204: * @param applicationName
205: * @param authSettings
206: * @param debug
207: * @return list built
208: */
209: private static List buildAppConfigurationEntries(
210: String applicationName, Map authSettings, boolean debug) {
211: List appConfigurationEntryList = new ArrayList();
212:
213: List loginModules = (List) authSettings
214: .get(CoreConstants.LOGIN_MODULES);
215: Iterator itLoginModules = loginModules.iterator();
216: while (itLoginModules.hasNext()) {
217: Map loginModuleMap = (Map) itLoginModules.next();
218: String loginModuleClassName = (String) loginModuleMap
219: .get(CoreConstants.NAME);
220: String loginModuleFlag = (String) loginModuleMap
221: .get(CoreConstants.FLAG);
222: AppConfigurationEntry.LoginModuleControlFlag controlFlag;
223: if (loginModuleFlag
224: .equalsIgnoreCase(CoreConstants.REQUIRED)) {
225: controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
226: } else if (loginModuleFlag
227: .equalsIgnoreCase(CoreConstants.OPTIONAL)) {
228: controlFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
229: } else if (loginModuleFlag
230: .equalsIgnoreCase(CoreConstants.REQUISITE)) {
231: controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
232: } else if (loginModuleFlag
233: .equalsIgnoreCase(CoreConstants.SUFFICIENT)) {
234: controlFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
235: } else {
236: throw new IllegalArgumentException(
237: " invalid loginModuleControlFlag ="
238: + loginModuleFlag
239: + " is neither OPTIONAL,REQUIRED,REQUISITE nor SUFFICIENT ");
240: }
241: Map loginModuleOptions = (Map) loginModuleMap
242: .get(CoreConstants.LOGIN_MODULE_OPTIONS);
243: loginModuleOptions.put(CoreConstants.APPLICATION_NAME,
244: applicationName);
245: AppConfigurationEntry entry = new AppConfigurationEntry(
246: loginModuleClassName, controlFlag,
247: loginModuleOptions);
248: appConfigurationEntryList.add(entry);
249: }
250: if (appConfigurationEntryList.size() == 0) {
251: throw new IllegalArgumentException(
252: " no loginModules have been configured for the application="
253: + applicationName);
254: }
255: return appConfigurationEntryList;
256: }
257:
258: public static String getScope() {
259: return scope;
260: }
261:
262: }
|