001: /*
002: * RealmAuthenticator.java
003: *
004: * Created on November 11, 2006, 2:11 PM
005: *
006: * To change this template, choose Tools | Template Manager
007: * and open the template in the editor.
008: */
009:
010: package com.sun.xml.wss;
011:
012: import com.sun.xml.wss.impl.XWSSecurityRuntimeException;
013: import com.sun.xml.wss.impl.misc.DefaultRealmAuthenticationAdapter;
014: import com.sun.xml.wss.impl.misc.ReflectionUtil;
015: import com.sun.xml.wss.impl.misc.SecurityUtil;
016: import com.sun.xml.wss.logging.LogDomainConstants;
017: import java.io.BufferedReader;
018: import java.io.IOException;
019: import java.io.InputStream;
020: import java.io.InputStreamReader;
021: import java.lang.reflect.InvocationTargetException;
022: import java.lang.reflect.Method;
023: import java.net.URL;
024: import java.util.logging.Level;
025: import java.util.logging.Logger;
026: import javax.security.auth.Subject;
027: import javax.servlet.ServletContext;
028: import javax.xml.soap.SOAPException;
029:
030: /**
031: *
032: * @author kumar jayanti
033: */
034: public abstract class RealmAuthenticationAdapter {
035:
036: public static final String UsernameAuthenticator = "com.sun.xml.xwss.RealmAuthenticator";
037: private static final String SERVLET_CONTEXT_CLASSNAME = "javax.servlet.ServletContext";
038: // Prefixing with META-INF/ instead of /META-INF/. /META-INF/ is working fine
039: // when loading from a JAR file but not when loading from a plain directory.
040: private static final String JAR_PREFIX = "META-INF/";
041:
042: /** Creates a new instance of RealmAuthenticator */
043: protected RealmAuthenticationAdapter() {
044: }
045:
046: public abstract boolean authenticate(Subject callerSubject,
047: String username, String password)
048: throws XWSSecurityException;
049:
050: public static RealmAuthenticationAdapter newInstance(Object context) {
051: RealmAuthenticationAdapter adapter = null;
052: if (context == null) {
053: // first try if it is an EJB jar
054: URL url = SecurityUtil
055: .loadFromClasspath("META-INF/services/"
056: + UsernameAuthenticator);
057: if (url != null) {
058: adapter = loadReamlAuthenticator(url);
059: if (adapter != null) {
060: return adapter;
061: }
062: }
063: return new DefaultRealmAuthenticationAdapter();
064:
065: } else {
066: URL url = SecurityUtil.loadFromContext(
067: "/META-INF/services/" + UsernameAuthenticator,
068: context);
069: return loadReamlAuthenticator(url);
070: }
071: }
072:
073: private static Object newInstance(String className,
074: ClassLoader classLoader) throws SOAPException {
075: try {
076: Class spiClass;
077: if (classLoader == null) {
078: spiClass = Class.forName(className);
079: } else {
080: spiClass = classLoader.loadClass(className);
081: }
082: return spiClass.newInstance();
083: } catch (ClassNotFoundException x) {
084: throw new XWSSecurityRuntimeException(
085: "The following RealmAuthenticator: "
086: + className
087: + " specified in META-INF/services of the application archive was not found",
088: x);
089: } catch (Exception x) {
090: throw new XWSSecurityRuntimeException(
091: "The following RealmAuthenticator: "
092: + className
093: + " specified in META-INF/services of the application archive could not be instantiated",
094: x);
095: }
096: }
097:
098: private static RealmAuthenticationAdapter loadReamlAuthenticator(
099: URL url) {
100: InputStream is = null;
101: if (url == null) {
102: return null;
103: }
104: try {
105: is = url.openStream();
106: if (is != null) {
107: try {
108: BufferedReader rd = new BufferedReader(
109: new InputStreamReader(is, "UTF-8"));
110: String factoryClassName = rd.readLine();
111: rd.close();
112: if (factoryClassName != null
113: && !"".equals(factoryClassName)) {
114: Object obj = newInstance(factoryClassName,
115: Thread.currentThread()
116: .getContextClassLoader());
117: if (!(obj instanceof RealmAuthenticationAdapter)) {
118: throw new Exception(
119: "Class :"
120: + factoryClassName
121: + " is not a valid RealmAuthenticationProvider");
122: }
123: return (RealmAuthenticationAdapter) obj;
124: }
125: } catch (Exception e) {
126: throw new XWSSecurityRuntimeException(e);
127: }
128: }
129: } catch (IOException e) {
130: return null;
131: }
132: return null;
133: }
134:
135: }
|