Search in sources :

Example 1 with SecurityProviderConfig

use of org.glassfish.security.services.config.SecurityProviderConfig in project Payara by payara.

the class LDAPAdminAccessConfigurator method updateSecurityProvider.

/*    private String getNewRealmName(SecurityService ss) {
        List<AuthRealm> realms = ss.getAuthRealm();
        String pref = ORIG_ADMIN_REALM_NAME + "-";
        int index = 0;  //last one
        for (AuthRealm realm : realms) {
            if (realm.getName().indexOf(pref) >= 0) {
                index = Integer.parseInt(realm.getName().substring(pref.length()));
            }
        }
        return pref + (index+1);
    }*/
private void updateSecurityProvider(final Transaction t, final SecurityProvider w_sp, final StringBuilder sb) throws TransactionFailure, PropertyVetoException {
    for (SecurityProviderConfig spc : w_sp.getSecurityProviderConfig()) {
        if ((spc instanceof LoginModuleConfig) && spc.getName().equals(ADMIN_FILE_LM_NAME)) {
            final LoginModuleConfig w_lmConfig = t.enroll((LoginModuleConfig) spc);
            w_lmConfig.setModuleClass(LDAPLoginModule.class.getName());
            sb.append(lsm.getString("ldap.authProviderConfigOK", w_sp.getName()));
            return;
        }
    }
    throw new TransactionFailure(lsm.getString("ldap.noAuthProviderConfig", w_sp.getName(), ADMIN_FILE_LM_NAME));
}
Also used : TransactionFailure(org.jvnet.hk2.config.TransactionFailure) LoginModuleConfig(org.glassfish.security.services.config.LoginModuleConfig) LDAPLoginModule(com.sun.enterprise.security.auth.login.LDAPLoginModule) SecurityProviderConfig(org.glassfish.security.services.config.SecurityProviderConfig)

Example 2 with SecurityProviderConfig

use of org.glassfish.security.services.config.SecurityProviderConfig in project Payara by payara.

the class AuthenticationServiceImpl method initialize.

/**
 * Initialize the Authentication Service configuration.
 *
 * Create the JAAS Configuration using the specified LoginModule configurations
 */
@Override
public void initialize(SecurityConfiguration securityServiceConfiguration) {
    // org.glassfish.security.services.config.AuthenticationService as = (org.glassfish.security.services.config.AuthenticationService) securityServiceConfiguration;
    // LOG.info("*** AuthenticationServiceImpl auth svc file realm provider module class: ");
    // for (SecurityProvider sp : as.getSecurityProviders()) {
    // LOG.info("   *** Provider name/type" + sp.getName() + "/" + sp.getType());
    // if (sp.getSecurityProviderConfig() == null) {
    // LOG.info("   *** getSecurityProviderConfig returned null");
    // } else {
    // for (SecurityProviderConfig spc : sp.getSecurityProviderConfig()) {
    // LOG.info("      *** " + spc.getName());
    // if (sp.getType().equals("LoginModule")) {
    // LoginModuleConfig lmc = (LoginModuleConfig) spc;
    // LOG.info("      *** LoginModule config: class is " + lmc.getModuleClass());
    // }
    // }
    // }
    // }
    config = (org.glassfish.security.services.config.AuthenticationService) securityServiceConfiguration;
    if (config == null)
        return;
    // JAAS LoginContext Name
    name = config.getName();
    // Determine if handling Realm password credential
    usePasswordCredential = Boolean.valueOf(config.getUsePasswordCredential());
    // Build JAAS Configuration based on the individual LoginModuleConfig settings
    List<SecurityProvider> providers = config.getSecurityProviders();
    if (providers != null) {
        ArrayList<AppConfigurationEntry> lmEntries = new ArrayList<AppConfigurationEntry>();
        for (SecurityProvider provider : providers) {
            // If the provider is a LoginModule look for the LoginModuleConfig
            if ("LoginModule".equalsIgnoreCase(provider.getType())) {
                List<SecurityProviderConfig> providerConfig = provider.getSecurityProviderConfig();
                if ((providerConfig != null) && (!providerConfig.isEmpty())) {
                    // Create the JAAS AppConfigurationEntry from the LoginModule settings
                    LoginModuleConfig lmConfig = (LoginModuleConfig) providerConfig.get(0);
                    Map<String, ?> lmOptions = lmConfig.getModuleOptions();
                    lmEntries.add(new AppConfigurationEntry(lmConfig.getModuleClass(), getLoginModuleControlFlag(lmConfig.getControlFlag()), lmOptions));
                    // Use the first LoginModule with auth-realm (i.e. unable to stack Realms)
                    if (usePasswordCredential && (realmName == null)) {
                        String authRealm = (String) lmOptions.get("auth-realm");
                        if ((authRealm != null) && (!authRealm.isEmpty()))
                            realmName = authRealm;
                    }
                }
            }
        }
        if (!lmEntries.isEmpty())
            configuration = new AuthenticationJaasConfiguration(name, lmEntries);
    }
    // TODO - Reconcile initialization with SecurityLifeCycle
    if (usePasswordCredential && (realmName != null)) {
        RealmsManager realmsManager = locator.getService(RealmsManager.class);
        realmsManager.createRealms();
    }
}
Also used : ArrayList(java.util.ArrayList) AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) RealmsManager(com.sun.enterprise.security.auth.realm.RealmsManager) LoginModuleConfig(org.glassfish.security.services.config.LoginModuleConfig) SecurityProvider(org.glassfish.security.services.config.SecurityProvider) SecurityProviderConfig(org.glassfish.security.services.config.SecurityProviderConfig)

Aggregations

LoginModuleConfig (org.glassfish.security.services.config.LoginModuleConfig)2 SecurityProviderConfig (org.glassfish.security.services.config.SecurityProviderConfig)2 LDAPLoginModule (com.sun.enterprise.security.auth.login.LDAPLoginModule)1 RealmsManager (com.sun.enterprise.security.auth.realm.RealmsManager)1 ArrayList (java.util.ArrayList)1 AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)1 SecurityProvider (org.glassfish.security.services.config.SecurityProvider)1 TransactionFailure (org.jvnet.hk2.config.TransactionFailure)1