/* * Copyright 2005 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.wamblee.security.servlet; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.security.auth.Subject; import ognl.Ognl; import ognl.OgnlException; /** * Locating the authenticated subject in a JBoss application server. */ public class JBossSubjectLocator implements SubjectLocator { /** * Name of the property of the JBoss security manager that returns the subject. */ private static final String OGNL_EXPRESSION = "activeSubject"; /** * JBoss security domain. */ private String _realm; public JBossSubjectLocator(String aRealm) { _realm = aRealm; } /* (non-Javadoc) * @see org.wamblee.security.servlet.SubjectLocator#getSubject() */ public Subject getSubject() { Object securityMgr = null; try { InitialContext context = new InitialContext(); securityMgr = context.lookup("java:/jaas/" + _realm); Object value = Ognl.getValue(OGNL_EXPRESSION, securityMgr); return (Subject)value; } catch (NamingException e) { throw new RuntimeException("Could not locate security manager for realm '" + _realm + "'. Is the realm configured correctly?", e); } catch (OgnlException e) { throw new RuntimeException("The obtained security manager '" + securityMgr + "' does not provide access to the subject", e); } } }