]> git.argeo.org Git - lgpl/argeo-commons.git/blob - OsAuthenticationToken.java
projects / lgpl / argeo-commons.git / blob


8ba3f9fbca9dad3f8d74f6398a216e63b43f5414
[lgpl/argeo-commons.git] / OsAuthenticationToken.java
1 package org.argeo.security;
2
3 import java.security.AccessController;
4 import java.security.Principal;
5 import java.util.ArrayList;
6 import java.util.Arrays;
7 import java.util.List;
8 import java.util.Set;
9
10 import javax.security.auth.Subject;
11
12 import org.argeo.ArgeoException;
13 import org.argeo.OperatingSystem;
14 import org.springframework.security.Authentication;
15 import org.springframework.security.GrantedAuthority;
16 import org.springframework.security.GrantedAuthorityImpl;
17 import org.springframework.security.userdetails.UserDetails;
18
19 /** Abstracts principals provided by com.sun.security.auth.module login modules. */
20 public class OsAuthenticationToken implements Authentication {
21 private static final long serialVersionUID = -7544626794250917244L;
22
23 final Class<? extends Principal> osUserPrincipalClass;
24 final Class<? extends Principal> osUserIdPrincipalClass;
25 final Class<? extends Principal> osGroupIdPrincipalClass;
26
27 private List<GrantedAuthority> grantedAuthorities;
28
29 private UserDetails details;
30
31 /** Request */
32 public OsAuthenticationToken(GrantedAuthority[] grantedAuthorities) {
33 this.grantedAuthorities = grantedAuthorities != null ? Arrays
34 .asList(grantedAuthorities) : null;
35 ClassLoader cl = getClass().getClassLoader();
36 switch (OperatingSystem.os) {
37 case OperatingSystem.WINDOWS:
38 osUserPrincipalClass = getPrincipalClass(cl,
39 "com.sun.security.auth.NTUserPrincipal");
40 osUserIdPrincipalClass = getPrincipalClass(cl,
41 "com.sun.security.auth.NTSidUserPrincipal");
42 osGroupIdPrincipalClass = getPrincipalClass(cl,
43 "com.sun.security.auth.NTSidGroupPrincipal");
44 break;
45 case OperatingSystem.NIX:
46 osUserPrincipalClass = getPrincipalClass(cl,
47 "com.sun.security.auth.UnixPrincipal");
48 osUserIdPrincipalClass = getPrincipalClass(cl,
49 "com.sun.security.auth.UnixNumericUserPrincipal");
50 osGroupIdPrincipalClass = getPrincipalClass(cl,
51 "com.sun.security.auth.UnixNumericGroupPrincipal");
52 break;
53 case OperatingSystem.SOLARIS:
54 osUserPrincipalClass = getPrincipalClass(cl,
55 "com.sun.security.auth.SolarisPrincipal");
56 osUserIdPrincipalClass = getPrincipalClass(cl,
57 "com.sun.security.auth.SolarisNumericUserPrincipal");
58 osGroupIdPrincipalClass = getPrincipalClass(cl,
59 "com.sun.security.auth.SolarisNumericGroupPrincipal");
60 break;
61
62 default:
63 throw new ArgeoException("Unsupported operating system "
64 + OperatingSystem.os);
65 }
66
67 }
68
69 /** Authenticated */
70 public OsAuthenticationToken() {
71 this(null);
72 }
73
74 /** @return the name, or null if not yet logged */
75 public String getName() {
76 Subject subject = Subject.getSubject(AccessController.getContext());
77 if (subject == null)
78 return null;
79 return getUser().getName();
80 }
81
82 /**
83 * Should not be called during authentication since group IDs are not yet
84 * available {@link Subject} has been set
85 */
86 public GrantedAuthority[] getAuthorities() {
87 // grantedAuthorities should not be null at this stage
88 List<GrantedAuthority> gas = new ArrayList<GrantedAuthority>(
89 grantedAuthorities);
90 for (Principal groupPrincipal : getGroupsIds()) {
91 gas.add(new GrantedAuthorityImpl("OSGROUP_"
92 + groupPrincipal.getName()));
93 }
94 return gas.toArray(new GrantedAuthority[gas.size()]);
95 }
96
97 public UserDetails getDetails() {
98 return details;
99 }
100
101 public void setDetails(UserDetails details) {
102 this.details = details;
103 }
104
105 public boolean isAuthenticated() {
106 return grantedAuthorities != null;
107 }
108
109 public void setAuthenticated(boolean isAuthenticated)
110 throws IllegalArgumentException {
111 if (grantedAuthorities != null)
112 grantedAuthorities.clear();
113 grantedAuthorities = null;
114 }
115
116 @SuppressWarnings("unchecked")
117 protected static Class<? extends Principal> getPrincipalClass(
118 ClassLoader cl, String className) {
119 try {
120 return (Class<? extends Principal>) cl.loadClass(className);
121 } catch (ClassNotFoundException e) {
122 throw new ArgeoException("Cannot load principal class", e);
123 }
124 }
125
126 public Object getPrincipal() {
127 return getUser();
128 }
129
130 public Principal getUser() {
131 Subject subject = getSubject();
132 Set<? extends Principal> userPrincipals = subject
133 .getPrincipals(osUserPrincipalClass);
134 if (userPrincipals == null || userPrincipals.size() == 0)
135 throw new ArgeoException("No OS principal");
136 if (userPrincipals.size() > 1)
137 throw new ArgeoException("More than one OS principal");
138 Principal user = userPrincipals.iterator().next();
139 return user;
140 }
141
142 public Principal getUserId() {
143 Subject subject = getSubject();
144 Set<? extends Principal> userIdsPrincipals = subject
145 .getPrincipals(osUserIdPrincipalClass);
146 if (userIdsPrincipals == null || userIdsPrincipals.size() == 0)
147 throw new ArgeoException("No user id principal");
148 if (userIdsPrincipals.size() > 1)
149 throw new ArgeoException("More than one user id principal");
150 Principal userId = userIdsPrincipals.iterator().next();
151 return userId;
152 }
153
154 public Set<? extends Principal> getGroupsIds() {
155 Subject subject = getSubject();
156 return (Set<? extends Principal>) subject
157 .getPrincipals(osGroupIdPrincipalClass);
158 }
159
160 /** @return the subject always non null */
161 protected Subject getSubject() {
162 Subject subject = Subject.getSubject(AccessController.getContext());
163 if (subject == null)
164 throw new ArgeoException("No subject in JAAS context");
165 return subject;
166 }
167
168 public Object getCredentials() {
169 return "";
170 }
171
172 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi