001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.resource.security;
023:
024: import java.util.Map;
025: import javax.management.MBeanServer;
026: import javax.management.MalformedObjectNameException;
027: import javax.management.ObjectName;
028: import javax.resource.spi.ManagedConnectionFactory;
029: import javax.security.auth.Subject;
030: import javax.security.auth.callback.CallbackHandler;
031: import javax.security.auth.login.LoginException;
032:
033: import org.jboss.logging.Logger;
034: import org.jboss.mx.util.MBeanServerLocator;
035: import org.jboss.security.auth.spi.AbstractServerLoginModule;
036:
037: /** A base login module that provides access to the ManagedConnectionFactory
038: * needed by the PasswordCredential.
039: *
040: * @see javax.resource.spi.security.PasswordCredential
041: *
042: * @author <a href="mailto:d_jencks@users.sourceforge.net">David Jencks</a>
043: * @author Scott.Stark@jboss.org
044: * @version $Revision: 57189 $
045: */
046: public abstract class AbstractPasswordCredentialLoginModule extends
047: AbstractServerLoginModule {
048: private static final Logger log = Logger
049: .getLogger(AbstractPasswordCredentialLoginModule.class);
050: private MBeanServer server;
051: private ObjectName managedConnectionFactoryName;
052: private ManagedConnectionFactory mcf;
053: /** A flag that allows a missing MCF service to be ignored */
054: private Boolean ignoreMissigingMCF;
055:
056: public AbstractPasswordCredentialLoginModule() {
057:
058: }
059:
060: public void initialize(Subject subject, CallbackHandler handler,
061: Map sharedState, Map options) {
062: super .initialize(subject, handler, sharedState, options);
063: String name = (String) options
064: .get("managedConnectionFactoryName");
065: try {
066: managedConnectionFactoryName = new ObjectName(name);
067: } catch (MalformedObjectNameException mone) {
068: throw new IllegalArgumentException("Malformed ObjectName: "
069: + name);
070: }
071:
072: if (managedConnectionFactoryName == null) {
073: throw new IllegalArgumentException(
074: "Must supply a managedConnectionFactoryName!");
075: }
076: Object flag = options.get("ignoreMissigingMCF");
077: if (flag instanceof Boolean)
078: ignoreMissigingMCF = (Boolean) flag;
079: else if (flag != null)
080: ignoreMissigingMCF = Boolean.valueOf(flag.toString());
081: server = MBeanServerLocator.locateJBoss();
082: getMcf();
083: }
084:
085: /** Return false if there is no mcf, else return super.login(). Override
086: * to provide custom authentication.
087: *
088: * @return false if there is no mcf, else return super.login().
089: * @exception LoginException if an error occurs
090: */
091: public boolean login() throws LoginException {
092: if (mcf == null) {
093: return false;
094: }
095: return super .login();
096: }
097:
098: public boolean logout() throws LoginException {
099: removeCredentials();
100: return super .logout();
101: }
102:
103: protected ManagedConnectionFactory getMcf() {
104: if (mcf == null) {
105: try {
106: mcf = (ManagedConnectionFactory) server.getAttribute(
107: managedConnectionFactoryName,
108: "ManagedConnectionFactory");
109: } catch (Exception e) {
110: log
111: .error("The ConnectionManager mbean: "
112: + managedConnectionFactoryName
113: + " specified in a ConfiguredIdentityLoginModule could not be found."
114: + " ConnectionFactory will be unusable!");
115: if (Boolean.TRUE != ignoreMissigingMCF) {
116: throw new IllegalArgumentException(
117: "Managed Connection Factory not found: "
118: + managedConnectionFactoryName);
119: }
120: } // end of try-catch
121: if (log.isTraceEnabled()) {
122: log.trace("mcfname: " + managedConnectionFactoryName);
123: }
124: } // end of if ()
125:
126: return mcf;
127: }
128:
129: protected MBeanServer getServer() {
130: return server;
131: }
132:
133: /** This removes the javax.security.auth.login.name and
134: * javax.security.auth.login.password settings from the sharteState map
135: * along with any PasswordCredential found in the PrivateCredentials set
136: */
137: protected void removeCredentials() {
138: sharedState.remove("javax.security.auth.login.name");
139: sharedState.remove("javax.security.auth.login.password");
140: SubjectActions.removeCredentials(subject, mcf);
141: }
142:
143: }
|