01: /*
02: * JOSSO: Java Open Single Sign-On
03: *
04: * Copyright 2004-2008, Atricore, Inc.
05: *
06: * This is free software; you can redistribute it and/or modify it
07: * under the terms of the GNU Lesser General Public License as
08: * published by the Free Software Foundation; either version 2.1 of
09: * the License, or (at your option) any later version.
10: *
11: * This software is distributed in the hope that it will be useful,
12: * but WITHOUT ANY WARRANTY; without even the implied warranty of
13: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14: * Lesser General Public License for more details.
15: *
16: * You should have received a copy of the GNU Lesser General Public
17: * License along with this software; if not, write to the Free
18: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
19: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
20: */
21:
22: package org.josso.auth.scheme;
23:
24: import org.josso.auth.CredentialProvider;
25: import org.josso.auth.Credential;
26: import org.josso.auth.scheme.X509CertificateCredential;
27: import org.apache.commons.logging.Log;
28: import org.apache.commons.logging.LogFactory;
29:
30: import java.security.cert.X509Certificate;
31: import java.security.cert.CertificateFactory;
32: import java.security.cert.CertificateException;
33: import java.io.ByteArrayInputStream;
34:
35: public class X509CertificateCredentialProvider implements
36: CredentialProvider {
37: private static final Log logger = LogFactory
38: .getLog(X509CertificateCredentialProvider.class);
39:
40: /**
41: * The name of the credential representing an X.509 Certificate.
42: * Used to get a new credential instance based on its name and value.
43: * Value : userCertificate
44: *
45: * @see Credential newCredential(String name, Object value)
46: */
47: private final static String X509_CERTIFICATE_CREDENTIAL_NAME = "userCertificate";
48:
49: public Credential newCredential(String name, Object value) {
50:
51: if (name.equalsIgnoreCase(X509_CERTIFICATE_CREDENTIAL_NAME)) {
52:
53: if (value instanceof X509Certificate)
54: return new X509CertificateCredential(value);
55: else if (value instanceof String) {
56: X509Certificate cert = buildX509Certificate((String) value);
57: return new X509CertificateCredential(cert);
58: } else {
59: X509Certificate cert = buildX509Certificate((byte[]) value);
60: return new X509CertificateCredential(cert);
61: }
62: }
63:
64: // Don't know how to handle this name ...
65: if (logger.isDebugEnabled())
66: logger.debug("Unknown credential name : " + name);
67:
68: return null;
69: }
70:
71: private X509Certificate buildX509Certificate(byte[] binaryCert) {
72: X509Certificate cert = null;
73:
74: try {
75: ByteArrayInputStream bais = new ByteArrayInputStream(
76: binaryCert);
77: CertificateFactory cf = CertificateFactory
78: .getInstance("X.509");
79:
80: cert = (X509Certificate) cf.generateCertificate(bais);
81:
82: if (logger.isDebugEnabled())
83: logger.debug("Building X.509 certificate result :\n "
84: + cert);
85:
86: } catch (CertificateException ce) {
87: logger.error("Error instantiating X.509 Certificate", ce);
88: }
89:
90: return cert;
91: }
92:
93: private X509Certificate buildX509Certificate(String plainCert) {
94: return buildX509Certificate(plainCert.getBytes());
95: }
96:
97: }
|