use of com.sun.enterprise.deployment.AuthMechanism in project Payara by payara.
the class ConnectorSecurityAdminServiceImpl method getAuthenticationService.
/**
* Obtain the authentication service associated with rar module.
* Currently only the BasicPassword authentication is supported.
*
* @param rarName Rar module Name
* @param poolInfo Name of the pool. Used for creation of
* BasicPasswordAuthenticationService
* @return AuthenticationService
*/
public AuthenticationService getAuthenticationService(String rarName, PoolInfo poolInfo) {
ConnectorDescriptor cd = _registry.getDescriptor(rarName);
OutboundResourceAdapter obra = cd.getOutboundResourceAdapter();
Set authMechs = obra.getAuthMechanisms();
for (Object authMech : authMechs) {
AuthMechanism authMechanism = (AuthMechanism) authMech;
String mech = authMechanism.getAuthMechType();
if (mech.equals("BasicPassword")) {
return new BasicPasswordAuthenticationService(rarName, poolInfo);
}
}
return null;
}
use of com.sun.enterprise.deployment.AuthMechanism in project Payara by payara.
the class ConnectorAnnotationHandler method processDescriptor.
public static void processDescriptor(Class annotatedClass, Connector connector, ConnectorDescriptor desc) {
if (desc.getDescription().equals("") && connector.description().length > 0) {
desc.setDescription(convertStringArrayToStringBuffer(connector.description()));
}
if (desc.getDisplayName().equals("") && connector.displayName().length > 0) {
desc.setDisplayName(convertStringArrayToStringBuffer(connector.displayName()));
}
if ((desc.getSmallIconUri() == null || desc.getSmallIconUri().equals("")) && connector.smallIcon().length > 0) {
desc.setSmallIconUri(convertStringArrayToStringBuffer(connector.smallIcon()));
}
if ((desc.getLargeIconUri() == null || desc.getLargeIconUri().equals("")) && connector.largeIcon().length > 0) {
desc.setLargeIconUri(convertStringArrayToStringBuffer(connector.largeIcon()));
}
if (desc.getVendorName().equals("") && !connector.vendorName().equals("")) {
desc.setVendorName(connector.vendorName());
}
if (desc.getEisType().equals("") && !connector.eisType().equals("")) {
desc.setEisType(connector.eisType());
}
if (desc.getVersion().equals("") && !connector.version().equals("")) {
desc.setVersion(connector.version());
}
if (desc.getLicenseDescriptor() == null) {
// We will be able to detect whether license description is specified in annotation
// or not, but "license required" can't be detected. Hence taking the annotated values *always*
// if DD does not have an equivalent
String[] licenseDescriptor = connector.licenseDescription();
boolean licenseRequired = connector.licenseRequired();
LicenseDescriptor ld = new LicenseDescriptor();
ld.setDescription(convertStringArrayToStringBuffer(licenseDescriptor));
ld.setLicenseRequired(licenseRequired);
desc.setLicenseDescriptor(ld);
}
AuthenticationMechanism[] auths = connector.authMechanisms();
if (auths != null && auths.length > 0) {
for (AuthenticationMechanism auth : auths) {
String authMechString = auth.authMechanism();
int authMechInt = AuthMechanism.getAuthMechInt(authMechString);
// check whether the same auth-mechanism is defined in DD also,
// possible change could be with auth-mechanism's credential-interface for a particular
// auth-mechanism-type
boolean ignore = false;
OutboundResourceAdapter ora = getOutbound(desc);
Set ddAuthMechanisms = ora.getAuthMechanisms();
for (Object o : ddAuthMechanisms) {
AuthMechanism ddAuthMechanism = (AuthMechanism) o;
if (ddAuthMechanism.getAuthMechType().equals(auth.authMechanism())) {
ignore = true;
break;
}
}
// if it was not specified in DD, add it to connector-descriptor
if (!ignore) {
String credentialInterfaceName = ora.getCredentialInterfaceName(auth.credentialInterface());
// XXX: Siva: For now use the first provided description
String description = "";
if (auth.description().length > 0) {
description = auth.description()[0];
}
AuthMechanism authM = new AuthMechanism(description, authMechInt, credentialInterfaceName);
ora.addAuthMechanism(authM);
}
}
}
// merge DD and annotation entries of security-permission
SecurityPermission[] perms = connector.securityPermissions();
if (perms != null && perms.length > 0) {
for (SecurityPermission perm : perms) {
boolean ignore = false;
// check whether the same permission is defined in DD also,
// though it does not make any functionality difference except possible
// "Description" change
Set ddSecurityPermissions = desc.getSecurityPermissions();
for (Object o : ddSecurityPermissions) {
com.sun.enterprise.deployment.SecurityPermission ddSecurityPermission = (com.sun.enterprise.deployment.SecurityPermission) o;
if (ddSecurityPermission.getPermission().equals(perm.permissionSpec())) {
ignore = true;
break;
}
}
// if it was not specified in DD, add it to connector-descriptor
if (!ignore) {
com.sun.enterprise.deployment.SecurityPermission sp = new com.sun.enterprise.deployment.SecurityPermission();
sp.setPermission(perm.permissionSpec());
// XXX: Siva for now use the first provided Description
String firstDesc = "";
if (perm.description().length > 0)
firstDesc = perm.description()[0];
sp.setDescription(firstDesc);
desc.addSecurityPermission(sp);
}
}
}
// if reauth is false, we can ignore it as default value in dol is also false.
if (connector.reauthenticationSupport()) {
OutboundResourceAdapter ora = getOutbound(desc);
if (!ora.isReauthenticationSupportSet()) {
ora.setReauthenticationSupport(connector.reauthenticationSupport());
}
}
// if transaction-support is no-transaction, we can ignore it as default value in dol is also no-transaction.
if (!connector.transactionSupport().equals(TransactionSupport.TransactionSupportLevel.NoTransaction)) {
OutboundResourceAdapter ora = getOutbound(desc);
if (!ora.isTransactionSupportSet()) {
ora.setTransactionSupport(connector.transactionSupport().toString());
}
}
// merge the DD & annotation specified values of required-inflow-contexts
// merge involves simple union of class-names of inflow-contexts of DD and annotation
// due to the above approach, its not possible to switch off one of the required-inflow-contexts ?
// TODO need to check support and throw exception ?
Class<? extends WorkContext>[] requiredInflowContexts = connector.requiredWorkContexts();
if (requiredInflowContexts != null) {
for (Class<? extends WorkContext> ic : requiredInflowContexts) {
desc.addRequiredWorkContext(ic.getName());
}
}
if (desc.getResourceAdapterClass().equals("")) {
if (isResourceAdapterClass(annotatedClass)) {
desc.setResourceAdapterClass(annotatedClass.getName());
}
}
}
use of com.sun.enterprise.deployment.AuthMechanism in project Payara by payara.
the class AuthenticationMechanismHandler method processAnnotation.
public HandlerProcessingResult processAnnotation(AnnotationInfo element) throws AnnotationProcessorException {
AnnotatedElementHandler aeHandler = element.getProcessingContext().getHandler();
AuthenticationMechanism authMechanism = (AuthenticationMechanism) element.getAnnotation();
if (aeHandler instanceof RarBundleContext) {
boolean isConnectionDefinition = hasConnectorAnnotation(element);
if (isConnectionDefinition) {
RarBundleContext rarContext = (RarBundleContext) aeHandler;
ConnectorDescriptor desc = rarContext.getDescriptor();
if (!desc.getOutBoundDefined()) {
OutboundResourceAdapter ora = new OutboundResourceAdapter();
desc.setOutboundResourceAdapter(ora);
}
OutboundResourceAdapter ora = desc.getOutboundResourceAdapter();
String[] description = authMechanism.description();
int authMechanismValue = getAuthMechVal(authMechanism.authMechanism());
AuthenticationMechanism.CredentialInterface ci = authMechanism.credentialInterface();
String credentialInterface = ora.getCredentialInterfaceName(ci);
// XXX: Siva: For now use the first description
String firstDesc = "";
if (description.length > 0) {
firstDesc = description[0];
}
AuthMechanism auth = new AuthMechanism(firstDesc, authMechanismValue, credentialInterface);
ora.addAuthMechanism(auth);
} else {
getFailureResult(element, "Not a @Connector annotation : @AuthenticationMechanism must " + "be specified along with @Connector annotation", true);
}
} else {
getFailureResult(element, "Not a rar bundle context", true);
}
return getDefaultProcessedResult();
}
use of com.sun.enterprise.deployment.AuthMechanism in project Payara by payara.
the class AuthenticationMechanismHandler method processAnnotation.
public HandlerProcessingResult processAnnotation(AnnotationInfo element) throws AnnotationProcessorException {
AnnotatedElementHandler aeHandler = element.getProcessingContext().getHandler();
AuthenticationMechanism authMechanism = (AuthenticationMechanism) element.getAnnotation();
if (aeHandler instanceof RarBundleContext) {
boolean isConnectionDefinition = hasConnectorAnnotation(element);
if (isConnectionDefinition) {
RarBundleContext rarContext = (RarBundleContext) aeHandler;
ConnectorDescriptor desc = rarContext.getDescriptor();
if (!desc.getOutBoundDefined()) {
OutboundResourceAdapter ora = new OutboundResourceAdapter();
desc.setOutboundResourceAdapter(ora);
}
OutboundResourceAdapter ora = desc.getOutboundResourceAdapter();
String[] description = authMechanism.description();
int authMechanismValue = getAuthMechVal(authMechanism.authMechanism());
AuthenticationMechanism.CredentialInterface ci = authMechanism.credentialInterface();
String credentialInterface = ora.getCredentialInterfaceName(ci);
// XXX: Siva: For now use the first description
String firstDesc = "";
if (description.length > 0) {
firstDesc = description[0];
}
AuthMechanism auth = new AuthMechanism(firstDesc, authMechanismValue, credentialInterface);
ora.addAuthMechanism(auth);
} else {
getFailureResult(element, "Not a @Connector annotation : @AuthenticationMechanism must " + "be specified along with @Connector annotation", true);
}
} else {
getFailureResult(element, "Not a rar bundle context", true);
}
return getDefaultProcessedResult();
}
use of com.sun.enterprise.deployment.AuthMechanism in project Payara by payara.
the class AuthMechType method check.
/**
* <p>
* All Authorization Mechanism type should be of an allowed type
* </p>
*
* @paramm descriptor deployment descriptor for the rar file
* @return result object containing the result of the individual test
* performed
*/
public Result check(ConnectorDescriptor descriptor) {
boolean oneFailed = false;
Result result = getInitializedResult();
ComponentNameConstructor compName = getVerifierContext().getComponentNameConstructor();
if (!descriptor.getOutBoundDefined()) {
result.addNaDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.notApplicable(smh.getLocalString("com.sun.enterprise.tools.verifier.tests.connector.managed.notApplicableForInboundRA", "Resource Adapter does not provide outbound communication"));
return result;
}
Set mechanisms = descriptor.getOutboundResourceAdapter().getAuthMechanisms();
if (mechanisms.isEmpty()) {
// passed
result.addGoodDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.passed(smh.getLocalString("com.sun.enterprise.tools.verifier.tests.connector.AuthMechType.nonexist", "No authentication mechanism defined for this resource adapater"));
return result;
}
Iterator mechIterator = mechanisms.iterator();
while (mechIterator.hasNext()) {
AuthMechanism am = (AuthMechanism) mechIterator.next();
String authMechType = am.getAuthMechType();
boolean allowedMech = false;
if (authMechType != null) {
for (int i = 0; i < allowedMechs.length; i++) {
if (authMechType.equals(allowedMechs[i])) {
allowedMech = true;
break;
}
}
}
if (!allowedMech || authMechType == null) {
// failed
oneFailed = true;
result.addErrorDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.failed(smh.getLocalString("com.sun.enterprise.tools.verifier.tests.connector.AuthMechType.failed", "Authentication mechanism type [ {0} ] is not allowed"));
}
}
if (!oneFailed) {
result.addGoodDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.passed(smh.getLocalString("com.sun.enterprise.tools.verifier.tests.connector.AuthMechType.passed", "All defined authentication mechanism types are allowed"));
}
return result;
}
Aggregations