| /******************************************************************************* |
| * Copyright (c) 2005, 2008 IBM Corporation and others. |
| * All rights reserved. This program and the accompanying materials |
| * are made available under the terms of the Eclipse Public License v1.0 |
| * which accompanies this distribution, and is available at |
| * http://www.eclipse.org/legal/epl-v10.html |
| * |
| * Contributors: |
| * IBM Corporation - initial API and implementation |
| *******************************************************************************/ |
| package org.eclipse.equinox.internal.security.auth; |
| |
| import java.io.IOException; |
| import java.net.URL; |
| import java.security.Security; |
| import javax.security.auth.callback.CallbackHandler; |
| import javax.security.auth.login.Configuration; |
| import org.eclipse.core.runtime.FileLocator; |
| import org.eclipse.equinox.internal.security.auth.ext.loader.ExtCallbackHandlerLoader; |
| import org.osgi.framework.BundleContext; |
| |
| // TBD what happens for server-side implementations if configurations are shared across all processes on VM? |
| |
| public class SecurePlatformInternal { |
| |
| private static final String VM_PROPERTY = "equinox.security.vm"; //$NON-NLS-1$ |
| private static final String SERVER_VM = "server"; //$NON-NLS-1$ |
| |
| private static final String PROVIDER_URL_BASE = "login.config.url.";//$NON-NLS-1$ |
| private static final int MAX_PROVIDER_URL_COUNT = 777; // arbitrary upper limit on the number of provider URLs |
| private Configuration defaultConfiguration; |
| private ExtCallbackHandlerLoader callbackHandlerLoader = new ExtCallbackHandlerLoader(); |
| |
| private boolean running = false; |
| private static final SecurePlatformInternal s_instance = new SecurePlatformInternal(); |
| |
| private SecurePlatformInternal() { |
| // hides default constructor |
| } |
| |
| public static final SecurePlatformInternal getInstance() { |
| return s_instance; |
| } |
| |
| public CallbackHandler loadCallbackHandler(String configurationName) { |
| return callbackHandlerLoader.loadCallbackHandler(configurationName); |
| } |
| |
| /** |
| * Java docs specify that if multiple config files are passed in, they will be merged into one file. |
| * Hence, aside from implementation details, no priority information is specified by the order |
| * of config files. In this implementation we add customer's config file to the end of the list. |
| * |
| * This method substitutes default login configuration: |
| * Configuration Inquiries -> ConfigurationFederator -> |
| * 1) Extension Point supplied config providers; |
| * 2) default Java config provider ("login.configuration.provider") |
| */ |
| public void start() { |
| if (running) |
| return; |
| |
| // Kludge for the bug 215828 "JAAS and server-side Eclipse": for the time being configuration |
| // substitution is turned off if running on a server. It is likely possible to work around |
| // configuration substitution using Java 5 methods, but not Java 1.4 |
| BundleContext context = AuthPlugin.getDefault().getBundleContext(); |
| String vmType = context.getProperty(VM_PROPERTY); |
| if (SERVER_VM.equals(vmType)) { |
| defaultConfiguration = null; |
| running = true; |
| return; |
| } |
| // end of kludge |
| |
| try { |
| defaultConfiguration = Configuration.getConfiguration(); |
| } catch (SecurityException e) { |
| // could be caused by missing configuration provider URL; |
| // this might be OK if default config provider is ignored |
| defaultConfiguration = null; |
| } |
| Configuration.setConfiguration(new ConfigurationFederator(defaultConfiguration)); |
| running = true; |
| } |
| |
| public void stop() { |
| if (!running) |
| return; |
| if (defaultConfiguration != null) { |
| Configuration.setConfiguration(defaultConfiguration); |
| defaultConfiguration = null; |
| } |
| running = false; |
| } |
| |
| public boolean addConfigURL(URL url) { |
| if (url == null) |
| return false; |
| |
| // stop on a first empty URL entry - we will use it to add our new element |
| for (int i = 1; i <= MAX_PROVIDER_URL_COUNT; i++) { |
| String tag = PROVIDER_URL_BASE + Integer.toString(i); |
| String currentURL = Security.getProperty(tag); |
| if (currentURL != null && currentURL.length() != 0) |
| continue; |
| String path; |
| try { |
| // in case URL is contained in a JARed bundle, this will extract it into a file system |
| path = FileLocator.toFileURL(url).toExternalForm(); |
| } catch (IOException e) { |
| path = url.toExternalForm(); |
| } |
| Security.setProperty(tag, path); |
| return true; |
| } |
| return false; |
| } |
| } |