]>
git.argeo.org Git - lgpl/argeo-commons.git/blob - security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/OsAuthenticationToken.java
1 package org
.argeo
.security
;
3 import java
.security
.AccessController
;
4 import java
.security
.Principal
;
5 import java
.util
.ArrayList
;
6 import java
.util
.Arrays
;
10 import javax
.security
.auth
.Subject
;
12 import org
.argeo
.ArgeoException
;
13 import org
.argeo
.OperatingSystem
;
14 import org
.springframework
.security
.Authentication
;
15 import org
.springframework
.security
.GrantedAuthority
;
16 import org
.springframework
.security
.GrantedAuthorityImpl
;
17 import org
.springframework
.security
.userdetails
.UserDetails
;
19 /** Abstracts principals provided by com.sun.security.auth.module login modules. */
20 public class OsAuthenticationToken
implements Authentication
{
21 private static final long serialVersionUID
= -7544626794250917244L;
23 final Class
<?
extends Principal
> osUserPrincipalClass
;
24 final Class
<?
extends Principal
> osUserIdPrincipalClass
;
25 final Class
<?
extends Principal
> osGroupIdPrincipalClass
;
27 private List
<GrantedAuthority
> grantedAuthorities
;
29 private UserDetails details
;
32 public OsAuthenticationToken(GrantedAuthority
[] grantedAuthorities
) {
33 this.grantedAuthorities
= grantedAuthorities
!= null ? Arrays
34 .asList(grantedAuthorities
) : null;
35 ClassLoader cl
= getClass().getClassLoader();
36 switch (OperatingSystem
.os
) {
37 case OperatingSystem
.WINDOWS
:
38 osUserPrincipalClass
= getPrincipalClass(cl
,
39 "com.sun.security.auth.NTUserPrincipal");
40 osUserIdPrincipalClass
= getPrincipalClass(cl
,
41 "com.sun.security.auth.NTSidUserPrincipal");
42 osGroupIdPrincipalClass
= getPrincipalClass(cl
,
43 "com.sun.security.auth.NTSidGroupPrincipal");
45 case OperatingSystem
.NIX
:
46 osUserPrincipalClass
= getPrincipalClass(cl
,
47 "com.sun.security.auth.UnixPrincipal");
48 osUserIdPrincipalClass
= getPrincipalClass(cl
,
49 "com.sun.security.auth.UnixNumericUserPrincipal");
50 osGroupIdPrincipalClass
= getPrincipalClass(cl
,
51 "com.sun.security.auth.UnixNumericGroupPrincipal");
53 case OperatingSystem
.SOLARIS
:
54 osUserPrincipalClass
= getPrincipalClass(cl
,
55 "com.sun.security.auth.SolarisPrincipal");
56 osUserIdPrincipalClass
= getPrincipalClass(cl
,
57 "com.sun.security.auth.SolarisNumericUserPrincipal");
58 osGroupIdPrincipalClass
= getPrincipalClass(cl
,
59 "com.sun.security.auth.SolarisNumericGroupPrincipal");
63 throw new ArgeoException("Unsupported operating system "
64 + OperatingSystem
.os
);
70 public OsAuthenticationToken() {
74 public String
getName() {
75 return getUser().getName();
79 * Should not be called during authentication since group IDs are not yet
80 * available {@link Subject} has been set
82 public GrantedAuthority
[] getAuthorities() {
83 // grantedAuthorities should not be null at this stage
84 List
<GrantedAuthority
> gas
= new ArrayList
<GrantedAuthority
>(
86 for (Principal groupPrincipal
: getGroupsIds()) {
87 gas
.add(new GrantedAuthorityImpl("OSGROUP_"
88 + groupPrincipal
.getName()));
90 return gas
.toArray(new GrantedAuthority
[gas
.size()]);
93 public UserDetails
getDetails() {
97 public void setDetails(UserDetails details
) {
98 this.details
= details
;
101 public boolean isAuthenticated() {
102 return grantedAuthorities
!= null;
105 public void setAuthenticated(boolean isAuthenticated
)
106 throws IllegalArgumentException
{
107 if (grantedAuthorities
!= null)
108 grantedAuthorities
.clear();
109 grantedAuthorities
= null;
112 @SuppressWarnings("unchecked")
113 protected static Class
<?
extends Principal
> getPrincipalClass(
114 ClassLoader cl
, String className
) {
116 return (Class
<?
extends Principal
>) cl
.loadClass(className
);
117 } catch (ClassNotFoundException e
) {
118 throw new ArgeoException("Cannot load principal class", e
);
122 public Object
getPrincipal() {
126 public Principal
getUser() {
127 Subject subject
= getSubject();
128 Set
<?
extends Principal
> userPrincipals
= subject
129 .getPrincipals(osUserPrincipalClass
);
130 if (userPrincipals
== null || userPrincipals
.size() == 0)
131 throw new ArgeoException("No OS principal");
132 if (userPrincipals
.size() > 1)
133 throw new ArgeoException("More than one OS principal");
134 Principal user
= userPrincipals
.iterator().next();
138 public Principal
getUserId() {
139 Subject subject
= getSubject();
140 Set
<?
extends Principal
> userIdsPrincipals
= subject
141 .getPrincipals(osUserIdPrincipalClass
);
142 if (userIdsPrincipals
== null || userIdsPrincipals
.size() == 0)
143 throw new ArgeoException("No user id principal");
144 if (userIdsPrincipals
.size() > 1)
145 throw new ArgeoException("More than one user id principal");
146 Principal userId
= userIdsPrincipals
.iterator().next();
150 public Set
<?
extends Principal
> getGroupsIds() {
151 Subject subject
= getSubject();
152 return (Set
<?
extends Principal
>) subject
153 .getPrincipals(osGroupIdPrincipalClass
);
156 /** @return the subject always non null */
157 protected Subject
getSubject() {
158 Subject subject
= Subject
.getSubject(AccessController
.getContext());
160 throw new ArgeoException("No subject in JAAS context");
164 public Object
getCredentials() {