Example 1 with RealmsManager
use of com.sun.enterprise.security.auth.realm.RealmsManager in project Payara by payara.
the class AuthenticationServiceImpl method initialize.
/**
* Initialize the Authentication Service configuration.
*
* Create the JAAS Configuration using the specified LoginModule configurations
*/
@Override
public void initialize(SecurityConfiguration securityServiceConfiguration) {
// org.glassfish.security.services.config.AuthenticationService as = (org.glassfish.security.services.config.AuthenticationService) securityServiceConfiguration;
// LOG.info("*** AuthenticationServiceImpl auth svc file realm provider module class: ");
// for (SecurityProvider sp : as.getSecurityProviders()) {
// LOG.info(" *** Provider name/type" + sp.getName() + "/" + sp.getType());
// if (sp.getSecurityProviderConfig() == null) {
// LOG.info(" *** getSecurityProviderConfig returned null");
// } else {
// for (SecurityProviderConfig spc : sp.getSecurityProviderConfig()) {
// LOG.info(" *** " + spc.getName());
// if (sp.getType().equals("LoginModule")) {
// LoginModuleConfig lmc = (LoginModuleConfig) spc;
// LOG.info(" *** LoginModule config: class is " + lmc.getModuleClass());
// }
// }
// }
// }
config = (org.glassfish.security.services.config.AuthenticationService) securityServiceConfiguration;
if (config == null)
return;
// JAAS LoginContext Name
name = config.getName();
// Determine if handling Realm password credential
usePasswordCredential = Boolean.valueOf(config.getUsePasswordCredential());
// Build JAAS Configuration based on the individual LoginModuleConfig settings
List<SecurityProvider> providers = config.getSecurityProviders();
if (providers != null) {
ArrayList<AppConfigurationEntry> lmEntries = new ArrayList<AppConfigurationEntry>();
for (SecurityProvider provider : providers) {
// If the provider is a LoginModule look for the LoginModuleConfig
if ("LoginModule".equalsIgnoreCase(provider.getType())) {
List<SecurityProviderConfig> providerConfig = provider.getSecurityProviderConfig();
if ((providerConfig != null) && (!providerConfig.isEmpty())) {
// Create the JAAS AppConfigurationEntry from the LoginModule settings
LoginModuleConfig lmConfig = (LoginModuleConfig) providerConfig.get(0);
Map<String, ?> lmOptions = lmConfig.getModuleOptions();
lmEntries.add(new AppConfigurationEntry(lmConfig.getModuleClass(), getLoginModuleControlFlag(lmConfig.getControlFlag()), lmOptions));
// Use the first LoginModule with auth-realm (i.e. unable to stack Realms)
if (usePasswordCredential && (realmName == null)) {
String authRealm = (String) lmOptions.get("auth-realm");
if ((authRealm != null) && (!authRealm.isEmpty()))
realmName = authRealm;
}
}
}
}
if (!lmEntries.isEmpty())
configuration = new AuthenticationJaasConfiguration(name, lmEntries);
}
// TODO - Reconcile initialization with SecurityLifeCycle
if (usePasswordCredential && (realmName != null)) {
RealmsManager realmsManager = locator.getService(RealmsManager.class);
realmsManager.createRealms();
}
}
Also used :
ArrayList(java.util.ArrayList)
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
RealmsManager(com.sun.enterprise.security.auth.realm.RealmsManager)
LoginModuleConfig(org.glassfish.security.services.config.LoginModuleConfig)
SecurityProvider(org.glassfish.security.services.config.SecurityProvider)
SecurityProviderConfig(org.glassfish.security.services.config.SecurityProviderConfig)
Aggregations
RealmsManager (com.sun.enterprise.security.auth.realm.RealmsManager)1
ArrayList (java.util.ArrayList)1
AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)1
LoginModuleConfig (org.glassfish.security.services.config.LoginModuleConfig)1
SecurityProvider (org.glassfish.security.services.config.SecurityProvider)1
SecurityProviderConfig (org.glassfish.security.services.config.SecurityProviderConfig)1
