01: /**
02: * Licensed to the Apache Software Foundation (ASF) under one or more
03: * contributor license agreements. See the NOTICE file distributed with
04: * this work for additional information regarding copyright ownership.
05: * The ASF licenses this file to You under the Apache License, Version 2.0
06: * (the "License"); you may not use this file except in compliance with
07: * the License. You may obtain a copy of the License at
08: *
09: * http://www.apache.org/licenses/LICENSE-2.0
10: *
11: * Unless required by applicable law or agreed to in writing, software
12: * distributed under the License is distributed on an "AS IS" BASIS,
13: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14: * See the License for the specific language governing permissions and
15: * limitations under the License.
16: */package org.apache.openejb.server.ejbd;
17:
18: import org.apache.openejb.client.AuthenticationRequest;
19: import org.apache.openejb.client.AuthenticationResponse;
20: import org.apache.openejb.client.ClientMetaData;
21: import org.apache.openejb.client.ResponseCodes;
22: import org.apache.openejb.client.ThrowableArtifact;
23: import org.apache.openejb.loader.SystemInstance;
24: import org.apache.openejb.spi.SecurityService;
25: import org.apache.openejb.util.LogCategory;
26: import org.apache.openejb.util.Messages;
27: import org.apache.openejb.util.Logger;
28:
29: import java.io.ObjectInputStream;
30: import java.io.ObjectOutputStream;
31: import java.io.IOException;
32:
33: import javax.security.auth.login.LoginException;
34:
35: class AuthRequestHandler {
36:
37: Messages _messages = new Messages(
38: "org.apache.openejb.server.util.resources");
39: private static final Logger logger = Logger.getInstance(
40: LogCategory.OPENEJB_SERVER_REMOTE.createChild("auth"),
41: "org.apache.openejb.server.util.resources");
42:
43: AuthRequestHandler(EjbDaemon daemon) {
44: }
45:
46: public void processRequest(ObjectInputStream in,
47: ObjectOutputStream out) {
48: AuthenticationRequest req = new AuthenticationRequest();
49: AuthenticationResponse res = new AuthenticationResponse();
50:
51: try {
52: req.readExternal(in);
53:
54: String securityRealm = req.getRealm();
55: String username = req.getUsername();
56: String password = req.getCredentials();
57:
58: SecurityService securityService = SystemInstance.get()
59: .getComponent(SecurityService.class);
60: Object token = securityService.login(securityRealm,
61: username, password);
62:
63: ClientMetaData client = new ClientMetaData();
64: client.setClientIdentity(token);
65:
66: res.setIdentity(client);
67: res.setResponseCode(ResponseCodes.AUTH_GRANTED);
68: } catch (Throwable t) {
69: res.setResponseCode(ResponseCodes.AUTH_DENIED);
70: res.setDeniedCause(t);
71: } finally {
72: if (logger.isDebugEnabled()) {
73: try {
74: logger.debug("AUTH REQUEST: " + req
75: + " -- RESPONSE: " + res);
76: } catch (Exception justInCase) {
77: }
78: }
79:
80: try {
81: res.writeExternal(out);
82: } catch (java.io.IOException ie) {
83: logger
84: .fatal(
85: "Couldn't write AuthenticationResponse to output stream",
86: ie);
87: }
88: }
89: }
90:
91: }
|