001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.security.srp;
023:
024: import java.io.File;
025: import java.io.IOException;
026: import java.net.URL;
027: import javax.naming.InitialContext;
028: import javax.naming.Name;
029:
030: import org.jboss.naming.NonSerializableFactory;
031: import org.jboss.security.srp.SerialObjectStore;
032: import org.jboss.system.ServiceMBeanSupport;
033:
034: /** The JMX mbean interface for the SRP password verifier store. This
035: implementation uses the SerialObjectStore as a simple and yet secure
036: source of usernames and their password verifiers and verifier salts. It
037: also provides a simple interface for adding and deleting users from the
038: SerialObjectStore. The mbean stores a non-serializable reference to the
039: SRPVerifierStore interface in JNDI under the property.
040:
041: @see org.jboss.security.srp.SerialObjectStore
042:
043: @author Scott.Stark@jboss.org
044: @version $Revision: 57210 $
045: */
046: public class SRPVerifierStoreService extends ServiceMBeanSupport
047: implements SRPVerifierStoreServiceMBean {
048: private SerialObjectStore store;
049: private String fileName = "SRPVerifierStore.ser";
050: private String jndiName = "srp/DefaultVerifierSource";
051:
052: // --- Begin SRPVerifierStoreServiceMBean interface methods
053: /** Get the jndi name for the SRPVerifierSource implementation binding.
054: */
055: public String getJndiName() {
056: return jndiName;
057: }
058:
059: /** set the jndi name for the SRPVerifierSource implementation binding.
060: */
061: public void setJndiName(String jndiName) {
062: this .jndiName = jndiName;
063: }
064:
065: public void setStoreFile(String fileName) throws IOException {
066: this .fileName = fileName;
067: if (store != null) {
068: File storeFile = new File(fileName);
069: store.save(storeFile);
070: }
071: }
072:
073: public void addUser(String username, String password)
074: throws IOException {
075: try {
076: store.addUser(username, password);
077: save();
078: log.debug("Added username: " + username);
079: } catch (Exception e) {
080: log.warn("Failed to addUser, username=" + username, e);
081: }
082: }
083:
084: public void delUser(String username) throws IOException {
085: store.delUser(username);
086: log.debug("Added username: " + username);
087: save();
088: }
089:
090: // --- End SRPVerifierStoreServiceMBean interface methods
091:
092: public String getName() {
093: return "SRPVerifierStoreService";
094: }
095:
096: public void initService() throws Exception {
097: }
098:
099: public void startService() throws Exception {
100: File storeFile = new File(fileName);
101: store = new SerialObjectStore(storeFile);
102: log.info("Created SerialObjectStore at: "
103: + storeFile.getAbsolutePath());
104: // Bind a reference to store using NonSerializableFactory as the ObjectFactory
105: InitialContext ctx = new InitialContext();
106: Name name = ctx.getNameParser("").parse(jndiName);
107: NonSerializableFactory.rebind(name, store, true);
108: }
109:
110: private void save() throws IOException {
111: if (store != null) { // Try to locate the file on the classpath
112: File storeFile = new File(fileName);
113: ClassLoader loader = Thread.currentThread()
114: .getContextClassLoader();
115: URL url = loader.getResource(fileName);
116: if (url == null) { // Try to locate the file's parent on the classpath
117: String parent = storeFile.getParent();
118: if (parent != null) {
119: url = loader.getResource(parent);
120: if (url != null) {
121: storeFile = new File(url.getFile(), storeFile
122: .getName());
123: }
124: // else, just go with storeFile as a system file path
125: }
126: } else {
127: storeFile = new File(url.getFile());
128: }
129: store.save(storeFile);
130: }
131: }
132: }
|