|
|
|
|
1 |
|
/**
|
|
1 |
|
/**
|
|
|
|
|
2 |
|
* Licens
ed to the
Apache Sof
tware Foun
dation (AS
F) under o
ne or more
|
|
2 |
|
* Licens
ed to the
Apache Sof
tware Foun
dation (AS
F) under o
ne or more
|
|
|
|
|
3 |
|
* contri
butor lice
nse agreem
ents. See
the NOTIC
E file dis
tributed w
ith
|
|
3 |
|
* contri
butor lice
nse agreem
ents. See
the NOTIC
E file dis
tributed w
ith
|
|
|
|
|
4 |
|
* this w
ork for ad
ditional i
nformation
regarding
copyright
ownership
.
|
|
4 |
|
* this w
ork for ad
ditional i
nformation
regarding
copyright
ownership
.
|
|
|
|
|
5 |
|
* The AS
F licenses
this file
to You un
der the Ap
ache Licen
se, Versio
n 2.0
|
|
5 |
|
* The AS
F licenses
this file
to You un
der the Ap
ache Licen
se, Versio
n 2.0
|
|
|
|
|
6 |
|
* (the "
License");
you may n
ot use thi
s file exc
ept in com
pliance wi
th
|
|
6 |
|
* (the "
License");
you may n
ot use thi
s file exc
ept in com
pliance wi
th
|
|
|
|
|
7 |
|
* the Li
cense. Yo
u may obta
in a copy
of the Lic
ense at
|
|
7 |
|
* the Li
cense. Yo
u may obta
in a copy
of the Lic
ense at
|
|
|
|
|
8 |
|
*
|
|
8 |
|
*
|
|
|
|
|
9 |
|
* htt
p://www.ap
ache.org/l
icenses/LI
CENSE-2.0
|
|
9 |
|
* htt
p://www.ap
ache.org/l
icenses/LI
CENSE-2.0
|
|
|
|
|
10 |
|
*
|
|
10 |
|
*
|
|
|
|
|
11 |
|
* Unless
required
by applica
ble law or
agreed to
in writin
g, softwar
e
|
|
11 |
|
* Unless
required
by applica
ble law or
agreed to
in writin
g, softwar
e
|
|
|
|
|
12 |
|
* distri
buted unde
r the Lice
nse is dis
tributed o
n an "AS I
S" BASIS,
|
|
12 |
|
* distri
buted unde
r the Lice
nse is dis
tributed o
n an "AS I
S" BASIS,
|
|
|
|
|
13 |
|
* WITHOU
T WARRANTI
ES OR COND
ITIONS OF
ANY KIND,
either exp
ress or im
plied.
|
|
13 |
|
* WITHOU
T WARRANTI
ES OR COND
ITIONS OF
ANY KIND,
either exp
ress or im
plied.
|
|
|
|
|
14 |
|
* See th
e License
for the sp
ecific lan
guage gove
rning perm
issions an
d
|
|
14 |
|
* See th
e License
for the sp
ecific lan
guage gove
rning perm
issions an
d
|
|
|
|
|
15 |
|
* limita
tions unde
r the Lice
nse.
|
|
15 |
|
* limita
tions unde
r the Lice
nse.
|
|
|
|
|
16 |
|
*/
|
|
16 |
|
*/
|
|
|
|
|
17 |
|
package or
g.apache.c
atalina.au
thenticato
r.jaspic;
|
|
17 |
|
package or
g.apache.c
atalina.au
thenticato
r.jaspic;
|
|
|
|
|
18 |
|
|
|
18 |
|
|
|
|
|
|
19 |
|
import jav
a.util.Lis
t;
|
|
19 |
|
import jav
a.util.Lis
t;
|
|
|
|
|
20 |
|
|
|
20 |
|
|
|
|
|
|
21 |
|
import jav
ax.securit
y.auth.Sub
ject;
|
|
21 |
|
import jav
ax.securit
y.auth.Sub
ject;
|
|
|
|
|
22 |
|
import jav
ax.securit
y.auth.mes
sage.AuthE
xception;
|
|
22 |
|
import jav
ax.securit
y.auth.mes
sage.AuthE
xception;
|
|
|
|
|
23 |
|
import jav
ax.securit
y.auth.mes
sage.AuthS
tatus;
|
|
23 |
|
import jav
ax.securit
y.auth.mes
sage.AuthS
tatus;
|
|
|
|
|
24 |
|
import jav
ax.securit
y.auth.mes
sage.Messa
geInfo;
|
|
24 |
|
import jav
ax.securit
y.auth.mes
sage.Messa
geInfo;
|
|
|
|
|
25 |
|
import jav
ax.securit
y.auth.mes
sage.confi
g.ServerAu
thContext;
|
|
25 |
|
import jav
ax.securit
y.auth.mes
sage.confi
g.ServerAu
thContext;
|
|
|
|
|
26 |
|
import jav
ax.securit
y.auth.mes
sage.modul
e.ServerAu
thModule;
|
|
26 |
|
import jav
ax.securit
y.auth.mes
sage.modul
e.ServerAu
thModule;
|
|
|
|
|
27 |
|
|
|
27 |
|
|
|
|
|
|
28 |
|
/**
|
|
28 |
|
/**
|
|
|
|
|
29 |
|
* Basic i
mplementat
ion primar
ily intend
ed for use
when usin
g third-pa
rty
|
|
29 |
|
* Basic i
mplementat
ion primar
ily intend
ed for use
when usin
g third-pa
rty
|
|
|
|
|
30 |
|
* {@link
ServerAuth
Module} im
plementati
ons that o
nly provid
e the modu
le. This
|
|
30 |
|
* {@link
ServerAuth
Module} im
plementati
ons that o
nly provid
e the modu
le. This
|
|
|
|
|
31 |
|
* impleme
ntation su
pports mul
tiple modu
les and wi
ll treat t
he user as
|
|
31 |
|
* impleme
ntation su
pports mul
tiple modu
les and wi
ll treat t
he user as
|
|
|
|
|
32 |
|
* authent
icated if
any one mo
dule is ab
le to auth
enticate t
he user.
|
|
32 |
|
* authent
icated if
any one mo
dule is ab
le to auth
enticate t
he user.
|
|
|
|
|
33 |
|
*/
|
|
33 |
|
*/
|
|
|
|
|
34 |
|
public cla
ss SimpleS
erverAuthC
ontext imp
lements Se
rverAuthCo
ntext {
|
|
34 |
|
public cla
ss SimpleS
erverAuthC
ontext imp
lements Se
rverAuthCo
ntext {
|
|
|
|
|
35 |
|
|
|
35 |
|
|
|
|
|
|
36 |
|
privat
e final Li
st<ServerA
uthModule>
modules;
|
|
36 |
|
privat
e final Li
st<ServerA
uthModule>
modules;
|
|
|
|
|
37 |
|
|
|
37 |
|
|
|
|
|
|
38 |
|
|
|
38 |
|
|
|
|
|
|
39 |
|
public
SimpleSer
verAuthCon
text(List<
ServerAuth
Module> mo
dules) {
|
|
39 |
|
public
SimpleSer
verAuthCon
text(List<
ServerAuth
Module> mo
dules) {
|
|
|
|
|
40 |
|
th
is.modules
= modules
;
|
|
40 |
|
th
is.modules
= modules
;
|
|
|
|
|
41 |
|
}
|
|
41 |
|
}
|
|
|
|
|
42 |
|
|
|
42 |
|
|
|
|
|
|
43 |
|
|
|
43 |
|
|
|
|
|
|
44 |
|
@Suppr
essWarning
s("uncheck
ed") // JA
SPIC API u
ses raw ty
pes
|
|
44 |
|
@Suppr
essWarning
s("uncheck
ed") // JA
SPIC API u
ses raw ty
pes
|
|
|
|
|
45 |
|
@Overr
ide
|
|
45 |
|
@Overr
ide
|
|
|
|
|
46 |
|
public
AuthStatu
s validate
Request(Me
ssageInfo
messageInf
o, Subject
clientSub
ject,
|
|
46 |
|
public
AuthStatu
s validate
Request(Me
ssageInfo
messageInf
o, Subject
clientSub
ject,
|
|
|
|
|
47 |
|
Subject
serviceSub
ject) thro
ws AuthExc
eption {
|
|
47 |
|
Subject
serviceSub
ject) thro
ws AuthExc
eption {
|
|
|
|
|
48 |
|
fo
r (int mod
uleIndex =
0; module
Index < mo
dules.size
(); module
Index++) {
|
|
48 |
|
fo
r (int mod
uleIndex =
0; module
Index < mo
dules.size
(); module
Index++) {
|
|
|
|
|
49 |
|
ServerAu
thModule m
odule = mo
dules.get(
moduleInde
x);
|
|
49 |
|
ServerAu
thModule m
odule = mo
dules.get(
moduleInde
x);
|
|
|
|
|
50 |
|
AuthStat
us result
= module.v
alidateReq
uest(messa
geInfo, cl
ientSubjec
t, service
Subject);
|
|
50 |
|
AuthStat
us result
= module.v
alidateReq
uest(messa
geInfo, cl
ientSubjec
t, service
Subject);
|
|
|
|
|
51 |
|
if (resu
lt != Auth
Status.SEN
D_FAILURE)
{
|
|
51 |
|
if (resu
lt != Auth
Status.SEN
D_FAILURE)
{
|
|
|
|
|
52 |
|
mess
ageInfo.ge
tMap().put
("moduleIn
dex", Inte
ger.valueO
f(moduleIn
dex));
|
|
52 |
|
mess
ageInfo.ge
tMap().put
("moduleIn
dex", Inte
ger.valueO
f(moduleIn
dex));
|
|
|
|
|
53 |
|
retu
rn result;
|
|
53 |
|
retu
rn result;
|
|
|
|
|
54 |
|
}
|
|
54 |
|
}
|
|
|
|
|
55 |
|
}
|
|
55 |
|
}
|
|
|
|
|
56 |
|
re
turn AuthS
tatus.SEND
_FAILURE;
|
|
56 |
|
re
turn AuthS
tatus.SEND
_FAILURE;
|
|
|
|
|
57 |
|
}
|
|
57 |
|
}
|
|
|
|
|
58 |
|
|
|
58 |
|
|
|
|
|
|
59 |
|
|
|
59 |
|
|
|
|
|
|
60 |
|
@Overr
ide
|
|
60 |
|
@Overr
ide
|
|
|
|
|
61 |
|
public
AuthStatu
s secureRe
sponse(Mes
sageInfo m
essageInfo
, Subject
serviceSub
ject)
|
|
61 |
|
public
AuthStatu
s secureRe
sponse(Mes
sageInfo m
essageInfo
, Subject
serviceSub
ject)
|
|
|
|
|
62 |
|
throws A
uthExcepti
on {
|
|
62 |
|
throws A
uthExcepti
on {
|
|
|
|
|
63 |
|
Se
rverAuthMo
dule modul
e = module
s.get(((In
teger) mes
sageInfo.g
etMap().ge
t("moduleI
ndex")).in
tValue());
|
|
63 |
|
Se
rverAuthMo
dule modul
e = module
s.get(((In
teger) mes
sageInfo.g
etMap().ge
t("moduleI
ndex")).in
tValue());
|
|
|
|
|
64 |
|
re
turn modul
e.secureRe
sponse(mes
sageInfo,
serviceSub
ject);
|
|
64 |
|
re
turn modul
e.secureRe
sponse(mes
sageInfo,
serviceSub
ject);
|
|
|
|
|
65 |
|
}
|
|
65 |
|
}
|
|
|
|
|
66 |
|
|
|
66 |
|
|
|
|
|
|
67 |
|
|
|
67 |
|
|
|
|
|
|
68 |
|
@Overr
ide
|
|
68 |
|
@Overr
ide
|
|
|
|
|
69 |
|
public
void clea
nSubject(M
essageInfo
messageIn
fo, Subjec
t subject)
throws Au
thExceptio
n {
|
|
69 |
|
public
void clea
nSubject(M
essageInfo
messageIn
fo, Subjec
t subject)
throws Au
thExceptio
n {
|
|
|
|
|
70 |
|
fo
r (ServerA
uthModule
module : m
odules) {
|
|
70 |
|
fo
r (ServerA
uthModule
module : m
odules) {
|
|
|
|
|
71 |
|
module.c
leanSubjec
t(messageI
nfo, subje
ct);
|
|
71 |
|
module.c
leanSubjec
t(messageI
nfo, subje
ct);
|
|
|
|
|
72 |
|
}
|
|
72 |
|
}
|
|
|
|
|
73 |
|
}
|
|
73 |
|
}
|
|
|
|
|
74 |
|
}
|
|
74 |
|
}
|