]> git.argeo.org Git - lgpl/argeo-commons.git/blob - OsAuthenticationToken.java
projects / lgpl / argeo-commons.git / blob


9fba6f054aa482fc52dcfee7435a5f50f862d4f6
[lgpl/argeo-commons.git] / OsAuthenticationToken.java
1 package org.argeo.security;
2
3 import java.security.AccessController;
4 import java.security.Principal;
5 import java.util.ArrayList;
6 import java.util.Arrays;
7 import java.util.Collections;
8 import java.util.List;
9 import java.util.Set;
10
11 import javax.security.auth.Subject;
12
13 import org.argeo.ArgeoException;
14 import org.argeo.OperatingSystem;
15 import org.springframework.security.Authentication;
16 import org.springframework.security.GrantedAuthority;
17 import org.springframework.security.GrantedAuthorityImpl;
18 import org.springframework.security.userdetails.UserDetails;
19
20 /** Abstracts principals provided by com.sun.security.auth.module login modules. */
21 public class OsAuthenticationToken implements Authentication {
22 private static final long serialVersionUID = -7544626794250917244L;
23
24 final Class<? extends Principal> osUserPrincipalClass;
25 final Class<? extends Principal> osUserIdPrincipalClass;
26 final Class<? extends Principal> osGroupIdPrincipalClass;
27
28 private List<GrantedAuthority> grantedAuthorities;
29
30 private UserDetails details;
31
32 /** Request */
33 public OsAuthenticationToken(GrantedAuthority[] grantedAuthorities) {
34 this.grantedAuthorities = grantedAuthorities != null ? Arrays
35 .asList(grantedAuthorities) : null;
36 ClassLoader cl = getClass().getClassLoader();
37 switch (OperatingSystem.os) {
38 case OperatingSystem.WINDOWS:
39 osUserPrincipalClass = getPrincipalClass(cl,
40 "com.sun.security.auth.NTUserPrincipal");
41 osUserIdPrincipalClass = getPrincipalClass(cl,
42 "com.sun.security.auth.NTSidUserPrincipal");
43 osGroupIdPrincipalClass = getPrincipalClass(cl,
44 "com.sun.security.auth.NTSidGroupPrincipal");
45 break;
46 case OperatingSystem.NIX:
47 osUserPrincipalClass = getPrincipalClass(cl,
48 "com.sun.security.auth.UnixPrincipal");
49 osUserIdPrincipalClass = getPrincipalClass(cl,
50 "com.sun.security.auth.UnixNumericUserPrincipal");
51 osGroupIdPrincipalClass = getPrincipalClass(cl,
52 "com.sun.security.auth.UnixNumericGroupPrincipal");
53 break;
54 case OperatingSystem.SOLARIS:
55 osUserPrincipalClass = getPrincipalClass(cl,
56 "com.sun.security.auth.SolarisPrincipal");
57 osUserIdPrincipalClass = getPrincipalClass(cl,
58 "com.sun.security.auth.SolarisNumericUserPrincipal");
59 osGroupIdPrincipalClass = getPrincipalClass(cl,
60 "com.sun.security.auth.SolarisNumericGroupPrincipal");
61 break;
62
63 default:
64 throw new ArgeoException("Unsupported operating system "
65 + OperatingSystem.os);
66 }
67
68 }
69
70 /** Authenticated */
71 public OsAuthenticationToken() {
72 this(null);
73 }
74
75 public String getName() {
76 return getUser().getName();
77 }
78
79 public GrantedAuthority[] getAuthorities() {
80 // grantedAuthorities should not be null at this stage
81 List<GrantedAuthority> gas = new ArrayList<GrantedAuthority>(
82 grantedAuthorities);
83 for (Principal groupPrincipal : getGroupsIds()) {
84 gas.add(new GrantedAuthorityImpl("OSGROUP_"
85 + groupPrincipal.getName()));
86 }
87 return gas.toArray(new GrantedAuthority[gas.size()]);
88 }
89
90 public UserDetails getDetails() {
91 return details;
92 }
93
94 public void setDetails(UserDetails details) {
95 this.details = details;
96 }
97
98 public boolean isAuthenticated() {
99 return grantedAuthorities != null;
100 }
101
102 public void setAuthenticated(boolean isAuthenticated)
103 throws IllegalArgumentException {
104 if (grantedAuthorities != null)
105 grantedAuthorities.clear();
106 grantedAuthorities = null;
107 }
108
109 @SuppressWarnings("unchecked")
110 protected static Class<? extends Principal> getPrincipalClass(
111 ClassLoader cl, String className) {
112 try {
113 return (Class<? extends Principal>) cl.loadClass(className);
114 } catch (ClassNotFoundException e) {
115 throw new ArgeoException("Cannot load principal class", e);
116 }
117 }
118
119 public Object getPrincipal() {
120 return getUser();
121 }
122
123 public Principal getUser() {
124 Subject subject = Subject.getSubject(AccessController.getContext());
125 Set<? extends Principal> userPrincipals = subject
126 .getPrincipals(osUserPrincipalClass);
127 if (userPrincipals == null || userPrincipals.size() == 0)
128 throw new ArgeoException("No OS principal");
129 if (userPrincipals.size() > 1)
130 throw new ArgeoException("More than one OS principal");
131 Principal user = userPrincipals.iterator().next();
132 return user;
133 }
134
135 public Principal getUserId() {
136 Subject subject = Subject.getSubject(AccessController.getContext());
137 Set<? extends Principal> userIdsPrincipals = subject
138 .getPrincipals(osUserIdPrincipalClass);
139 if (userIdsPrincipals == null || userIdsPrincipals.size() == 0)
140 throw new ArgeoException("No user id principal");
141 if (userIdsPrincipals.size() > 1)
142 throw new ArgeoException("More than one user id principal");
143 Principal userId = userIdsPrincipals.iterator().next();
144 return userId;
145 }
146
147 public Set<? extends Principal> getGroupsIds() {
148 Subject subject = Subject.getSubject(AccessController.getContext());
149 return (Set<? extends Principal>) subject
150 .getPrincipals(osGroupIdPrincipalClass);
151 }
152
153 public Object getCredentials() {
154 return "";
155 }
156
157 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi