001: /*
002: * $Id: ApplicationSecurityConfiguration.java,v 1.5 2007/08/24 09:12:51 kumarjayanti Exp $
003: */
004:
005: /*
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026:
027: package com.sun.xml.wss.impl.config;
028:
029: import java.util.Iterator;
030: import java.util.ArrayList;
031: import java.util.Collection;
032: import java.util.Hashtable;
033:
034: import java.util.logging.Level;
035: import java.util.logging.Logger;
036:
037: import com.sun.xml.wss.impl.policy.SecurityPolicy;
038: import com.sun.xml.wss.impl.policy.StaticPolicyContext;
039: import com.sun.xml.wss.impl.policy.SecurityPolicyContainer;
040:
041: import com.sun.xml.wss.impl.PolicyTypeUtil;
042: import com.sun.xml.wss.impl.MessageConstants;
043: import com.sun.xml.wss.logging.LogDomainConstants;
044: import com.sun.xml.wss.impl.configuration.*;
045: import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
046:
047: /**
048: * Represents an XWS-Security configuration object, corresponding to the
049: * <code><xwss:JAXRPCSecurity></code> element (as defined in XWS-Security,
050: * configuration schema, xwssconfig.xsd).
051: */
052: public class ApplicationSecurityConfiguration extends
053: SecurityPolicyContainer {
054:
055: private static Logger log = Logger.getLogger(
056: LogDomainConstants.WSS_API_DOMAIN,
057: LogDomainConstants.CONFIGURATION_DOMAIN_BUNDLE);
058:
059: boolean bsp = false;
060:
061: boolean useCacheFlag = false;
062:
063: String envHandlerClassName = null;
064:
065: boolean optimize = false;
066:
067: private boolean retainSecHeader = false;
068:
069: public ApplicationSecurityConfiguration() {
070: }
071:
072: /**
073: * Constructor
074: * @param handlerClassName the class name of the SecurityEnvironment CallbackHandler
075: */
076: public ApplicationSecurityConfiguration(String handlerClassName) {
077: this .envHandlerClassName = handlerClassName;
078: }
079:
080: /**
081: * set the SecurityEnvironment CallbackHandler
082: * @param handlerClassName the class name of the SecurityEnvironment Callback Handler
083: */
084: public void setSecurityEnvironmentHandler(String handlerClassName) {
085: this .envHandlerClassName = handlerClassName;
086: }
087:
088: /**
089: * get the SecurityEnvironment CallbackHandler
090: * @return the class name of the SecurityEnvironment CallbackHandler
091: */
092: public String getSecurityEnvironmentHandler() {
093: return this .envHandlerClassName;
094: }
095:
096: /*
097: * @return list of all ApplicationSecurityConfigurations
098: * Note : to be called only on the Top level SecurityConfiguration
099: */
100: public Collection getAllTopLevelApplicationSecurityConfigurations() {
101:
102: return servicesList;
103: /*
104: if (allTopLevelApplicationSecurityConfigs != null)
105: return allTopLevelApplicationSecurityConfigs;
106:
107: Collection keys = _ctx2PolicyMap.keySet();
108: Iterator keyIterator = keys.iterator();
109: Collection applicationSecConfig = new ArrayList();
110: while (keyIterator.hasNext()) {
111: StaticApplicationContext sac = (StaticApplicationContext) keyIterator.next();
112: if(sac.isService()){
113: ArrayList serviceElements = (ArrayList)_ctx2PolicyMap.get(sac);
114: Iterator serviceIterator = serviceElements.iterator();
115: while(serviceIterator.hasNext()){
116: SecurityPolicy policy = (SecurityPolicy)serviceIterator.next();
117: if (PolicyTypeUtil.applicationSecurityConfiguration(policy)) {
118: applicationSecConfig.add(policy);
119: }
120: }
121: }
122: }
123: return applicationSecConfig;
124: */
125: }
126:
127: /*
128: * @return list of all security policies
129: */
130: public Collection getAllPolicies() {
131: Collection c = _ctx2PolicyMap.values();
132: Collection d = new ArrayList();
133: Iterator itr = c.iterator();
134: while (itr.hasNext()) {
135: ArrayList list = (ArrayList) itr.next();
136: for (int i = 0; i < list.size(); i++) {
137: SecurityPolicy policy = (SecurityPolicy) list.get(i);
138: if (PolicyTypeUtil
139: .applicationSecurityConfiguration(policy)) {
140: d
141: .addAll(((ApplicationSecurityConfiguration) policy)
142: .getAllPolicies());
143: } else {
144: d.add(policy);
145: }
146: }
147: }
148: return d;
149: }
150:
151: /*
152: * @return list of all sender security policies
153: */
154: public Collection getAllSenderPolicies() {
155: Collection c = _ctx2PolicyMap.values();
156: Collection d = new ArrayList();
157: Iterator itr = c.iterator();
158: while (itr.hasNext()) {
159: ArrayList list = (ArrayList) itr.next();
160: for (int i = 0; i < list.size(); i++) {
161: SecurityPolicy policy = (SecurityPolicy) list.get(i);
162: if (PolicyTypeUtil
163: .applicationSecurityConfiguration(policy)) {
164: d
165: .addAll(((ApplicationSecurityConfiguration) policy)
166: .getAllSenderPolicies());
167: } else {
168: DeclarativeSecurityConfiguration dsc = (DeclarativeSecurityConfiguration) policy;
169: MessagePolicy mp = dsc.senderSettings();
170: d.add(mp);
171: }
172: }
173: }
174: return d;
175: }
176:
177: /*
178: * @return list of all receiver security policies
179: */
180: public Collection getAllReceiverPolicies() {
181:
182: if (allReceiverPolicies != null)
183: return allReceiverPolicies;
184:
185: Collection c = _ctx2PolicyMap.values();
186:
187: Collection d = new ArrayList();
188: Iterator itr = c.iterator();
189: while (itr.hasNext()) {
190: ArrayList list = (ArrayList) itr.next();
191: for (int i = 0; i < list.size(); i++) {
192: SecurityPolicy policy = (SecurityPolicy) list.get(i);
193: if (PolicyTypeUtil
194: .applicationSecurityConfiguration(policy)) {
195: d
196: .addAll(((ApplicationSecurityConfiguration) policy)
197: .getAllReceiverPolicies());
198: } else {
199: if (PolicyTypeUtil
200: .declarativeSecurityConfiguration(policy)) {
201: DeclarativeSecurityConfiguration dsc = (DeclarativeSecurityConfiguration) policy;
202: MessagePolicy mp = dsc.receiverSettings();
203: if ((mp.getPrimaryPolicies().size() == 0 && mp
204: .getSecondaryPolicies().size() == 0)
205: || (mp.getPrimaryPolicies().size() != 0 && mp
206: .getSecondaryPolicies().size() == 0)
207: || (mp.getPrimaryPolicies().size() != 0 && mp
208: .getSecondaryPolicies().size() != 0)) {
209: d.add(mp);
210: }
211: } else {
212: //probably a DSP
213: d.add(policy);
214: }
215: }
216: }
217: }
218: return d;
219: }
220:
221: /**
222: * @return true of if the Configuration is Empty
223: */
224: public boolean isEmpty() {
225: return _ctx2PolicyMap.isEmpty();
226: }
227:
228: /*
229: * @return bsp boolean
230: */
231: public boolean isBSP() {
232: return bsp;
233: }
234:
235: /*
236: * @param flag boolean (isBsp)
237: */
238: public void isBSP(boolean flag) {
239: bsp = flag;
240: }
241:
242: /*
243: * @return useCache boolean
244: */
245: public boolean useCache() {
246: return useCacheFlag;
247: }
248:
249: /*
250: * @param flag boolean (useCache)
251: */
252: public void useCache(boolean flag) {
253: useCacheFlag = flag;
254: }
255:
256: /*
257: *@return the Retain Security Header Config Property
258: */
259: public boolean retainSecurityHeader() {
260: return retainSecHeader;
261: }
262:
263: /*
264: *@param arg, set the retainSecurityHeader flag.
265: */
266: public void retainSecurityHeader(boolean arg) {
267: this .retainSecHeader = arg;
268: }
269:
270: /* map to store inferred ctx to policy mappings (for efficiency of lookup) */
271: private Hashtable augmentedCtx2PolicyMap = new Hashtable();
272:
273: /* configuration for Single Service with No ports */
274: private SecurityPolicy configForSingleServiceNoPorts = null;
275:
276: /*
277: * Returns matching DeclarativeSecurityConfiguration (DSC)/DynamicSecurityPolicy (DSP)
278: * for a given context according to the following algorithm:
279: *
280: *<PRE>
281: * SecurityPolicy sp = null;
282: * if (context is an Operation Level Context) {
283: * if context has DSC|DSP {sp = DSC|DSP}
284: * if (sp == null) {
285: * context = enclosing context (Port Level Context)
286: * if context has DSC|DSP {sp = DSC|DSP}
287: * if (sp == null) {
288: * context = enclosing context (Service Level Context)
289: * if context has DSC|DSP {sp = DSC|DSP}
290: * }
291: * }
292: * } else if (context is a Port Level Context) {
293: * if context has DSC|DSP {sp = DSC|DSP}
294: * if (sp == null) {
295: * context = enclosing context (Service Level Context)
296: * if context has DSC|DSP {sp = DSC|DSP}
297: * }
298: * }
299: * return sp;
300: *</PRE>
301: *
302: * @param context the static policy identification context represented as a <code>StaticApplicationContext</code>
303: * @return the resolved SecurityPolicy instance for the context, null otherwise.
304: */
305: public SecurityPolicy getSecurityConfiguration(
306: StaticApplicationContext context) {
307:
308: if (configForSingleServiceNoPorts != null)
309: return configForSingleServiceNoPorts;
310:
311: SecurityPolicy sp = (SecurityPolicy) augmentedCtx2PolicyMap
312: .get(context);
313: if (sp != null)
314: return sp;
315:
316: sp = getDSCORDSP((ArrayList) _ctx2PolicyMap.get(context));
317: ;
318: if (sp != null) {
319: //Log at FINE here
320: if (MessageConstants.debug) {
321: log.log(Level.FINEST,
322: "Learning a new mapping for Context= "
323: + context);
324: }
325: augmentedCtx2PolicyMap.put(context, sp);
326: return sp;
327: }
328:
329: StaticApplicationContext ctx = new StaticApplicationContext(
330: context);
331:
332: if (ctx.isOperation()) {
333: ctx.setOperationIdentifier("");
334: sp = getDSCORDSP((ArrayList) _ctx2PolicyMap.get(ctx));
335:
336: if (sp == null) {
337: ctx.setPortIdentifier("");
338: sp = getDSCORDSP((ArrayList) _ctx2PolicyMap.get(ctx));
339: }
340: } else if (ctx.isPort()) {
341: ctx.setPortIdentifier("");
342: sp = getDSCORDSP((ArrayList) _ctx2PolicyMap.get(ctx));
343: }
344:
345: //learn a new mapping
346: if (context != null && sp != null) {
347: //Log at FINE here
348: if (MessageConstants.debug) {
349: log.log(Level.FINEST,
350: "Learning a new mapping for Context= "
351: + context);
352: }
353: augmentedCtx2PolicyMap.put(context, sp);
354: }
355:
356: return sp;
357: }
358:
359: //NON-API public methods to be set on the TopLevel
360: // ApplicationSecurityConfiguration corresponding to
361: // <JAXRPCSecurity> element.
362: // These methods allow optimizing the most common config scenarios
363:
364: private boolean sSNP = false;
365: private boolean hasOps = true;
366:
367: /* (non-Javadoc)
368: *@return true if config has Operation Level Policies
369: */
370: public boolean hasOperationPolicies() {
371: return hasOps;
372: }
373:
374: /* (non-Javadoc)
375: *set to true if config has Operation Level Policies
376: */
377: public void hasOperationPolicies(boolean flag) {
378: hasOps = flag;
379: }
380:
381: /* (non-Javadoc)
382: *set to true if config has single service with no ports
383: */
384: public void singleServiceNoPorts(boolean flag) {
385: sSNP = flag;
386: }
387:
388: /* (non-Javadoc)
389: *@return true if config has single Service and No Ports
390: */
391: private boolean singleServiceNoPorts() {
392: return sSNP;
393: }
394:
395: private SecurityPolicy getDSCORDSP(ArrayList list) {
396:
397: if (list == null) {
398: return null;
399: }
400:
401: Iterator i = list.iterator();
402:
403: while (i.hasNext()) {
404: SecurityPolicy policy = (SecurityPolicy) i.next();
405: if (PolicyTypeUtil.applicationSecurityConfiguration(policy)) {
406: return ((ApplicationSecurityConfiguration) policy)
407: .getDSCORDSP();
408: }
409: }
410:
411: return null;
412: }
413:
414: private SecurityPolicy getDSCORDSP() {
415: // iterate over the values and return the first encountered DSC or DP
416: Collection c = _ctx2PolicyMap.values();
417: Iterator i = c.iterator();
418: while (i.hasNext()) {
419: ArrayList al = (ArrayList) i.next();
420: SecurityPolicy policy = (SecurityPolicy) al.iterator()
421: .next();
422: if (PolicyTypeUtil.declarativeSecurityConfiguration(policy)
423: || PolicyTypeUtil.dynamicSecurityPolicy(policy)) {
424: return policy;
425: }
426: }
427: return null;
428: }
429:
430: /**
431: * @return the type of the policy
432: */
433: public String getType() {
434: return PolicyTypeUtil.APP_SEC_CONFIG_TYPE;
435: }
436:
437: private Collection allReceiverPolicies = null;
438:
439: //private Collection allTopLevelApplicationSecurityConfigs = null;
440:
441: /* (non-Javadoc)
442: * Internal Method to be called once only by IL/reader only on the
443: * Top level ApplicationSecurityConfiguration
444: */
445: public void init() {
446: setConfigForSingleServiceNoPorts();
447: allReceiverPolicies = getAllReceiverPoliciesFromConfig();
448: //allTopLevelApplicationSecurityConfigs = getAllTopLevelApplicationSecurityConfigurations();
449: }
450:
451: private ArrayList servicesList = new ArrayList();
452:
453: //override from parent
454: /**
455: * Associate more than one SecurityPolicy with a StaticPolicyContext
456: * @param ctx StaticPolicyContext
457: * @param policy SecurityPolicy
458: */
459: public void setSecurityPolicy(StaticPolicyContext ctx,
460: SecurityPolicy policy) {
461: if (ctx instanceof StaticApplicationContext) {
462: if (((StaticApplicationContext) ctx).isService()
463: && PolicyTypeUtil
464: .applicationSecurityConfiguration(policy)) {
465: servicesList.add(policy);
466: }
467: }
468:
469: super .setSecurityPolicy(ctx, policy);
470: }
471:
472: /*
473: * @return list of all receiver security policies
474: */
475: private Collection getAllReceiverPoliciesFromConfig() {
476:
477: Collection d = new ArrayList();
478: for (int i = 0; i < servicesList.size(); i++) {
479: ApplicationSecurityConfiguration policy = (ApplicationSecurityConfiguration) servicesList
480: .get(i);
481: d.addAll(policy.getAllReceiverPolicies());
482: }
483: return d;
484: }
485:
486: private void setConfigForSingleServiceNoPorts() {
487:
488: if (singleServiceNoPorts()) {
489: Collection c = _ctx2PolicyMap.values();
490: ArrayList al = (ArrayList) c.iterator().next();
491: ApplicationSecurityConfiguration serviceConfig = (ApplicationSecurityConfiguration) al
492: .iterator().next();
493: configForSingleServiceNoPorts = serviceConfig.getDSCORDSP();
494: }
495: }
496:
497: public void isOptimized(boolean optimize) {
498: this .optimize = optimize;
499: }
500:
501: public boolean isOptimized() {
502: return this.optimize;
503: }
504: }
|