org.josso.gl2.agent.jaas.CatalinaJAASRealm.java Source code

Java tutorial

Introduction

Here is the source code for org.josso.gl2.agent.jaas.CatalinaJAASRealm.java

Source

/*
 * JOSSO: Java Open Single Sign-On
 *
 * Copyright 2004-2009, Atricore, Inc.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 *
 */

package org.josso.gl2.agent.jaas;

import org.apache.catalina.realm.JAASRealm;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import javax.security.auth.Subject;
import java.security.Principal;
import java.security.acl.Group;
import java.util.*;
import java.lang.reflect.Field;

/**
 * Catalina JAASRealm replacement that instantiates CatalinaSSOUser Principal instead of
 * GenericPrincipal.
 *
 * @author <a href="mailto:gbrigand@josso.org">Gianluca Brigandi</a>
 * @version CVS $Id: CatalinaJAASRealm.java 974 2009-01-14 00:39:45Z sgonzalez $
 */

public class CatalinaJAASRealm extends JAASRealm {

    private static Log log = LogFactory.getLog(CatalinaJAASRealm.class);

    private boolean requiresRoleMap = false;

    @Override
    public void init() {
        super.init();
        System.out.println("***Init Josso Catalina JAAS Realm");
        try {

            if (getRoleMapField() != null) {
                requiresRoleMap = true;
                System.out.println("Realm requires role mapping (Tomcat 5.0.30 ? )");

            } else {
                System.out.println("Realm does note requires role mapping (Tomcat 5.0.28 ? )");
                requiresRoleMap = false;
            }

        } catch (Exception e) {
            System.err.println("Initializing CatalinaJAASRealm : " + e.getMessage());
        }
    }

    /**
     * Construct and return a java.security.Principal instance
     * representing the authenticated user for the specified Subject.  If no
     * such Principal can be constructed, return null.
     *
     * The Principal constructed is *not* GenericPrincipal as in Catalina JAASRealm class,
     * but CatalinaSSOUser which is a SSOUser.
     * The Partner Application can access SSOUser-specific properties that are not available
     * in GenericPrincipal.
     * The JAASRealm superclass invokes this factory method to build the Catalina-specific
     * Principal from the Subject filled by the configured JAASLoginModule.
     *
     * @param subject The Subject representing the logged in user
     */
    @Override
    protected Principal createPrincipal(String username, Subject subject) {

        // We also populate roles map ...

        CatalinaSSOUser p = CatalinaSSOUser.newInstance(this, subject);

        if (requiresRoleMap) {
            // This is a Tomcat 5.0.30 ... !

            try {

                List<Principal> roles = new ArrayList<Principal>();

                Iterator principals = subject.getPrincipals().iterator();
                while (principals.hasNext()) {

                    Principal principal = (Principal) principals.next();
                    String principalClass = principal.getClass().getName();

                    if (getRoleClassNames().contains(principalClass)) {
                        log.debug("Adding role : " + principal.getName());
                        roles.add(principal);
                    }

                    // Same as Jboss - that's a pretty clean solution
                    if ((principal instanceof Group) && "Roles".equals(principal.getName())) {
                        Group grp = (Group) principal;
                        Enumeration en = grp.members();
                        while (en.hasMoreElements()) {
                            Principal roleP = (Principal) en.nextElement();
                            log.debug("Adding role : " + roleP.getName());
                            roles.add(roleP);
                        }

                    }
                }

                // Only in Catalina 5.0.30!
                log.debug("Storing roles in parent roleMap");
                Map m = (Map) getRoleMapField().get(this);
                m.put(p, roles);

            } catch (Exception e) {
                log.warn(e.getMessage(), e);
                return p;
            }

        }

        return p;

    }

    protected Field getRoleMapField() {

        // Check the field in our super class!
        Field[] fields = getClass().getSuperclass().getDeclaredFields();

        for (Field field : fields) {
            log.debug("Field:" + field.getName());
            if (field.getName().equals("roleMap"))
                return field;
        }

        return null;
    }

}