org.ow2.jonas.security.internal
Class JonasSecurityServiceImpl

java.lang.Object
  org.ow2.jonas.lib.management.javaee.ManagedObject
      org.ow2.jonas.lib.service.AbsServiceImpl
          org.ow2.jonas.security.internal.JonasSecurityServiceImpl

All Implemented Interfaces:

JonasSecurityServiceImplMBean, SecurityService, Service

public class JonasSecurityServiceImpl
extends AbsServiceImpl
implements SecurityService, JonasSecurityServiceImplMBean

Security Service implementation?

Author:

Jeff Mesnil,Philippe Coq, John Ellis, Joe Gittings for old security service, Florent Benoit - JOnAS 3.x (Add JResources) - JOnAS 4.x (remove MethodGuard, RoleGuard no more used with JACC)

Field Summary

protected static java.lang.String	CONFIG_FILE Relative path of the realm configuration file.
static java.lang.String	REMOTE_RESOUCE Name of resource.

Constructor Summary

JonasSecurityServiceImpl()

Method Summary

void	addJResourceDS(java.lang.String name, java.lang.String dsName, java.lang.String userTable, java.lang.String userTableUsernameCol, java.lang.String userTablePasswordCol, java.lang.String roleTable, java.lang.String roleTableUsernameCol, java.lang.String roleTableRolenameCol, java.lang.String algorithm) Add a DS resource.
void	addJResourceLDAP(java.lang.String name, java.lang.String initialContextFactory, java.lang.String providerUrl, java.lang.String securityAuthentication, java.lang.String securityPrincipal, java.lang.String securityCredentials, java.lang.String securityProtocol, java.lang.String language, java.lang.String referral, java.lang.String stateFactories, java.lang.String authenticationMode, java.lang.String userPasswordAttribute, java.lang.String userRolesAttribute, java.lang.String roleNameAttribute, java.lang.String baseDN, java.lang.String userDN, java.lang.String userSearchFilter, java.lang.String roleDN, java.lang.String roleSearchFilter, java.lang.String algorithm) Add a LDAP resource.
void	addJResourceMemory(java.lang.String name) Add a Memory resource.
void	addResources(java.lang.String xml) Add JResources with a given xml configuration.
void	bindResource(java.lang.String name, JResource jResource) Bind the given resource with the given name and register with a new MBean.
void	doStart() Start the Service Initialization of the service is already done.
void	doStop() Stop the Service.
java.lang.String	encryptPassword(java.lang.String string, java.lang.String algo) Encrypt a string with an algorithm.
protected java.io.File	getConfigFile() Return a File object representing the jonas-realm.xml configuration file.
JResource	getJResource(java.lang.String name) Return a resource by giving its name.
boolean	isValidAlgorithm(java.lang.String algo) Check if the given algorithm is a valid algorithm.
void	removeJResource(java.lang.String resourceName) Remove the Resource (memory, ldap, datasource,...).
void	setJmxService(JmxService jmxService)
void	setRealmJndiRegistration(boolean register)
void	setRegistryService(RegistryService registry)
java.lang.String	toXML() String representation of the JOnAS realm.

Methods inherited from class org.ow2.jonas.lib.service.AbsServiceImpl

convertToList, doInit, getDomainName, getJonasServerName, getName, getSequenceNumber, getServerProperties, init, isStarted, setName, setServerProperties, start, stop, throwRequirementException, toString

Methods inherited from class org.ow2.jonas.lib.management.javaee.ManagedObject

getModelMBean, sendNotification, sendReconfigNotification, sendSaveNotification, setModelMBean

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.ow2.jonas.service.Service

getName, init, isStarted, setName, start, stop

Field Detail

REMOTE_RESOUCE

public static final java.lang.String REMOTE_RESOUCE

Name of resource.

See Also:

Constant Field Values

CONFIG_FILE

protected static final java.lang.String CONFIG_FILE

Relative path of the realm configuration file.

Constructor Detail

JonasSecurityServiceImpl

public JonasSecurityServiceImpl()

Method Detail

setRealmJndiRegistration

public void setRealmJndiRegistration(boolean register)

Parameters:

register - Bind a resource for security in JNDI ?

removeJResource

public void removeJResource(java.lang.String resourceName)
                     throws java.lang.Exception

Remove the Resource (memory, ldap, datasource,...).

Specified by:

removeJResource in interface JonasSecurityServiceImplMBean

Parameters:

resourceName - name of the resource

Throws:

java.lang.Exception - if the resource name does not exist

setRegistryService

public void setRegistryService(RegistryService registry)

Parameters:

registry - the registry service to set

doStart

public void doStart()
             throws ServiceException

Start the Service Initialization of the service is already done.

Specified by:

doStart in class AbsServiceImpl

Throws:

ServiceException - if the stop failed.

doStop

public void doStop()

Stop the Service.

Specified by:

doStop in class AbsServiceImpl

getJResource

public JResource getJResource(java.lang.String name)

Return a resource by giving its name.

Specified by:

getJResource in interface SecurityService

Parameters:

name - the wanted Resource

Returns:

a JResouce

getConfigFile

protected java.io.File getConfigFile()
                              throws java.io.FileNotFoundException

Return a File object representing the jonas-realm.xml configuration file.

Returns:

a File object representing the jonas-realm.xml configuration file.

Throws:

java.io.FileNotFoundException - if the configuration file is not found.

toXML

public java.lang.String toXML()

String representation of the JOnAS realm.

Specified by:

toXML in interface SecurityService

Returns:

the xml representation of the JOnAS realm

encryptPassword

public java.lang.String encryptPassword(java.lang.String string,
                                        java.lang.String algo)
                                 throws java.security.NoSuchAlgorithmException

Encrypt a string with an algorithm.

Specified by:

encryptPassword in interface JonasSecurityServiceImplMBean

Parameters:

string - the string to encode

algo - algorithm to apply on the given string

Returns:

the encoded string

Throws:

java.security.NoSuchAlgorithmException - One reason could be a bad algorithm

isValidAlgorithm

public boolean isValidAlgorithm(java.lang.String algo)

Check if the given algorithm is a valid algorithm.

Specified by:

isValidAlgorithm in interface JonasSecurityServiceImplMBean

Parameters:

algo - algorithm to apply on the given string

Returns:

true if it is a valid algorithm

addResources

public void addResources(java.lang.String xml)
                  throws java.lang.Exception

Add JResources with a given xml configuration.

Specified by:

addResources in interface JonasSecurityServiceImplMBean

Parameters:

xml - xml representation of the resources to add

Throws:

java.lang.Exception - if the resources can't be added

addJResourceMemory

public void addJResourceMemory(java.lang.String name)
                        throws java.lang.Exception

Add a Memory resource.

Specified by:

addJResourceMemory in interface JonasSecurityServiceImplMBean

Parameters:

name - the name of the JResourceMemory to create

Throws:

java.lang.Exception - if the resource can't be added

addJResourceDS

public void addJResourceDS(java.lang.String name,
                           java.lang.String dsName,
                           java.lang.String userTable,
                           java.lang.String userTableUsernameCol,
                           java.lang.String userTablePasswordCol,
                           java.lang.String roleTable,
                           java.lang.String roleTableUsernameCol,
                           java.lang.String roleTableRolenameCol,
                           java.lang.String algorithm)
                    throws java.lang.Exception

Add a DS resource.

Specified by:

addJResourceDS in interface JonasSecurityServiceImplMBean

Parameters:

name - the name of the JResourceDS to create

dsName - Name of the datasource resource to use.

userTable - Name of table which have the username/password

userTableUsernameCol - Column of the username of the user table

userTablePasswordCol - Column of the password of the user table

roleTable - Name of table which have the username/role

roleTableUsernameCol - Column of the username of the role table

roleTableRolenameCol - Column of the role of the role table

algorithm - Default algorithm. If specified, the default is not 'clear' password

Throws:

java.lang.Exception - if the resource can't be added

addJResourceLDAP

public void addJResourceLDAP(java.lang.String name,
                             java.lang.String initialContextFactory,
                             java.lang.String providerUrl,
                             java.lang.String securityAuthentication,
                             java.lang.String securityPrincipal,
                             java.lang.String securityCredentials,
                             java.lang.String securityProtocol,
                             java.lang.String language,
                             java.lang.String referral,
                             java.lang.String stateFactories,
                             java.lang.String authenticationMode,
                             java.lang.String userPasswordAttribute,
                             java.lang.String userRolesAttribute,
                             java.lang.String roleNameAttribute,
                             java.lang.String baseDN,
                             java.lang.String userDN,
                             java.lang.String userSearchFilter,
                             java.lang.String roleDN,
                             java.lang.String roleSearchFilter,
                             java.lang.String algorithm)
                      throws java.lang.Exception

Add a LDAP resource.

Specified by:

addJResourceLDAP in interface JonasSecurityServiceImplMBean

Parameters:

name - the name of the JResourceLDAP to create

initialContextFactory - Initial context factory for the LDAp server

providerUrl - Url of the ldap server

securityAuthentication - Type of the authentication used during the authentication to the LDAP server

securityPrincipal - DN of the Principal(username). He can retrieve the information from the user

securityCredentials - Credential(password) of the principal

securityProtocol - Constant that holds the name of the environment property for specifying the security protocol to use.

language - Constant that holds the name of the environment property for specifying the preferred language to use with the service.

referral - Constant that holds the name of the environment property for specifying how referrals encountered by the service provider are to be processed.

stateFactories - Constant that holds the name of the environment property for specifying the list of state factories to use.

authenticationMode - Mode for validate the authentication (BIND_AUTHENTICATION_MODE or COMPARE_AUTHENTICATION_MODE)

userPasswordAttribute - Attribute in order to get the password from the ldap server

userRolesAttribute - Attribute in order to get the user role from the ldap server

roleNameAttribute - Attribute for the role name when performing a lookup on a role

baseDN - DN used for the lookup

userDN - DN used when searching the user DN. Override the baseDN if it is defined

userSearchFilter - Filter used when searching the user

roleDN - DN used when searching the role DN. Override the baseDN if it is defined

roleSearchFilter - Filter used when searching the role

algorithm - Default algorithm. If specified, the default is not 'clear' password

Throws:

java.lang.Exception - if the resource can't be added

bindResource

public void bindResource(java.lang.String name,
                         JResource jResource)

Bind the given resource with the given name and register with a new MBean.

Specified by:

bindResource in interface SecurityService

Parameters:

name - resource name

jResource - resource

setJmxService

public void setJmxService(JmxService jmxService)

Parameters:

jmxService - the jmxService to set