User: allsopp
Date: 01/01/14 21:07:01
Added: src/main/org/jboss/resource/security
ManyToOnePrincipalMapping.java
PrincipalMapping.java PrincipalMappingSupport.java
Log:
First cut at the J2EE Connector Architecture.
Revision Changes Path
1.1
jboss/src/main/org/jboss/resource/security/ManyToOnePrincipalMapping.java
Index: ManyToOnePrincipalMapping.java
===================================================================
/*
* JBoss, the OpenSource EJB server
*
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
package org.jboss.resource.security;
import java.security.Principal;
import javax.security.auth.Subject;
import javax.resource.spi.security.PasswordCredential;
/**
* A principal mapping that maps all caller principals to a single
* resource principal. Currently only basic password authentication
* is supported.
*
* <p> The properties string is expected to contain (in
* <code>Properties.load</code> format) two properties:
* <code>userName</code> and <code>password</code>. These are used
* to construct the <code>PasswordCredential</code> attached to the
* resource principal.
*
* <p> Additionally, the properties can contain a
* <code>principalName</code> property that specifies the name of
* the resource principal. If this property is not set then the
* <code>userName</code> is used.
*
* @see org.jboss.resource.ConnectionManagerImpl
* @author Toby Allsopp ([EMAIL PROTECTED])
* @version $Revision: 1.1 $
*/
public class ManyToOnePrincipalMapping
extends PrincipalMappingSupport
{
// Constants -----------------------------------------------------
// Attributes ----------------------------------------------------
private Principal resourcePrincipal;
private String userName;
private String password;
// Static --------------------------------------------------------
// Constructors --------------------------------------------------
// Public --------------------------------------------------------
// PrincipalMappingSupport overrides -----------------------------
public Subject createSubject(Principal callerPrincipal)
{
if (userName == null)
{
return null;
}
Subject subject = new Subject();
subject.getPrincipals().add(resourcePrincipal);
if (metadata.getAuthMechType().equals("basic-password"))
{
// The spec says that we need a new instance of this every
// time, because it is specific to a managed connection
// factory instance. We could probably get away with caching
// one per MCF, but who really cares?
PasswordCredential cred =
new PasswordCredential(userName, password.toCharArray());
cred.setManagedConnectionFactory(mcf);
subject.getPrivateCredentials().add(cred);
}
else
{
throw new RuntimeException("Unsupported auth-mech-type: '" +
metadata.getAuthMechType() + "'");
}
return subject;
}
protected void afterSetProperties()
{
userName = (String) properties.get("userName");
password = (String) properties.get("password");
if (password == null) password = "";
String principalName = (String) properties.get("principalName");
if (principalName == null)
principalName = userName;
resourcePrincipal = new ResourcePrincipal(principalName);
}
// Package protected ---------------------------------------------
// Protected -----------------------------------------------------
// Private -------------------------------------------------------
// Inner classes -------------------------------------------------
private static class ResourcePrincipal
implements Principal
{
private final String name;
private ResourcePrincipal(String name) { this.name = name; }
public String getName() { return name; }
public int hashCode() { return name.hashCode(); }
public boolean equals(Object other)
{
if (other instanceof ResourcePrincipal)
return ((ResourcePrincipal) other).name.equals(name);
else
return false;
}
public String toString() { return name; }
}
}
1.1 jboss/src/main/org/jboss/resource/security/PrincipalMapping.java
Index: PrincipalMapping.java
===================================================================
/*
* JBoss, the OpenSource EJB server
*
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
package org.jboss.resource.security;
import java.security.Principal;
import javax.security.auth.Subject;
import javax.resource.spi.ManagedConnectionFactory;
import org.jboss.logging.Log;
import org.jboss.resource.RARMetaData;
/**
* Interface for classes that implement a mapping from caller
* principal to resource principal.
*
* <p> The <code>set...</code> methods <strong>must</strong> be
* called before <code>createSubject</code>.
*
* @see org.jboss.resource.ConnectionManagerImpl
* @author Toby Allsopp ([EMAIL PROTECTED])
* @version $Revision: 1.1 $
*/
public interface PrincipalMapping
{
// Constants -----------------------------------------------------
// Public --------------------------------------------------------
/**
* Sets the <code>Log</code> to which to log.
*/
void setLog(Log log);
/**
* Sets the managed connection factory for which principals will be
* mapped.
*/
void setManagedConnectionFactory(ManagedConnectionFactory mcf);
/**
* Sets the meta-data that describes the resource adapter for which
* principals will be mapped.
*/
void setRARMetaData(RARMetaData metadata);
/**
* Sets configuration information for a particular implementation
* of this interface. The format of this information is specific to
* each implementation, but it is intended that a sequence of
* name-value pairs in <code>Properties.load</code> format will be
* used.
*
* @see java.util.Properties#load
*/
void setProperties(String properties);
/**
* Creates a <code>Subject</code> that contains the resource
* principal and its credentials obtained from the principal
* mapping implementation.
*
* @param callerPrincipal the identity under which the request for
* a connection has been made, i.e. the
* principal the requesting component is
* running under.
*
* @return a new <code>Subject</code> instance containing a single
* principal, the mapped resource principal, and whatever
* credentials are required for EIS sign-on
*/
Subject createSubject(Principal callerPrincipal);
}
1.1
jboss/src/main/org/jboss/resource/security/PrincipalMappingSupport.java
Index: PrincipalMappingSupport.java
===================================================================
/*
* JBoss, the OpenSource EJB server
*
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
package org.jboss.resource.security;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.Properties;
import javax.resource.spi.ManagedConnectionFactory;
import org.jboss.logging.Log;
import org.jboss.resource.RARMetaData;
/**
* Base class for <code>PrincipalMapping</code> implementations that
* want to share some implementation tedium.
*
* <p> The implementation of <code>setProperties</code> assumes that
* the properties string is in <code>Properties.load</code> format
* and takes care of converting to a <code>Properties</code> object.
*
* @author Toby Allsopp ([EMAIL PROTECTED])
* @version $Revision: 1.1 $
*/
public abstract class PrincipalMappingSupport
implements PrincipalMapping
{
// Constants -----------------------------------------------------
// Attributes ----------------------------------------------------
protected Log log;
protected ManagedConnectionFactory mcf;
protected RARMetaData metadata;
protected Properties properties;
// Static --------------------------------------------------------
// Constructors --------------------------------------------------
// Public --------------------------------------------------------
// PrincipalMapping implementation -------------------------------
public void setLog(Log log) { this.log = log; }
public void setManagedConnectionFactory(ManagedConnectionFactory mcf)
{
this.mcf = mcf;
}
public void setRARMetaData(RARMetaData metadata)
{
this.metadata = metadata;
}
public void setProperties(String propStr)
{
properties = new Properties();
try
{
properties.load(
new ByteArrayInputStream(propStr.getBytes("ISO-8859-1")));
}
catch (IOException ioe)
{
log.error("Couldn't convert properties string '" + propStr + "' to " +
"Properties");
log.exception(ioe);
}
afterSetProperties();
}
// Package protected ---------------------------------------------
// Protected -----------------------------------------------------
/**
* Called once the <code>properties</code> field has been
* initialised and populated.
*/
protected void afterSetProperties() {}
// Private -------------------------------------------------------
// Inner classes -------------------------------------------------
}
