1
2
3
4
5
6
7
8
9
10
11
12
13
14 package org.eclipse.jetty.security.jaspi;
15
16 import java.security.Principal;
17 import java.util.HashMap;
18 import java.util.List;
19 import java.util.Map;
20 import java.util.Set;
21
22 import javax.security.auth.Subject;
23 import javax.security.auth.message.AuthException;
24 import javax.security.auth.message.config.AuthConfigFactory;
25 import javax.security.auth.message.config.AuthConfigProvider;
26 import javax.security.auth.message.config.RegistrationListener;
27 import javax.security.auth.message.config.ServerAuthConfig;
28 import javax.servlet.ServletContext;
29
30 import org.eclipse.jetty.security.Authenticator;
31 import org.eclipse.jetty.security.DefaultAuthenticatorFactory;
32 import org.eclipse.jetty.security.IdentityService;
33 import org.eclipse.jetty.security.LoginService;
34 import org.eclipse.jetty.security.Authenticator.AuthConfiguration;
35 import org.eclipse.jetty.server.Server;
36 import org.eclipse.jetty.util.log.Log;
37 import org.eclipse.jetty.util.log.Logger;
38
39 public class JaspiAuthenticatorFactory extends DefaultAuthenticatorFactory
40 {
41 private static final Logger LOG = Log.getLogger(JaspiAuthenticatorFactory.class);
42
43 private static String MESSAGE_LAYER = "HTTP";
44
45 private Subject _serviceSubject;
46 private String _serverName;
47
48
49
50
51
52
53 public Subject getServiceSubject()
54 {
55 return _serviceSubject;
56 }
57
58
59
60
61
62 public void setServiceSubject(Subject serviceSubject)
63 {
64 _serviceSubject = serviceSubject;
65 }
66
67
68
69
70
71 public String getServerName()
72 {
73 return _serverName;
74 }
75
76
77
78
79
80 public void setServerName(String serverName)
81 {
82 _serverName = serverName;
83 }
84
85
86 public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService)
87 {
88 Authenticator authenticator=null;
89 try
90 {
91 AuthConfigFactory authConfigFactory = AuthConfigFactory.getFactory();
92 RegistrationListener listener = new RegistrationListener()
93 {
94 public void notify(String layer, String appContext)
95 {}
96 };
97
98 Subject serviceSubject=findServiceSubject(server);
99 String serverName=findServerName(server,serviceSubject);
100
101
102 String appContext = serverName + " " + context.getContextPath();
103 AuthConfigProvider authConfigProvider = authConfigFactory.getConfigProvider(MESSAGE_LAYER,appContext,listener);
104 if (authConfigProvider != null)
105 {
106 ServletCallbackHandler servletCallbackHandler = new ServletCallbackHandler(loginService);
107 ServerAuthConfig serverAuthConfig = authConfigProvider.getServerAuthConfig(MESSAGE_LAYER,appContext,servletCallbackHandler);
108 if (serverAuthConfig != null)
109 {
110 Map map = new HashMap();
111 for (String key : configuration.getInitParameterNames())
112 map.put(key,configuration.getInitParameter(key));
113 authenticator= new JaspiAuthenticator(serverAuthConfig,map,servletCallbackHandler,
114 serviceSubject,true, identityService);
115 }
116 }
117 }
118 catch (AuthException e)
119 {
120 LOG.warn(e);
121 }
122 return authenticator;
123 }
124
125
126
127
128
129
130
131 protected Subject findServiceSubject(Server server)
132 {
133 if (_serviceSubject!=null)
134 return _serviceSubject;
135 List subjects = server.getBeans(Subject.class);
136 if (subjects.size()>0)
137 return (Subject)subjects.get(0);
138 return null;
139 }
140
141
142
143
144
145
146
147 protected String findServerName(Server server, Subject subject)
148 {
149 if (_serverName!=null)
150 return _serverName;
151 if (subject!=null)
152 {
153 Set<Principal> principals = subject.getPrincipals();
154 if (principals!=null && !principals.isEmpty())
155 return principals.iterator().next().getName();
156 }
157
158 return "server";
159 }
160 }