1 /**
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17 package org.apache.geronimo.corba.security.config.css;
18
19 import java.util.Iterator;
20 import java.util.List;
21
22 import org.apache.xmlbeans.XmlException;
23 import org.apache.xmlbeans.XmlObject;
24 import org.omg.CSIIOP.CompositeDelegation;
25 import org.omg.CSIIOP.Confidentiality;
26 import org.omg.CSIIOP.DetectMisordering;
27 import org.omg.CSIIOP.DetectReplay;
28 import org.omg.CSIIOP.EstablishTrustInClient;
29 import org.omg.CSIIOP.EstablishTrustInTarget;
30 import org.omg.CSIIOP.Integrity;
31 import org.omg.CSIIOP.NoDelegation;
32 import org.omg.CSIIOP.NoProtection;
33 import org.omg.CSIIOP.SimpleDelegation;
34
35 import org.apache.geronimo.common.DeploymentException;
36 import org.apache.geronimo.common.propertyeditor.PropertyEditorException;
37 import org.apache.geronimo.deployment.service.XmlAttributeBuilder;
38 import org.apache.geronimo.deployment.xmlbeans.XmlBeansUtil;
39 import org.apache.geronimo.gbean.GBeanInfo;
40 import org.apache.geronimo.gbean.GBeanInfoBuilder;
41 import org.apache.geronimo.kernel.ClassLoading;
42
43 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCompoundSecMechType;
44 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCssType;
45 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSGSSUPDynamicType;
46 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSGSSUPStaticType;
47 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSITTPrincipalNameDynamicType;
48 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSITTPrincipalNameStaticType;
49 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSSSLType;
50 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSSasMechType;
51 import org.apache.geronimo.corba.xbeans.csiv2.css.CSSCssDocument;
52 import org.apache.geronimo.corba.xbeans.csiv2.tss.TSSAssociationOption;
53
54
55 /**
56 * @version $Revision: 451417 $ $Date: 2006-09-29 13:13:22 -0700 (Fri, 29 Sep 2006) $
57 */
58 public class CSSConfigEditor implements XmlAttributeBuilder {
59 private static final String NAMESPACE = CSSCssDocument.type.getDocumentElementName().getNamespaceURI();
60
61 public String getNamespace() {
62 return NAMESPACE;
63 }
64
65 public Object getValue(XmlObject xmlObject, String type, ClassLoader cl) throws DeploymentException {
66
67 CSSCssType css;
68 if (xmlObject instanceof CSSCssType) {
69 css = (CSSCssType) xmlObject;
70 }
71 css = (CSSCssType) xmlObject.copy().changeType(CSSCssType.type);
72 try {
73 XmlBeansUtil.validateDD(css);
74 } catch (XmlException e) {
75 throw new DeploymentException("Error parsing CSS configuration", e);
76 }
77
78 CSSConfig cssConfig = new CSSConfig();
79
80 if (css.isSetCompoundSecMechTypeList()) {
81 CSSCompoundSecMechListConfig mechListConfig = cssConfig.getMechList();
82 mechListConfig.setStateful(css.getCompoundSecMechTypeList().getStateful());
83
84 CSSCompoundSecMechType[] mechList = css.getCompoundSecMechTypeList().getCompoundSecMechArray();
85 for (int i = 0; i < mechList.length; i++) {
86 mechListConfig.add(extractCompoundSecMech(mechList[i], cl));
87 }
88 }
89
90 return cssConfig;
91 }
92
93 protected static CSSCompoundSecMechConfig extractCompoundSecMech(CSSCompoundSecMechType mechType, ClassLoader cl) throws DeploymentException {
94
95 CSSCompoundSecMechConfig result = new CSSCompoundSecMechConfig();
96
97 if (mechType.isSetSSL()) {
98 result.setTransport_mech(extractSSLTransport(mechType.getSSL()));
99 } else if (mechType.isSetSECIOP()) {
100 throw new PropertyEditorException("SECIOP processing not implemented");
101 } else {
102 result.setTransport_mech(new CSSNULLTransportConfig());
103 }
104
105 if (mechType.isSetGSSUPStatic()) {
106 result.setAs_mech(extractGSSUPStatic(mechType.getGSSUPStatic()));
107 } else if (mechType.isSetGSSUPDynamic()) {
108 result.setAs_mech(extractGSSUPDynamic(mechType.getGSSUPDynamic()));
109 } else {
110 result.setAs_mech(new CSSNULLASMechConfig());
111 }
112
113 result.setSas_mech(extractSASMech(mechType.getSasMech(), cl));
114
115 return result;
116 }
117
118 protected static CSSTransportMechConfig extractSSLTransport(CSSSSLType sslType) {
119 CSSSSLTransportConfig result = new CSSSSLTransportConfig();
120
121 result.setSupports(extractAssociationOptions(sslType.getSupports()));
122 result.setRequires(extractAssociationOptions(sslType.getRequires()));
123
124 return result;
125 }
126
127 protected static CSSASMechConfig extractGSSUPStatic(CSSGSSUPStaticType gssupType) {
128 return new CSSGSSUPMechConfigStatic(gssupType.getUsername(), gssupType.getPassword(), gssupType.getDomain());
129 }
130
131 protected static CSSASMechConfig extractGSSUPDynamic(CSSGSSUPDynamicType gssupType) {
132 return new CSSGSSUPMechConfigDynamic(gssupType.getDomain());
133 }
134
135 protected static CSSSASMechConfig extractSASMech(CSSSasMechType sasMechType, ClassLoader cl) throws DeploymentException {
136 CSSSASMechConfig result = new CSSSASMechConfig();
137
138 if (sasMechType == null) {
139 result.setIdentityToken(new CSSSASITTAbsent());
140 } else if (sasMechType.isSetITTAbsent()) {
141 result.setIdentityToken(new CSSSASITTAbsent());
142 } else if (sasMechType.isSetITTAnonymous()) {
143 result.setIdentityToken(new CSSSASITTAnonymous());
144 } else if (sasMechType.isSetITTPrincipalNameStatic()) {
145 CSSITTPrincipalNameStaticType principal = sasMechType.getITTPrincipalNameStatic();
146 result.setIdentityToken(new CSSSASITTPrincipalNameStatic(principal.getOid(), principal.getName()));
147 } else if (sasMechType.isSetITTPrincipalNameDynamic()) {
148 CSSITTPrincipalNameDynamicType principal = sasMechType.getITTPrincipalNameDynamic();
149 String principalClassName = principal.getPrincipalClass();
150 Class principalClass = null;
151 try {
152 principalClass = ClassLoading.loadClass(principalClassName, cl);
153 } catch (ClassNotFoundException e) {
154 throw new DeploymentException("Could not load principal class", e);
155 }
156 String domainName = principal.getDomain();
157 String realmName = null;
158 if (domainName != null) {
159 realmName = principal.getRealm();
160 }
161 result.setIdentityToken(new CSSSASITTPrincipalNameDynamic(principal.getOid(), principalClass, domainName, realmName));
162 }
163
164 return result;
165 }
166
167 protected static short extractAssociationOptions(List list) {
168 short result = 0;
169
170 for (Iterator iter = list.iterator(); iter.hasNext();) {
171 TSSAssociationOption.Enum obj = TSSAssociationOption.Enum.forString((String) iter.next());
172
173 if (TSSAssociationOption.NO_PROTECTION.equals(obj)) {
174 result |= NoProtection.value;
175 } else if (TSSAssociationOption.INTEGRITY.equals(obj)) {
176 result |= Integrity.value;
177 } else if (TSSAssociationOption.CONFIDENTIALITY.equals(obj)) {
178 result |= Confidentiality.value;
179 } else if (TSSAssociationOption.DETECT_REPLAY.equals(obj)) {
180 result |= DetectReplay.value;
181 } else if (TSSAssociationOption.DETECT_MISORDERING.equals(obj)) {
182 result |= DetectMisordering.value;
183 } else if (TSSAssociationOption.ESTABLISH_TRUST_IN_TARGET.equals(obj)) {
184 result |= EstablishTrustInTarget.value;
185 } else if (TSSAssociationOption.ESTABLISH_TRUST_IN_CLIENT.equals(obj)) {
186 result |= EstablishTrustInClient.value;
187 } else if (TSSAssociationOption.NO_DELEGATION.equals(obj)) {
188 result |= NoDelegation.value;
189 } else if (TSSAssociationOption.SIMPLE_DELEGATION.equals(obj)) {
190 result |= SimpleDelegation.value;
191 } else if (TSSAssociationOption.COMPOSITE_DELEGATION.equals(obj)) {
192 result |= CompositeDelegation.value;
193 }
194 }
195 return result;
196 }
197
198 public static final GBeanInfo GBEAN_INFO;
199
200 static {
201 GBeanInfoBuilder infoBuilder = GBeanInfoBuilder.createStatic(CSSConfigEditor.class, "XmlAttributeBuilder");
202 infoBuilder.addInterface(XmlAttributeBuilder.class);
203 GBEAN_INFO = infoBuilder.getBeanInfo();
204 }
205
206 public static GBeanInfo getGBeanInfo() {
207 return GBEAN_INFO;
208 }
209
210 }