1
2
3
4
5
6
7
8
9
10
11
12
13
14 package org.eclipse.jetty.security.jaspi;
15
16 import java.security.Principal;
17 import java.util.HashMap;
18 import java.util.List;
19 import java.util.Map;
20 import java.util.Set;
21
22 import javax.security.auth.Subject;
23 import javax.security.auth.message.AuthException;
24 import javax.security.auth.message.config.AuthConfigFactory;
25 import javax.security.auth.message.config.AuthConfigProvider;
26 import javax.security.auth.message.config.RegistrationListener;
27 import javax.security.auth.message.config.ServerAuthConfig;
28 import javax.servlet.ServletContext;
29
30 import org.eclipse.jetty.security.Authenticator;
31 import org.eclipse.jetty.security.DefaultAuthenticatorFactory;
32 import org.eclipse.jetty.security.IdentityService;
33 import org.eclipse.jetty.security.LoginService;
34 import org.eclipse.jetty.security.Authenticator.AuthConfiguration;
35 import org.eclipse.jetty.server.Server;
36 import org.eclipse.jetty.util.log.Log;
37
38 public class JaspiAuthenticatorFactory extends DefaultAuthenticatorFactory
39 {
40 private static String MESSAGE_LAYER = "HTTP";
41
42 private Subject _serviceSubject;
43 private String _serverName;
44
45
46
47
48
49
50 public Subject getServiceSubject()
51 {
52 return _serviceSubject;
53 }
54
55
56
57
58
59 public void setServiceSubject(Subject serviceSubject)
60 {
61 _serviceSubject = serviceSubject;
62 }
63
64
65
66
67
68 public String getServerName()
69 {
70 return _serverName;
71 }
72
73
74
75
76
77 public void setServerName(String serverName)
78 {
79 _serverName = serverName;
80 }
81
82
83 public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService)
84 {
85 Authenticator authenticator=null;
86 try
87 {
88 AuthConfigFactory authConfigFactory = AuthConfigFactory.getFactory();
89 RegistrationListener listener = new RegistrationListener()
90 {
91 public void notify(String layer, String appContext)
92 {}
93 };
94
95 Subject serviceSubject=findServiceSubject(server);
96 String serverName=findServerName(server,serviceSubject);
97
98
99 String appContext = serverName + " " + context.getContextPath();
100 AuthConfigProvider authConfigProvider = authConfigFactory.getConfigProvider(MESSAGE_LAYER,appContext,listener);
101 if (authConfigProvider != null)
102 {
103 ServletCallbackHandler servletCallbackHandler = new ServletCallbackHandler(loginService);
104 ServerAuthConfig serverAuthConfig = authConfigProvider.getServerAuthConfig(MESSAGE_LAYER,appContext,servletCallbackHandler);
105 if (serverAuthConfig != null)
106 {
107 Map map = new HashMap();
108 for (String key : configuration.getInitParameterNames())
109 map.put(key,configuration.getInitParameter(key));
110 authenticator= new JaspiAuthenticator(serverAuthConfig,map,servletCallbackHandler,
111 serviceSubject,true, identityService);
112 }
113 }
114 }
115 catch (AuthException e)
116 {
117 Log.warn(e);
118 }
119 return authenticator;
120 }
121
122
123
124
125
126
127
128 protected Subject findServiceSubject(Server server)
129 {
130 if (_serviceSubject!=null)
131 return _serviceSubject;
132 List subjects = server.getBeans(Subject.class);
133 if (subjects.size()>0)
134 return (Subject)subjects.get(0);
135 return null;
136 }
137
138
139
140
141
142
143
144 protected String findServerName(Server server, Subject subject)
145 {
146 if (_serverName!=null)
147 return _serverName;
148 if (subject!=null)
149 {
150 Set<Principal> principals = subject.getPrincipals();
151 if (principals!=null && !principals.isEmpty())
152 return principals.iterator().next().getName();
153 }
154
155 return "server";
156 }
157 }