001: /******************************************************************************
002: * JBoss, a division of Red Hat *
003: * Copyright 2006, Red Hat Middleware, LLC, and individual *
004: * contributors as indicated by the @authors tag. See the *
005: * copyright.txt in the distribution for a full listing of *
006: * individual contributors. *
007: * *
008: * This is free software; you can redistribute it and/or modify it *
009: * under the terms of the GNU Lesser General Public License as *
010: * published by the Free Software Foundation; either version 2.1 of *
011: * the License, or (at your option) any later version. *
012: * *
013: * This software is distributed in the hope that it will be useful, *
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of *
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
016: * Lesser General Public License for more details. *
017: * *
018: * You should have received a copy of the GNU Lesser General Public *
019: * License along with this software; if not, write to the Free *
020: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
021: * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
022: ******************************************************************************/package org.jboss.portal.security.impl.jacc;
023:
024: import org.jboss.portal.jems.as.system.AbstractJBossService;
025: import org.jboss.portal.security.AuthorizationDomainRegistry;
026: import org.jboss.portal.security.PortalPermission;
027: import org.jboss.portal.security.spi.auth.PortalAuthorizationManager;
028: import org.jboss.portal.security.spi.auth.PortalAuthorizationManagerFactory;
029: import org.jboss.security.jacc.DelegatingPolicy;
030: import org.jboss.security.jacc.SubjectPolicyContextHandler;
031:
032: import javax.security.jacc.PolicyContext;
033: import java.security.Policy;
034: import java.util.HashMap;
035: import java.util.Map;
036:
037: /**
038: * @author <a href="mailto:julien@jboss.org">Julien Viet</a>
039: * @version $Revision: 8784 $
040: */
041: public class JACCPortalAuthorizationManagerFactory extends
042: AbstractJBossService implements
043: PortalAuthorizationManagerFactory {
044:
045: /** . */
046: private AuthorizationDomainRegistry authorizationDomainRegistry;
047:
048: /** . */
049: private final JACCPortalAuthorizationManager manager = new JACCPortalAuthorizationManager(
050: this );
051:
052: /** The configured roles. */
053: final Map configuredRoles = new HashMap();
054:
055: /** JACC bypass */
056: private SecurityContext securityContext = null;
057:
058: public AuthorizationDomainRegistry getAuthorizationDomainRegistry() {
059: return authorizationDomainRegistry;
060: }
061:
062: public void setAuthorizationDomainRegistry(
063: AuthorizationDomainRegistry authorizationDomainRegistry) {
064: this .authorizationDomainRegistry = authorizationDomainRegistry;
065: }
066:
067: public PortalAuthorizationManager getManager() {
068: JACCPortalAuthorizationManager manager = new JACCPortalAuthorizationManager(
069: this );
070:
071: if (this .securityContext == null) {
072: this .securityContext = new SecurityContext();
073: }
074:
075: manager.setSecurityContext(this .securityContext);
076: return manager;
077: }
078:
079: /** Set the PolicyContext subject security handler and the delegating policy. */
080: protected void startService() throws Exception {
081: // Set up the mandatory context handler
082: SubjectPolicyContextHandler handler = new SubjectPolicyContextHandler();
083: PolicyContext.registerHandler(
084: SubjectPolicyContextHandler.SUBJECT_CONTEXT_KEY,
085: handler, true);
086:
087: // Setup custom policy
088: Policy policy = Policy.getPolicy();
089: if (policy != null && policy instanceof DelegatingPolicy) {
090: // Just update the permission types
091: log
092: .debug("Found existing delegating policy, configuring it with with PortalPermission");
093: DelegatingPolicy dp = (DelegatingPolicy) policy;
094: dp
095: .setExternalPermissionTypes(new Class[] { PortalPermission.class });
096: } else {
097: // New config
098: log
099: .debug("No existing delegating policy in place, adding one configured with the PortalPermission class");
100: DelegatingPolicy dp = DelegatingPolicy.getInstance();
101: dp
102: .setExternalPermissionTypes(new Class[] { PortalPermission.class });
103: Policy.setPolicy(dp);
104: policy = dp;
105: }
106:
107: // Refresh
108: policy.refresh();
109:
110: //JACC bypass
111: this .securityContext = new SecurityContext();
112: }
113: }
|