001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017 package org.apache.geronimo.security.jaas.server;
018
019 import java.security.Principal;
020 import java.util.HashSet;
021 import java.util.Iterator;
022 import java.util.LinkedList;
023 import java.util.List;
024 import java.util.Map;
025 import java.util.Set;
026 import javax.security.auth.Subject;
027 import javax.security.auth.login.LoginException;
028 import javax.security.auth.spi.LoginModule;
029
030 import org.apache.geronimo.security.DomainPrincipal;
031 import org.apache.geronimo.security.RealmPrincipal;
032
033
034 /**
035 * Tracks security information about a single user. This is used before,
036 * during, and after the login.
037 *
038 * @version $Rev: 487175 $ $Date: 2006-12-14 03:10:31 -0800 (Thu, 14 Dec 2006) $
039 */
040 public class JaasSecuritySession {
041 private final String realmName;
042 private final Subject subject;
043 private final Map sharedContext;
044 private final long created;
045 private boolean done;
046 private final JaasLoginModuleConfiguration[] modules;
047 private final LoginModule[] loginModules;
048 private DecouplingCallbackHandler handler = new DecouplingCallbackHandler();
049
050 public JaasSecuritySession(String realmName, JaasLoginModuleConfiguration[] modules, Map sharedContext, ClassLoader classLoader) {
051 this.realmName = realmName;
052 this.created = System.currentTimeMillis();
053 this.done = false;
054 this.modules = modules;
055 subject = new Subject();
056 this.sharedContext = sharedContext;
057 loginModules = new LoginModule[modules.length];
058 for (int i = 0; i < modules.length; i++) {
059 if (modules[i].isWrapPrincipals()) {
060 loginModules[i] = new WrappingLoginModuleProxy(modules[i].getLoginModule(classLoader),
061 modules[i].getLoginDomainName(),
062 realmName);
063 } else {
064 loginModules[i] = modules[i].getLoginModule(classLoader);
065 }
066 }
067 }
068
069 public Subject getSubject() {
070 return subject;
071 }
072
073 public Map getSharedContext() {
074 return sharedContext;
075 }
076
077 public long getCreated() {
078 return created;
079 }
080
081 public boolean isDone() {
082 return done;
083 }
084
085 public void setDone(boolean done) {
086 this.done = done;
087 }
088
089 public JaasLoginModuleConfiguration[] getModules() {
090 return modules;
091 }
092
093 public LoginModule getLoginModule(int index) throws LoginException {
094 checkRange(index);
095 return loginModules[index];
096 }
097
098 private void checkRange(int index) throws LoginException {
099 if (index < 0 || index >= loginModules.length) {
100 throw new LoginException("Invalid index: " + index);
101 }
102 }
103
104 public boolean isServerSide(int index) throws LoginException {
105 checkRange(index);
106 return modules[index].isServerSide();
107 }
108
109 public String getLoginDomainName(int index) throws LoginException {
110 checkRange(index);
111 return modules[index].getLoginDomainName();
112 }
113
114 public Map getOptions(int index) throws LoginException {
115 checkRange(index);
116 return modules[index].getOptions();
117 }
118
119 public DecouplingCallbackHandler getHandler() {
120 return handler;
121 }
122
123 public String getRealmName() {
124 return realmName;
125 }
126 }