Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-29 15:22:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding in JAASAuthenticationProvider support

Browse Source
This commit is contained in:
Ray Krueger 2004-07-19 00:43:28 +00:00
parent 2f2b054b7a
commit 1947819d73
9 changed files with 350 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
core/src/main/java/org/acegisecurity/providers/jaas/AuthorityGranter.java Normal file
View File

@ -0,0 +1,13 @@
package net.sf.acegisecurity.providers.jaas;
import java.security.Principal;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public interface AuthorityGranter {
public String grant(Principal principal);
}

20
core/src/main/java/org/acegisecurity/providers/jaas/JAASAuthenticationCallbackHandler.java Normal file
View File

@ -0,0 +1,20 @@
package net.sf.acegisecurity.providers.jaas;
import net.sf.acegisecurity.Authentication;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.UnsupportedCallbackException;
import java.io.IOException;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public interface JAASAuthenticationCallbackHandler {
void setAuthentication(Authentication auth);
void handle(Callback callback) throws IOException, UnsupportedCallbackException;
}

166
core/src/main/java/org/acegisecurity/providers/jaas/JAASAuthenticationProvider.java Normal file
View File

@ -0,0 +1,166 @@
package net.sf.acegisecurity.providers.jaas;
import net.sf.acegisecurity.providers.jaas.event.JAASAuthenticationFailedEvent;
import net.sf.acegisecurity.providers.jaas.event.JAASAuthenticationSuccessEvent;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.AuthenticationException;
import net.sf.acegisecurity.AuthenticationServiceException;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.providers.AuthenticationProvider;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.jaas.AuthorityGranter;
import net.sf.acegisecurity.providers.jaas.JAASAuthenticationCallbackHandler;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.context.ApplicationContextException;
import org.springframework.core.io.Resource;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import java.io.IOException;
import java.security.Principal;
import java.security.Security;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public class JAASAuthenticationProvider implements AuthenticationProvider, InitializingBean, ApplicationContextAware {
private ApplicationContext context;
private String loginContextName = "ACEGI";
private Resource loginConfig;
private JAASAuthenticationCallbackHandler[] callbackHandlers;
private AuthorityGranter[] authorityGranters;
public Authentication authenticate(Authentication auth) throws AuthenticationException {
if (auth instanceof UsernamePasswordAuthenticationToken) {
UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) auth;
try {
LoginContext lc = new LoginContext(loginContextName, new InternalCallbackHandler(auth));
lc.login();
Set authorities = new HashSet();
if (token.getAuthorities() != null) {
authorities.addAll(Arrays.asList(token.getAuthorities()));
}
Subject subject = lc.getSubject();
Set principals = subject.getPrincipals();
for (Iterator iterator = principals.iterator(); iterator.hasNext();) {
Principal principal = (Principal) iterator.next();
for (int i = 0; i < authorityGranters.length; i++) {
AuthorityGranter granter = authorityGranters[i];
String role = granter.grant(principal);
if (role != null) {
authorities.add(new JAASGrantedAuthority(role, principal));
}
}
}
token.setAuthorities((GrantedAuthority[]) authorities.toArray(new GrantedAuthority[authorities.size()]));
context.publishEvent(new JAASAuthenticationSuccessEvent(token));
return token;
} catch (LoginException e) {
context.publishEvent(new JAASAuthenticationFailedEvent(auth, e));
throw new AuthenticationServiceException(e.toString());
}
}
return null;
}
public boolean supports(Class aClass) {
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(aClass);
}
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
this.context = applicationContext;
}
public String getLoginContextName() {
return loginContextName;
}
public void setLoginContextName(String loginContextName) {
this.loginContextName = loginContextName;
}
public Resource getLoginConfig() {
return loginConfig;
}
public void setLoginConfig(Resource loginConfig) throws IOException {
this.loginConfig = loginConfig;
}
public void afterPropertiesSet() throws Exception {
if (loginConfig == null)
throw new ApplicationContextException("loginConfig must be set on " + getClass());
if (loginContextName == null)
throw new ApplicationContextException("loginContextName must be set on " + getClass());
int n = 1;
while (Security.getProperty("login.config.url." + n) != null) n++;
Security.setProperty("login.config.url." + n, loginConfig.getURL().toString());
}
public JAASAuthenticationCallbackHandler[] getCallbackHandlers() {
return callbackHandlers;
}
public void setCallbackHandlers(JAASAuthenticationCallbackHandler[] callbackHandlers) {
this.callbackHandlers = callbackHandlers;
}
public AuthorityGranter[] getAuthorityGranters() {
return authorityGranters;
}
public void setAuthorityGranters(AuthorityGranter[] authorityGranters) {
this.authorityGranters = authorityGranters;
}
private class InternalCallbackHandler implements CallbackHandler {
private Authentication authentication;
public InternalCallbackHandler(Authentication authentication) {
this.authentication = authentication;
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbackHandlers.length; i++) {
JAASAuthenticationCallbackHandler handler = callbackHandlers[i];
handler.setAuthentication(authentication);
for (int j = 0; j < callbacks.length; j++) {
Callback callback = callbacks[j];
handler.handle(callback);
}
}
}
}
}

25
core/src/main/java/org/acegisecurity/providers/jaas/JAASGrantedAuthority.java Normal file
View File

@ -0,0 +1,25 @@
package net.sf.acegisecurity.providers.jaas;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import java.security.Principal;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public class JAASGrantedAuthority extends GrantedAuthorityImpl {
Principal principal;
public JAASGrantedAuthority(String role, Principal principal) {
super(role);
this.principal = principal;
}
public Principal getPrincipal() {
return principal;
}
}

31
core/src/main/java/org/acegisecurity/providers/jaas/JAASNameCallbackHandler.java Normal file
View File

@ -0,0 +1,31 @@
package net.sf.acegisecurity.providers.jaas;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.providers.jaas.JAASAuthenticationCallbackHandler;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import java.io.IOException;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public class JAASNameCallbackHandler implements JAASAuthenticationCallbackHandler {
private Authentication authentication;
public void setAuthentication(Authentication authentication) {
this.authentication = authentication;
}
public void handle(Callback callback) throws IOException, UnsupportedCallbackException {
if (callback instanceof NameCallback) {
NameCallback ncb = (NameCallback) callback;
ncb.setName(authentication.getPrincipal().toString());
}
}
}

31
core/src/main/java/org/acegisecurity/providers/jaas/JAASPasswordCallbackHandler.java Normal file
View File

@ -0,0 +1,31 @@
package net.sf.acegisecurity.providers.jaas;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.providers.jaas.JAASAuthenticationCallbackHandler;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import java.io.IOException;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public class JAASPasswordCallbackHandler implements JAASAuthenticationCallbackHandler {
private Authentication auth;
public void setAuthentication(Authentication auth) {
this.auth = auth;
}
public void handle(Callback callback) throws IOException, UnsupportedCallbackException {
if (callback instanceof PasswordCallback) {
PasswordCallback pc = (PasswordCallback) callback;
pc.setPassword(auth.getCredentials().toString().toCharArray());
}
}
}

21
core/src/main/java/org/acegisecurity/providers/jaas/event/JAASAuthenticationEvent.java Normal file
View File

@ -0,0 +1,21 @@
package net.sf.acegisecurity.providers.jaas.event;
import net.sf.acegisecurity.Authentication;
import org.springframework.context.ApplicationEvent;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public abstract class JAASAuthenticationEvent extends ApplicationEvent {
public JAASAuthenticationEvent(Authentication auth) {
super(auth);
}
public Authentication getAuthentication() {
return (Authentication) source;
}
}

25
core/src/main/java/org/acegisecurity/providers/jaas/event/JAASAuthenticationFailedEvent.java Normal file
View File

@ -0,0 +1,25 @@
package net.sf.acegisecurity.providers.jaas.event;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.providers.jaas.event.JAASAuthenticationEvent;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public class JAASAuthenticationFailedEvent extends JAASAuthenticationEvent {
private Exception exception;
public JAASAuthenticationFailedEvent(Authentication auth, Exception exception) {
super(auth);
this.exception = exception;
}
public Exception getException() {
return exception;
}
}

18
core/src/main/java/org/acegisecurity/providers/jaas/event/JAASAuthenticationSuccessEvent.java Normal file
View File

@ -0,0 +1,18 @@
package net.sf.acegisecurity.providers.jaas.event;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.providers.jaas.event.JAASAuthenticationEvent;
/**
* Insert comments here...
* <br>
* User: raykrueger@users.sourceforge.net<br>
* Date: Jul 15, 2004<br>
*/
public class JAASAuthenticationSuccessEvent extends JAASAuthenticationEvent {
public JAASAuthenticationSuccessEvent(Authentication auth) {
super(auth);
}
}