01: /*
02: * JOSSO: Java Open Single Sign-On
03: *
04: * Copyright 2004-2008, Atricore, Inc.
05: *
06: * This is free software; you can redistribute it and/or modify it
07: * under the terms of the GNU Lesser General Public License as
08: * published by the Free Software Foundation; either version 2.1 of
09: * the License, or (at your option) any later version.
10: *
11: * This software is distributed in the hope that it will be useful,
12: * but WITHOUT ANY WARRANTY; without even the implied warranty of
13: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14: * Lesser General Public License for more details.
15: *
16: * You should have received a copy of the GNU Lesser General Public
17: * License along with this software; if not, write to the Free
18: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
19: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
20: */
21:
22: package org.josso.jb4.agent;
23:
24: import org.apache.catalina.Context;
25: import org.josso.agent.SSOAgentRequest;
26: import org.josso.agent.SingleSignOnEntry;
27: import org.josso.tc55.agent.CatalinaSSOAgent;
28: import org.josso.tc55.agent.CatalinaSSOAgentRequest;
29:
30: /**
31: * JBoss Agent implementation.
32: * On each processRequest() call it does two things :
33: *
34: * <p>
35: * 1. Replaces the partner web application context's realm with our JBossCatalinaRealm.
36: * <p>
37: * 2. Associates the Active Subject information to the current thread so that partner web
38: * applications can have an authenticated http request.
39: * <p>
40: * The JBossCatalinaSSOAgent must be used only in JBoss by configuring the agent configuration
41: * file in the following way :
42: *
43: <pre>
44: <agent>
45: <class>org.josso.agent.JBossCatalinaSSOAgent</class>
46: ...
47: </agent>
48: </pre>
49: *
50: * @author <a href="mailto:gbrigand@josso.org">Gianluca Brigandi</a>
51: * @version CVS $Id: JBossCatalinaSSOAgent.java 508 2008-02-18 13:32:29Z sgonzalez $
52: */
53:
54: public class JBossCatalinaSSOAgent extends CatalinaSSOAgent {
55:
56: public SingleSignOnEntry processRequest(SSOAgentRequest request) {
57: CatalinaSSOAgentRequest r = (CatalinaSSOAgentRequest) request;
58: Context c = r.getContext();
59:
60: if (debug > 0)
61: log("Executing authenticate for jboss");
62:
63: // In JBoss this will allow the JBoss Security Manager (JaasSecurityManager) to
64: // associate the authenticated Subject to the current Thread.
65: // This is needed so that when the Security Manager gets called by Catalina it
66: // will have which is the Subject for performing authorization procedures like
67: // isUserInRole().
68: // Since the JBoss Security Manager has a cache with all the authenticated Principals,
69: // it won't invoke the JAAS login module each time, avoiding a performance impact.
70: authenticate(request);
71:
72: return super.processRequest(request);
73: }
74: }
|