01: /*
02: * $Id: SimplePasswordJmxAuthenticator.java 11234 2008-03-06 23:44:34Z tcarlson $
03: * --------------------------------------------------------------------------------------
04: * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com
05: *
06: * The software in this package is published under the terms of the CPAL v1.0
07: * license, a copy of which has been included with this distribution in the
08: * LICENSE.txt file.
09: */
10:
11: package org.mule.module.management.support;
12:
13: import org.mule.module.management.agent.JmxAgent;
14: import org.mule.util.ObjectUtils;
15: import org.mule.util.StringUtils;
16:
17: import java.util.Collections;
18: import java.util.HashMap;
19: import java.util.HashSet;
20: import java.util.Map;
21: import java.util.Set;
22:
23: import javax.management.remote.JMXAuthenticator;
24: import javax.management.remote.JMXPrincipal;
25: import javax.security.auth.Subject;
26:
27: import org.apache.commons.logging.Log;
28: import org.apache.commons.logging.LogFactory;
29:
30: /**
31: * A JMX authenticator for a simple username/password scheme.
32: * Passwords are neither encrypted, nor obfuscated.
33: */
34: public class SimplePasswordJmxAuthenticator implements JMXAuthenticator {
35: /**
36: * Logger used by this class.
37: */
38: protected static final Log logger = LogFactory
39: .getLog(JmxAgent.class);
40:
41: /**
42: * An in-memory credentials storage.
43: */
44: private Map credentials = new HashMap();
45:
46: /**
47: * {@inheritDoc}
48: */
49: public Subject authenticate(Object authToken) {
50: if (authToken == null) {
51: throw new SecurityException(
52: "No authentication token available");
53: }
54: if (!(authToken instanceof String[])
55: || ((String[]) authToken).length != 2) {
56: throw new SecurityException(
57: "Unsupported credentials format");
58: }
59:
60: String[] authentication = (String[]) authToken;
61:
62: String username = StringUtils.defaultString(authentication[0]);
63: String password = StringUtils.defaultString(authentication[1]);
64:
65: if (!credentials.containsKey(username)) {
66: throw new SecurityException("Unauthenticated user: "
67: + username);
68: }
69:
70: if (!password.equals(ObjectUtils.toString(credentials
71: .get(username)))) {
72: throw new SecurityException("Invalid password");
73: }
74:
75: Set principals = new HashSet();
76: principals.add(new JMXPrincipal(username));
77: return new Subject(true, principals, Collections.EMPTY_SET,
78: Collections.EMPTY_SET);
79: }
80:
81: /**
82: * Setter for property 'credentials'.
83: *
84: * @param newCredentials Value to set for property 'credentials'.
85: */
86: public void setCredentials(final Map newCredentials) {
87: this .credentials.clear();
88: if (newCredentials == null || newCredentials.isEmpty()) {
89: logger
90: .warn("Credentials cache has been purged, remote access will no longer be available");
91: } else {
92: this.credentials.putAll(newCredentials);
93: }
94: }
95: }
|