001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */package org.apache.geronimo.security.util;
017:
018: import java.lang.reflect.Constructor;
019: import java.security.AccessController;
020: import java.security.PrivilegedActionException;
021: import java.security.PrivilegedExceptionAction;
022:
023: import javax.security.auth.x500.X500Principal;
024: import javax.security.jacc.PolicyContext;
025: import javax.security.jacc.PolicyContextException;
026: import javax.security.jacc.PolicyContextHandler;
027:
028: import org.apache.geronimo.common.DeploymentException;
029: import org.apache.geronimo.security.DomainPrincipal;
030: import org.apache.geronimo.security.PrimaryDomainPrincipal;
031: import org.apache.geronimo.security.PrimaryPrincipal;
032: import org.apache.geronimo.security.PrimaryRealmPrincipal;
033: import org.apache.geronimo.security.RealmPrincipal;
034: import org.apache.geronimo.security.deploy.PrincipalInfo;
035:
036: /**
037: * A collection of utility functions that assist with the configuration of
038: * <code>PolicyConfiguration</code>s.
039: *
040: * @version $Rev: 545781 $ $Date: 2007-06-09 10:44:02 -0700 (Sat, 09 Jun 2007) $
041: * @see javax.security.jacc.PolicyConfiguration
042: * @see "JSR 115" Java Authorization Contract for Containers
043: */
044: public class ConfigurationUtil {
045:
046: /**
047: * Create an X500Principal from a deployment description.
048: *
049: * @param name the distinguished name of the principal
050: * @return an X500Principal from a deployment description
051: */
052: public static X500Principal generateX500Principal(String name) {
053: return new X500Principal(name);
054: }
055:
056: /**
057: * Create a Principal from a deployment description.
058: *
059: * @param principalInfo the deployment description of the principal to be created.
060: * @param classLoader
061: * @return a RealmPrincipal from a deployment description
062: */
063: public static java.security.Principal generatePrincipal(
064: final PrincipalInfo principalInfo, ClassLoader classLoader) {
065: return generatePrincipal(principalInfo.getClassName(),
066: principalInfo.getPrincipalName(), classLoader);
067: }
068:
069: public static java.security.Principal generatePrincipal(
070: final String className, final String principalName,
071: final ClassLoader classLoader) {
072: try {
073: return (java.security.Principal) AccessController
074: .doPrivileged(new PrivilegedExceptionAction() {
075: public Object run() throws Exception {
076: Class clazz = classLoader
077: .loadClass(className);
078: Constructor constructor = clazz
079: .getDeclaredConstructor(new Class[] { String.class });
080: return (java.security.Principal) constructor
081: .newInstance(new Object[] { principalName });
082: }
083: });
084: } catch (PrivilegedActionException e) {
085: e.printStackTrace();
086: if (e.getException() != null) {
087: e.getException().printStackTrace();
088: }
089: return null;
090: }
091: }
092:
093: /**
094: * Create a RealmPrincipal from a deployment description.
095: *
096: * @param principalInfo the deployment description of the principal to be created.
097: * @param classLoader
098: * @return a RealmPrincipal from a deployment description
099: */
100: public static RealmPrincipal generateRealmPrincipal(
101: final String realm, final String loginDomain,
102: final PrincipalInfo principalInfo, ClassLoader classLoader) {
103: return generateRealmPrincipal(realm, loginDomain, principalInfo
104: .getClassName(), principalInfo.getPrincipalName(),
105: classLoader);
106: }
107:
108: public static RealmPrincipal generateRealmPrincipal(
109: final String realm, final String loginDomain,
110: final String className, final String principalName,
111: ClassLoader classLoader) {
112: return new RealmPrincipal(
113: realm,
114: loginDomain,
115: generatePrincipal(className, principalName, classLoader));
116: }
117:
118: /**
119: * Create a DomainPrincipal from a deployment description.
120: *
121: * @param principalInfo the deployment description of the principal to be created.
122: * @param classLoader
123: * @return a RealmPrincipal from a deployment description
124: */
125: public static DomainPrincipal generateDomainPrincipal(
126: final String loginDomain,
127: final PrincipalInfo principalInfo, ClassLoader classLoader) {
128: return generateDomainPrincipal(loginDomain, principalInfo
129: .getClassName(), principalInfo.getPrincipalName(),
130: classLoader);
131: }
132:
133: public static DomainPrincipal generateDomainPrincipal(
134: final String loginDomain, final String className,
135: final String principalName, ClassLoader classLoader) {
136: return new DomainPrincipal(loginDomain, generatePrincipal(
137: className, principalName, classLoader));
138: }
139:
140: /**
141: * Create a RealmPrincipal from a deployment description.
142: *
143: * @param principalInfo the deployment description of the principal to be created.
144: * @param classLoader
145: * @return a PrimaryRealmPrincipal from a deployment description
146: */
147: public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(
148: final String realm, final String domain,
149: final PrincipalInfo principalInfo, ClassLoader classLoader)
150: throws DeploymentException {
151: return generatePrimaryRealmPrincipal(realm, domain,
152: principalInfo.getClassName(), principalInfo
153: .getPrincipalName(), classLoader);
154: }
155:
156: public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(
157: final String realm, final String domain,
158: final String className, final String principalName,
159: final ClassLoader classLoader) throws DeploymentException {
160: try {
161: return (PrimaryRealmPrincipal) AccessController
162: .doPrivileged(new PrivilegedExceptionAction() {
163: public Object run() throws Exception {
164: java.security.Principal p = null;
165: Class clazz = classLoader
166: .loadClass(className);
167: Constructor constructor = clazz
168: .getDeclaredConstructor(new Class[] { String.class });
169: p = (java.security.Principal) constructor
170: .newInstance(new Object[] { principalName });
171:
172: return new PrimaryRealmPrincipal(realm,
173: domain, p);
174: }
175: });
176: } catch (PrivilegedActionException pae) {
177: throw new DeploymentException(
178: "Unable to create realm principal", pae
179: .getException());
180: }
181: }
182:
183: /**
184: * Create a DomainPrincipal from a deployment description.
185: *
186: * @param principalInfo the deployment description of the principal to be created.
187: * @param classLoader
188: * @return a PrimaryDomainPrincipal from a deployment description
189: */
190: public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(
191: final String domain, final PrincipalInfo principalInfo,
192: ClassLoader classLoader) throws DeploymentException {
193: return generatePrimaryDomainPrincipal(domain, principalInfo
194: .getClassName(), principalInfo.getPrincipalName(),
195: classLoader);
196: }
197:
198: public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(
199: final String domain, final String className,
200: final String principalName, final ClassLoader classLoader)
201: throws DeploymentException {
202: try {
203: return (PrimaryDomainPrincipal) AccessController
204: .doPrivileged(new PrivilegedExceptionAction() {
205: public Object run() throws Exception {
206: java.security.Principal p = null;
207: Class clazz = classLoader
208: .loadClass(className);
209: Constructor constructor = clazz
210: .getDeclaredConstructor(new Class[] { String.class });
211: p = (java.security.Principal) constructor
212: .newInstance(new Object[] { principalName });
213:
214: return new PrimaryDomainPrincipal(domain, p);
215: }
216: });
217: } catch (PrivilegedActionException pae) {
218: throw new DeploymentException(
219: "Unable to create domain principal", pae
220: .getException());
221: }
222: }
223:
224: /**
225: * Create a Principal from a deployment description.
226: *
227: * @param principalInfo the deployment description of the principal to be created.
228: * @param classLoader
229: * @return a Principal from a deployment description
230: */
231: public static PrimaryPrincipal generatePrimaryPrincipal(
232: final PrincipalInfo principalInfo, ClassLoader classLoader)
233: throws DeploymentException {
234: return generatePrimaryPrincipal(principalInfo.getClassName(),
235: principalInfo.getPrincipalName(), classLoader);
236: }
237:
238: public static PrimaryPrincipal generatePrimaryPrincipal(
239: final String className, final String principalName,
240: final ClassLoader classLoader) throws DeploymentException {
241: try {
242: return (PrimaryPrincipal) AccessController
243: .doPrivileged(new PrivilegedExceptionAction() {
244: public Object run() throws Exception {
245: java.security.Principal p = null;
246: Class clazz = classLoader
247: .loadClass(className);
248: Constructor constructor = clazz
249: .getDeclaredConstructor(new Class[] { String.class });
250: p = (java.security.Principal) constructor
251: .newInstance(new Object[] { principalName });
252:
253: return new PrimaryPrincipal(p);
254: }
255: });
256: } catch (PrivilegedActionException pae) {
257: throw new DeploymentException("Unable to create principal",
258: pae.getException());
259: }
260: }
261:
262: /**
263: * A simple helper method to register PolicyContextHandlers
264: *
265: * @param handler an object that implements the <code>PolicyContextHandler</code>
266: * interface. The value of this parameter must not be null.
267: * @param replace this boolean value defines the behavior of this method
268: * if, when it is called, a <code>PolicyContextHandler</code> has already
269: * been registered to handle the same key. In that case, and if the value
270: * of this argument is true, the existing handler is replaced with the
271: * argument handler. If the value of this parameter is false the existing
272: * registration is preserved and an exception is thrown.
273: */
274: public static void registerPolicyContextHandler(
275: PolicyContextHandler handler, boolean replace)
276: throws PolicyContextException {
277: String[] keys = handler.getKeys();
278:
279: for (int i = 0; i < keys.length; i++) {
280: PolicyContext.registerHandler(keys[i], handler, replace);
281: }
282: }
283:
284: }
|