001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test.jca.fs;
023:
024: import java.io.Serializable;
025: import java.io.File;
026: import java.io.PrintWriter;
027: import java.util.Set;
028: import java.util.StringTokenizer;
029: import java.util.HashSet;
030: import java.util.Iterator;
031: import java.security.acl.Group;
032: import javax.resource.spi.ManagedConnectionFactory;
033: import javax.resource.spi.ConnectionManager;
034: import javax.resource.spi.ManagedConnection;
035: import javax.resource.spi.ConnectionRequestInfo;
036: import javax.resource.ResourceException;
037: import javax.security.auth.Subject;
038:
039: import org.jboss.logging.Logger;
040: import org.jboss.security.SimplePrincipal;
041:
042: /**
043: * @author Scott.Stark@jboss.org
044: * @version $Revision: 57211 $
045: */
046: public class FSMangedConnectionFactory implements
047: ManagedConnectionFactory, Serializable {
048: private static final long serialVersionUID = 100000;
049: private static Logger log = Logger
050: .getLogger(FSMangedConnectionFactory.class);
051:
052: private String userName;
053: private String password;
054: private Set roles;
055: private transient File rootDir;
056:
057: /** Creates new FSMangedConnectionFactory */
058: public FSMangedConnectionFactory() {
059: }
060:
061: public Object createConnectionFactory() throws ResourceException {
062: log.debug("createConnectionFactory");
063: throw new UnsupportedOperationException(
064: "Cannot be used in unmanaed env");
065: }
066:
067: public Object createConnectionFactory(ConnectionManager cm)
068: throws ResourceException {
069: log.debug("createConnectionFactory, cm=" + cm, new Exception(
070: "CalledBy:"));
071: FSRequestInfo fsInfo = new FSRequestInfo(rootDir);
072: return new DirContextFactoryImpl(cm, this , fsInfo);
073: }
074:
075: public ManagedConnection createManagedConnection(Subject subject,
076: ConnectionRequestInfo info) throws ResourceException {
077: log.debug("createManagedConnection, subject=" + subject
078: + ", info=" + info, new Exception("CalledBy:"));
079: FSRequestInfo fsInfo = (FSRequestInfo) info;
080: if (roles != null && roles.size() > 0) {
081: validateRoles(subject);
082: }
083: return new FSManagedConnection(subject, fsInfo);
084: }
085:
086: public ManagedConnection matchManagedConnections(Set connectionSet,
087: Subject subject, ConnectionRequestInfo info)
088: throws ResourceException {
089: log.debug("matchManagedConnections, connectionSet="
090: + connectionSet + ", subject=" + subject + ", info="
091: + info);
092: return (ManagedConnection) connectionSet.iterator().next();
093: }
094:
095: public PrintWriter getLogWriter() throws ResourceException {
096: return null;
097: }
098:
099: public void setLogWriter(PrintWriter out) throws ResourceException {
100: }
101:
102: public boolean equals(Object other) {
103: return super .equals(other);
104: }
105:
106: public int hashCode() {
107: return super .hashCode();
108: }
109:
110: public String getUserName() {
111: return userName;
112: }
113:
114: public void setUserName(String userName) {
115: this .userName = userName;
116: }
117:
118: public String getPassword() {
119: return password;
120: }
121:
122: public void setPassword(String password) {
123: this .password = password;
124: }
125:
126: public String getRoles() {
127: return roles.toString();
128: }
129:
130: public void setRoles(String roles) {
131: this .roles = new HashSet();
132: StringTokenizer st = new StringTokenizer(roles, ",");
133: while (st.hasMoreTokens()) {
134: String role = st.nextToken();
135: this .roles.add(role);
136: }
137: }
138:
139: public void setFileSystemRootDir(String rootDirPath) {
140: rootDir = new File(rootDirPath);
141: if (rootDir.exists() == false)
142: rootDir.mkdirs();
143: log
144: .debug("setFileSystemRootDir, rootDir="
145: + rootDir.getAbsolutePath(), new Exception(
146: "CalledBy:"));
147: }
148:
149: private void validateRoles(Subject theSubject)
150: throws ResourceException {
151: Set subjectGroups = theSubject.getPrincipals(Group.class);
152: Iterator iter = subjectGroups.iterator();
153: Group roleGrp = null;
154: while (iter.hasNext()) {
155: Group grp = (Group) iter.next();
156: String name = grp.getName();
157: if (name.equals("Roles"))
158: roleGrp = grp;
159: }
160: if (roleGrp == null)
161: throw new ResourceException("Subject has not Roles");
162:
163: boolean isValid = false;
164: iter = roles.iterator();
165: while (iter.hasNext() && isValid == false) {
166: String name = (String) iter.next();
167: SimplePrincipal role = new SimplePrincipal(name);
168: isValid = roleGrp.isMember(role);
169: }
170: if (isValid == false) {
171: String msg = "Authorization failure, subjectRoles="
172: + roleGrp + ", requiredRoles=" + roles;
173: throw new ResourceException(msg);
174: }
175: }
176: }
|