X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Factivemq%2FSecuredActiveMqConnectionFactory.java;h=95e6a6945c834618a417ae8c3baa480ff3ed4f0d;hb=17ab4abc34cd258435a9efdb8dd00228af859613;hp=440a0226c0e81647bd2c3e08c652a4e209ff9084;hpb=b5d51f84e3a36a214bcb82dc82da19a123838639;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/activemq/SecuredActiveMqConnectionFactory.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/activemq/SecuredActiveMqConnectionFactory.java index 440a0226c..95e6a6945 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/activemq/SecuredActiveMqConnectionFactory.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/activemq/SecuredActiveMqConnectionFactory.java @@ -1,9 +1,23 @@ +/* + * Copyright (C) 2010 Mathieu Baudier + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package org.argeo.security.activemq; import java.io.InputStream; -import java.net.URL; import java.security.KeyStore; -import java.security.Principal; import java.security.SecureRandom; import javax.jms.Connection; @@ -11,9 +25,9 @@ import javax.jms.ConnectionFactory; import javax.jms.JMSException; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.TrustManagerFactory; -import javax.security.auth.Subject; -import javax.security.auth.login.LoginContext; -import javax.security.auth.login.LoginException; +import javax.swing.UIManager; +import javax.swing.UnsupportedLookAndFeelException; +import javax.swing.plaf.metal.MetalLookAndFeel; import org.apache.activemq.ActiveMQSslConnectionFactory; import org.apache.commons.logging.Log; @@ -32,7 +46,8 @@ public class SecuredActiveMqConnectionFactory implements ConnectionFactory, public final static String AUTHMODE_UI = "ui"; public final static String AUTHMODE_OS = "os"; public final static String AUTHMODE_DEFAULT = AUTHMODE_OS; - private final static String LOGIN_CONFIG_PROPERTY = "java.security.auth.login.config"; + // private final static String LOGIN_CONFIG_PROPERTY = + // "java.security.auth.login.config"; private final static Log log = LogFactory .getLog(SecuredActiveMqConnectionFactory.class); @@ -63,6 +78,7 @@ public class SecuredActiveMqConnectionFactory implements ConnectionFactory, uccfa.setTargetConnectionFactory(activeMQSslConnectionFactory); cachingConnectionFactory = new CachingConnectionFactory(); cachingConnectionFactory.setTargetConnectionFactory(uccfa); + cachingConnectionFactory.setCacheConsumers(false); initConnectionFactoryCredentials(uccfa); cachingConnectionFactory.initConnection(); @@ -78,62 +94,75 @@ public class SecuredActiveMqConnectionFactory implements ConnectionFactory, authenticationMode = AUTHMODE_DEFAULT; if (AUTHMODE_OS.equals(authenticationMode)) { - // Cache previous value of login conf location - String oldLoginConfLocation = System - .getProperty(LOGIN_CONFIG_PROPERTY); - // Find OS family - String osName = System.getProperty("os.name"); - final String auth; - if (osName.startsWith("Windows")) - auth = "Windows"; - else if (osName.startsWith("SunOS") || osName.startsWith("Solaris")) - auth = "Solaris"; - else - auth = "Unix"; - - Subject subject; - try { - - URL url = getClass().getResource( - "/org/argeo/security/activemq/osLogin.conf"); - - System.setProperty(LOGIN_CONFIG_PROPERTY, url.toString()); - LoginContext lc = new LoginContext(auth); - lc.login(); - subject = lc.getSubject(); - } catch (LoginException le) { - throw new ArgeoException("OS authentication failed", le); - } finally { - if (oldLoginConfLocation != null) - System.setProperty(LOGIN_CONFIG_PROPERTY, - oldLoginConfLocation); - } - - // Extract user name - String osUsername = null; - for (Principal principal : subject.getPrincipals()) { - String className = principal.getClass().getName(); - if ("Unix".equals(auth) - && "com.sun.security.auth.UnixPrincipal" - .equals(className)) - osUsername = principal.getName(); - else if ("Windows".equals(auth) - && "com.sun.security.auth.NTUserPrincipal" - .equals(className)) - osUsername = principal.getName(); - else if ("Solaris".equals(auth) - && "com.sun.security.auth.SolarisPrincipal" - .equals(className)) - osUsername = principal.getName(); - } - - if (osUsername == null) - throw new ArgeoException("Could not find OS user name"); - - uccfa.setUsername(osUsername); + // if (false) { + // // Cache previous value of login conf location + // String oldLoginConfLocation = System + // .getProperty(LOGIN_CONFIG_PROPERTY); + // // Find OS family + // String osName = System.getProperty("os.name"); + // final String auth; + // if (osName.startsWith("Windows")) + // auth = "Windows"; + // else if (osName.startsWith("SunOS") + // || osName.startsWith("Solaris")) + // auth = "Solaris"; + // else + // auth = "Unix"; + // + // Subject subject; + // // see http://old.nabble.com/osgi-and-jaas-td23485885.html + // ClassLoader ccl = Thread.currentThread() + // .getContextClassLoader(); + // try { + // Thread.currentThread().setContextClassLoader( + // getClass().getClassLoader()); + // URL url = getClass().getResource( + // "/org/argeo/security/activemq/osLogin.conf"); + // + // System.setProperty(LOGIN_CONFIG_PROPERTY, url.toString()); + // LoginContext lc = new LoginContext(auth); + // lc.login(); + // subject = lc.getSubject(); + // } catch (LoginException le) { + // throw new ArgeoException("OS authentication failed", le); + // } finally { + // if (oldLoginConfLocation != null) + // System.setProperty(LOGIN_CONFIG_PROPERTY, + // oldLoginConfLocation); + // Thread.currentThread().setContextClassLoader(ccl); + // } + // // Extract user name + // String osUsername = null; + // for (Principal principal : subject.getPrincipals()) { + // String className = principal.getClass().getName(); + // if ("Unix".equals(auth) + // && "com.sun.security.auth.UnixPrincipal" + // .equals(className)) + // osUsername = principal.getName(); + // else if ("Windows".equals(auth) + // && "com.sun.security.auth.NTUserPrincipal" + // .equals(className)) + // osUsername = principal.getName(); + // else if ("Solaris".equals(auth) + // && "com.sun.security.auth.SolarisPrincipal" + // .equals(className)) + // osUsername = principal.getName(); + // } + // + // if (osUsername == null) + // throw new ArgeoException("Could not find OS user name"); + // } + + uccfa.setUsername(System.getProperty("user.name")); uccfa.setPassword(null); } else if (AUTHMODE_UI.equals(authenticationMode)) { + try { + UIManager.setLookAndFeel(new MetalLookAndFeel()); + } catch (UnsupportedLookAndFeelException e) { + throw new ArgeoException("Cannot load look and feel", e); + } + UIManager.put("ClassLoader", getClass().getClassLoader()); UserPasswordDialog dialog = new UserPasswordDialog() { private static final long serialVersionUID = -891646559691412088L; @@ -174,7 +203,7 @@ public class SecuredActiveMqConnectionFactory implements ConnectionFactory, new SecureRandom()); } catch (Exception e) { throw new ArgeoException( - "Cannot initailize JMS conneciton factory", e); + "Cannot initialize JMS connection factory", e); } } @@ -200,4 +229,8 @@ public class SecuredActiveMqConnectionFactory implements ConnectionFactory, this.brokerURL = brokerUrl; } + public void setAuthenticationMode(String authenticationMode) { + this.authenticationMode = authenticationMode; + } + }