I don't think having a UserAdmin delegating to JAAS could work because
JAAS does not provide anything about modifying the underlying storage
for creating / removing users or groups. UserAdmin provides such
features, so I think it has to be to other way around: it should be
quite easy to implement a JAAS login module that delegates to
UserAdmin.
Given I don't think requiring JAAS is a good idea, that's why I
proposed such a simple API.
I don't really see any drawback to such a pluggable mechanism, as I
think it can be implemented for both JAAS and UserAdmin in a few lines
of code:
public class UserAdminProvider implements WebConsoleSecurityProvider {
private UserAdmin userAdmin;
private String userProperty;
private String credProperty;
public class UserAdminProvider(UserAdmin userAdmin, String
userProperty, String credProperty) {
this.userAdmin = userAdmin;
this.userProperty = userProperty;
this.credProperty = credProperty;
}
public Object authenticate(String username, Object credential)
throws SecurityException {
User user = userAdmin.getUser(userProperty, userName);
if (user == null) throw new SecurityException("No such user");
if (!user.hasCredential(credProperty, credential)) throw new
SecurityException("Bad credential");
return user;
}
public void authorize(Object user, String role) throws SecurityException {
Authorization auth = userAdmin.getAuthorization((User) user);
if (!auth.hasRole(role)) throw new SecurityException("Not authorized");
}
}
public class JAASProvider implements WebConsoleSecurityProvider {
private String domain;
public JAASProvider(String domain) {
this.domain = domain;
}
public Object authenticate(String username, Object credential)
throws SecurityException {
Subject subject = new Subject();
LoginContext loginContext = new LoginContext(domain, subject,
new CallbackHandler() {
public void handle(Callback[] callbacks) throws
IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
((NameCallback) callbacks[i]).setName(username);
} else if (callbacks[i] instanceof
PasswordCallback && credentials instanceof String) {
((PasswordCallback)
callbacks[i]).setPassword(((String) credential).toCharArray());
} else if (callbacks[i] instanceof
CertificateCallback && credentials instanceof X509Certificate) {
((CertificateCallback)
callbacks[i]).setCertificate((X509Certificate) credential);
} else {
throw new UnsupportedCallbackException(callbacks[i]);
}
}
}
});
loginContext.login();
return subject;
}
public void authorize(Object user, String role) throws SecurityException {
if (!((Subject) user).getPrincipals().contains(new
GroupPrincipal(role))) throw new SecurityException("Not authorized");
}
}
Pluggability / extensibility is always a good thing imho, as long as
it's not overengineered, which is not the case here imho.
On Wed, May 27, 2009 at 11:31, Marcel Offermans
<[email protected]> wrote:
> Hello Guillaume,
>
> On May 27, 2009, at 11:20 , Guillaume Nodet wrote:
>
>> Right, I think there is a real need to support UserAdmin, but given
>> both JAAS and UserAdmin will be used for the same thing, it should be
>> easy to support both using a simple interface:
>>
>> public interface WebConsoleSecurityProvider {
>> /** Check if the user with the specified password exists and
>> return an object identifying the user, else throw an exception */
>> public Object authenticate(String username, String password)
>> throws SecurityException;
>> /** Check that the authenticated user has the given role
>> permission or throw an exception */
>> public void authorize(Object user, String role) throws
>> SecurityException;
>> }
>>
>> Imho, this should be sufficient to provide authentication and
>> authorization for the web console and can be easily implemented using
>> UserAdmin or JAAS.
>
> To be honest, UserAdmin already is an interface which abstracts from an
> implementation, so I don't really see a need to add another interface to
> abstract from that. Having a JAAS backend for UserAdmin would be nice too
> since that would be usable in a much broader context.
>
> Greetings, Marcel
>
>
--
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com
