(no commit message)

[utils] / security / usermgt / src / main / java / org / wamblee / security / authentication / JaasUserAccessor.java

diff --git a/security/usermgt/src/main/java/org/wamblee/security/authentication/JaasUserAccessor.java b/security/usermgt/src/main/java/org/wamblee/security/authentication/JaasUserAccessor.java
new file mode 100644 (file)
index 0000000..0ac6aa7
--- /dev/null
+++ b/security/usermgt/src/main/java/org/wamblee/security/authentication/JaasUserAccessor.java
@@ -0,0 +1,109 @@
+/*
+ * Copyright 2005-2010 the original author or authors.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */ 
+package org.wamblee.security.authentication;
+
+import java.security.AccessController;
+import java.security.Principal;
+
+import java.util.Set;
+
+import javax.security.auth.Subject;
+
+/**
+ * Implementation of the user accessor that retrieves user information from
+ * JAAS.
+ * 
+ * @author Erik Brakkee
+ */
+public class JaasUserAccessor implements UserAccessor {
+
+    /**
+     * Class of the JAAS user principal.
+     */
+    private Class userPrincipalClass;
+
+    /**
+     * Constructs user accessor.
+     * 
+     * @param aAdmin
+     *            User administration.
+     * @param aUserClassName
+     *            Class name of the user principal.
+     */
+    public JaasUserAccessor(String aUserClassName) {
+        try {
+            userPrincipalClass = Class.forName(aUserClassName);
+
+            if (!Principal.class.isAssignableFrom(userPrincipalClass)) {
+                throw new IllegalArgumentException("Specified class '" +
+                    aUserClassName + "' is not a subclass of '" +
+                    Principal.class.getName());
+            }
+        } catch (ClassNotFoundException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    @Override
+    public String getCurrentUser() {
+        Subject subject = Subject.getSubject(AccessController.getContext());
+
+        if (subject == null) {
+            return null;
+        }
+
+        Principal userPrincipal = getUserPrincipal(subject);
+
+        return userPrincipal.getName();
+    }
+
+    /**
+     * Gets the user principal from the subject.
+     * 
+     * @param aSubject
+     *            Subject.
+     * 
+     * @return User principal.
+     * 
+     * @throws IllegalArgumentException
+     *             In case there is a duplicate principal or the principal was
+     *             not found.
+     */
+    private Principal getUserPrincipal(Subject aSubject) {
+        Set<Principal> principals = aSubject.getPrincipals();
+        Principal userPrincipal = null;
+
+        for (Principal principal : principals) {
+            if (principal.getClass().equals(userPrincipalClass)) {
+                if (userPrincipal != null) {
+                    throw new IllegalArgumentException(
+                        "Multiple principals for class '" + userPrincipalClass +
+                            "', subject: " + aSubject);
+                }
+
+                userPrincipal = principal;
+            }
+        }
+
+        if (userPrincipal == null) {
+            throw new IllegalArgumentException(
+                "No user principal found for class '" + userPrincipalClass +
+                    "', subject: " + aSubject);
+        }
+
+        return userPrincipal;
+    }
+}