001: /*
002: * JOSSO: Java Open Single Sign-On
003: *
004: * Copyright 2004-2008, Atricore, Inc.
005: *
006: * This is free software; you can redistribute it and/or modify it
007: * under the terms of the GNU Lesser General Public License as
008: * published by the Free Software Foundation; either version 2.1 of
009: * the License, or (at your option) any later version.
010: *
011: * This software is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this software; if not, write to the Free
018: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
019: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
020: */
021:
022: package org.josso.jb42.agent;
023:
024: import org.apache.catalina.Context;
025: import org.apache.commons.logging.Log;
026: import org.apache.commons.logging.LogFactory;
027: import org.josso.agent.SSOAgentRequest;
028: import org.josso.agent.SingleSignOnEntry;
029: import org.josso.tc55.agent.CatalinaSSOAgent;
030: import org.josso.tc55.agent.CatalinaSSOAgentRequest;
031:
032: /**
033: * JBoss Agent implementation.
034: * On each processRequest() call it does two things :
035: *
036: * <p>
037: * 1. Replaces the partner web application context's realm with our JBossCatalinaRealm.
038: * <p>
039: * 2. Associates the Active Subject information to the current thread so that partner web
040: * applications can have an authenticated http request.
041: * <p>
042: * The JBossCatalinaSSOAgent must be used only in JBoss by configuring the agent configuration
043: * file in the following way :
044: *
045: <pre>
046: <agent>
047: <class>org.josso.agent.JBossCatalinaSSOAgent</class>
048: ...
049: </agent>
050: </pre>
051: *
052: * @author <a href="mailto:gbrigand@josso.org">Gianluca Brigandi</a>
053: * @version CVS $Id: JBossCatalinaSSOAgent.java 338 2006-02-09 16:53:07Z sgonzalez $
054: */
055:
056: public class JBossCatalinaSSOAgent extends CatalinaSSOAgent {
057:
058: private static final Log logger = LogFactory
059: .getLog(JBossCatalinaSSOAgent.class);
060:
061: public SingleSignOnEntry processRequest(SSOAgentRequest request) {
062: CatalinaSSOAgentRequest r = (CatalinaSSOAgentRequest) request;
063: Context c = r.getContext();
064:
065: if (debug > 0)
066: log("Executing authenticate for jboss");
067:
068: // In JBoss this will allow the JBoss Security Manager (JaasSecurityManager) to
069: // associate the authenticated Subject to the current Thread.
070: // This is needed so that when the Security Manager gets called by Catalina it
071: // will have which is the Subject for performing authorization procedures like
072: // isUserInRole().
073: // Since the JBoss Security Manager has a cache with all the authenticated Principals,
074: // it won't invoke the JAAS login module each time, avoiding a performance impact.
075: authenticate(request);
076:
077: return super .processRequest(request);
078: }
079:
080: /**
081: * This will log messages to standard output if debug level is greater than zero
082: * @param message
083: */
084: protected void log(String message) {
085: // Avoid couplig with specific logger implementation.
086: // JBoss 4.2.0 and 4.2.1 have different signatures than JBoss 4.2.2+ for org.apache.catalina.Container.getLogger
087:
088: if (debug > 0)
089: logger.debug(message);
090: }
091:
092: /**
093: * This will log messages to standard output if debug level is greater than zero
094: * @param message
095: */
096: protected void log(String message, Throwable throwable) {
097: // Avoid couplig with specific logger implementation.
098: // JBoss 4.2.0 and 4.2.1 have different signatures than JBoss 4.2.2+ for org.apache.catalina.Container.getLogger
099: if (debug > 0) {
100: logger.debug(message, throwable);
101: }
102:
103: }
104: }
|