Move ServiceMix Kernel trunk into Felix
git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@768912 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/karaf/jaas/jaas-modules/pom.xml b/karaf/jaas/jaas-modules/pom.xml
new file mode 100644
index 0000000..b3d0300
--- /dev/null
+++ b/karaf/jaas/jaas-modules/pom.xml
@@ -0,0 +1,92 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+ <!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.servicemix.kernel.jaas</groupId>
+ <artifactId>jaas</artifactId>
+ <version>1.2.0-SNAPSHOT</version>
+ </parent>
+
+ <groupId>org.apache.servicemix.kernel.jaas</groupId>
+ <artifactId>org.apache.servicemix.kernel.jaas.modules</artifactId>
+ <packaging>bundle</packaging>
+ <version>1.2.0-SNAPSHOT</version>
+ <name>Apache ServiceMix Kernel :: JAAS Modules</name>
+
+ <description>
+ Provides the JAAS Config
+ </description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.servicemix.kernel.jaas</groupId>
+ <artifactId>org.apache.servicemix.kernel.jaas.config</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.osgi.core</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.osgi.compendium</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.osgi</groupId>
+ <artifactId>spring-osgi-core</artifactId>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <configuration>
+ <instructions>
+ <Bundle-SymbolicName>${artifactId}</Bundle-SymbolicName>
+ <Export-Package>
+ org.apache.servicemix.kernel.jaas.modules*;version=${project.version};-split-package:=merge-first
+ </Export-Package>
+ <Import-Package>
+ org.apache.servicemix.kernel.jaas.config,
+ org.springframework.beans.factory.config,
+ *
+ </Import-Package>
+ <Spring-Context>*;publish-context:=false;create-asynchronously:=false</Spring-Context>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
\ No newline at end of file
diff --git a/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/RolePrincipal.java b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/RolePrincipal.java
new file mode 100644
index 0000000..03da146
--- /dev/null
+++ b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/RolePrincipal.java
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.kernel.jaas.modules;
+
+import java.security.Principal;
+
+public class RolePrincipal implements Principal {
+
+ private final String name;
+
+ public RolePrincipal(String name) {
+ assert name != null;
+ this.name = name;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof RolePrincipal)) return false;
+
+ RolePrincipal that = (RolePrincipal) o;
+
+ if (name != null ? !name.equals(that.name) : that.name != null) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ return name != null ? name.hashCode() : 0;
+ }
+
+ @Override
+ public String toString() {
+ return "RolePrincipal[" + name + "]";
+ }
+}
diff --git a/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/UserPrincipal.java b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/UserPrincipal.java
new file mode 100644
index 0000000..4978076
--- /dev/null
+++ b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/UserPrincipal.java
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.kernel.jaas.modules;
+
+import java.security.Principal;
+
+public class UserPrincipal implements Principal {
+
+ private final String name;
+
+ public UserPrincipal(String name) {
+ assert name != null;
+ this.name = name;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (!(o instanceof UserPrincipal)) return false;
+
+ UserPrincipal that = (UserPrincipal) o;
+
+ if (name != null ? !name.equals(that.name) : that.name != null) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ return name != null ? name.hashCode() : 0;
+ }
+
+ @Override
+ public String toString() {
+ return "UserPrincipal[" + name + "]";
+ }
+}
diff --git a/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/osgi/ConfigAdminHolder.java b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/osgi/ConfigAdminHolder.java
new file mode 100644
index 0000000..ec93095
--- /dev/null
+++ b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/osgi/ConfigAdminHolder.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.kernel.jaas.modules.osgi;
+
+import org.osgi.service.cm.ConfigurationAdmin;
+
+public class ConfigAdminHolder {
+
+ private static ConfigurationAdmin configAdmin;
+
+ public static ConfigurationAdmin getService() {
+ return configAdmin;
+ }
+
+ public void setService(ConfigurationAdmin configAdmin) {
+ ConfigAdminHolder.configAdmin = configAdmin;
+ }
+
+}
diff --git a/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/osgi/OsgiConfigLoginModule.java b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/osgi/OsgiConfigLoginModule.java
new file mode 100644
index 0000000..2b48eb4
--- /dev/null
+++ b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/osgi/OsgiConfigLoginModule.java
@@ -0,0 +1,128 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.kernel.jaas.modules.osgi;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Dictionary;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.apache.servicemix.kernel.jaas.modules.RolePrincipal;
+import org.apache.servicemix.kernel.jaas.modules.UserPrincipal;
+import org.osgi.service.cm.Configuration;
+
+public class OsgiConfigLoginModule implements LoginModule {
+
+ public static final String PID = "pid";
+ public static final String USER_PREFIX = "user.";
+
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private Map<String, ?> options;
+
+ private Set<Principal> principals;
+
+ public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) {
+ this.subject = subject;
+ this.callbackHandler = callbackHandler;
+ this.options = options;
+ }
+
+ public boolean login() throws LoginException {
+ try {
+ String pid = (String) options.get(PID);
+ Configuration config = ConfigAdminHolder.getService().getConfiguration(pid);
+ Dictionary properties = config.getProperties();
+
+ Callback[] callbacks = new Callback[2];
+
+ callbacks[0] = new NameCallback("Username: ");
+ callbacks[1] = new PasswordCallback("Password: ", false);
+ try {
+ callbackHandler.handle(callbacks);
+ } catch (IOException ioe) {
+ throw new LoginException(ioe.getMessage());
+ } catch (UnsupportedCallbackException uce) {
+ throw new LoginException(uce.getMessage() + " not available to obtain information from user");
+ }
+ String user = ((NameCallback) callbacks[0]).getName();
+ char[] tmpPassword = ((PasswordCallback) callbacks[1]).getPassword();
+ if (tmpPassword == null) {
+ tmpPassword = new char[0];
+ }
+
+ String userInfos = (String) properties.get(USER_PREFIX + user);
+ if (userInfos == null) {
+ throw new FailedLoginException("User does not exist");
+ }
+ String[] infos = userInfos.split(",");
+ if (!new String(tmpPassword).equals(infos[0])) {
+ throw new FailedLoginException("Password does not match");
+ }
+
+ principals = new HashSet<Principal>();
+ principals.add(new UserPrincipal(user));
+ for (int i = 1; i < infos.length; i++) {
+ principals.add(new RolePrincipal(infos[i]));
+ }
+
+ return true;
+ } catch (LoginException e) {
+ throw e;
+ } catch (Exception e) {
+ throw (LoginException) new LoginException("Unable to authenticate user").initCause(e);
+ } finally {
+ callbackHandler = null;
+ options = null;
+ }
+ }
+
+ public boolean commit() throws LoginException {
+ subject.getPrincipals().addAll(principals);
+ return true;
+ }
+
+ public boolean abort() throws LoginException {
+ subject = null;
+ principals = null;
+ return true;
+ }
+
+ public boolean logout() throws LoginException {
+ try {
+ subject.getPrincipals().removeAll(principals);
+ principals.clear();
+ return true;
+ } finally {
+ subject = null;
+ principals = null;
+ }
+ }
+
+}
diff --git a/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/properties/PropertiesLoginModule.java b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/properties/PropertiesLoginModule.java
new file mode 100644
index 0000000..5971745
--- /dev/null
+++ b/karaf/jaas/jaas-modules/src/main/java/org/apache/servicemix/kernel/jaas/modules/properties/PropertiesLoginModule.java
@@ -0,0 +1,148 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicemix.kernel.jaas.modules.properties;
+
+import java.io.File;
+import java.io.IOException;
+import java.security.Principal;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.servicemix.kernel.jaas.modules.RolePrincipal;
+import org.apache.servicemix.kernel.jaas.modules.UserPrincipal;
+
+/**
+ * JAAS Login module for user / password, based on two properties files.
+ *
+ */
+public class PropertiesLoginModule implements LoginModule {
+
+ private static final String USER_FILE = "users";
+ private static final Log LOG = LogFactory.getLog(PropertiesLoginModule.class);
+
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private boolean debug;
+ private String usersFile;
+ private String user;
+ private Set principals = new HashSet();
+
+ public void initialize(Subject sub, CallbackHandler handler, Map sharedState, Map options) {
+ this.subject = sub;
+ this.callbackHandler = handler;
+
+ debug = "true".equalsIgnoreCase((String) options.get("debug"));
+ usersFile = (String) options.get(USER_FILE) + "";
+
+ if (debug) {
+ LOG.debug("Initialized debug=" + debug + " usersFile=" + usersFile);
+ }
+ }
+
+ public boolean login() throws LoginException {
+ Properties users = new Properties();
+ File f = new File(usersFile);
+ try {
+ users.load(new java.io.FileInputStream(f));
+ } catch (IOException ioe) {
+ throw new LoginException("Unable to load user properties file " + f);
+ }
+
+ Callback[] callbacks = new Callback[2];
+
+ callbacks[0] = new NameCallback("Username: ");
+ callbacks[1] = new PasswordCallback("Password: ", false);
+ try {
+ callbackHandler.handle(callbacks);
+ } catch (IOException ioe) {
+ throw new LoginException(ioe.getMessage());
+ } catch (UnsupportedCallbackException uce) {
+ throw new LoginException(uce.getMessage() + " not available to obtain information from user");
+ }
+ user = ((NameCallback) callbacks[0]).getName();
+ char[] tmpPassword = ((PasswordCallback) callbacks[1]).getPassword();
+ if (tmpPassword == null) {
+ tmpPassword = new char[0];
+ }
+
+ String userInfos = (String) users.get(user);
+ if (userInfos == null) {
+ throw new FailedLoginException("User does not exist");
+ }
+ String[] infos = userInfos.split(",");
+ if (!new String(tmpPassword).equals(infos[0])) {
+ throw new FailedLoginException("Password does not match");
+ }
+
+ principals = new HashSet<Principal>();
+ principals.add(new UserPrincipal(user));
+ for (int i = 1; i < infos.length; i++) {
+ principals.add(new RolePrincipal(infos[i]));
+ }
+
+ users.clear();
+
+ if (debug) {
+ LOG.debug("login " + user);
+ }
+ return true;
+ }
+
+ public boolean commit() throws LoginException {
+ subject.getPrincipals().addAll(principals);
+ clear();
+ if (debug) {
+ LOG.debug("commit");
+ }
+ return true;
+ }
+
+ public boolean abort() throws LoginException {
+ clear();
+ if (debug) {
+ LOG.debug("abort");
+ }
+ return true;
+ }
+
+ public boolean logout() throws LoginException {
+ subject.getPrincipals().removeAll(principals);
+ principals.clear();
+ if (debug) {
+ LOG.debug("logout");
+ }
+ return true;
+ }
+
+ private void clear() {
+ user = null;
+ }
+}
diff --git a/karaf/jaas/jaas-modules/src/main/resources/META-INF/spring/servicemix-jaas-module.xml b/karaf/jaas/jaas-modules/src/main/resources/META-INF/spring/servicemix-jaas-module.xml
new file mode 100644
index 0000000..e8acabe
--- /dev/null
+++ b/karaf/jaas/jaas-modules/src/main/resources/META-INF/spring/servicemix-jaas-module.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:osgi="http://www.springframework.org/schema/osgi"
+ xmlns:jaas="http://servicemix.apache.org/jaas"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/osgi
+ http://www.springframework.org/schema/osgi/spring-osgi.xsd
+ http://servicemix.apache.org/jaas
+ http://servicemix.apache.org/schema/servicemix-jaas.xsd">
+
+ <!--
+ - The following beans define an alternate realm which uses the OSGi Configuration Admin service
+ - to obtain passwords. However, this realm is not really secure as there is no access restriction
+ - on this service, which means any bundle could access all the passwords.
+ -->
+ <!--
+ <bean id="configAdminHolder" class="org.apache.servicemix.kernel.jaas.modules.osgi.ConfigAdminHolder">
+ <property name="service" ref="configAdmin" />
+ </bean>
+
+ <osgi:reference id="configAdmin" interface="org.osgi.service.cm.ConfigurationAdmin" />
+
+ <jaas:config id="servicemix">
+ <jaas:module className="org.apache.servicemix.kernel.jaas.modules.osgi.OsgiConfigLoginModule" flags="required">
+ pid = org.apache.servicemix.users
+ </jaas:module>
+ </jaas:config>
+ -->
+
+ <!-- Bean to allow the ${servicemix.home} property to be correctly resolved -->
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" />
+
+ <jaas:config id="servicemix">
+ <jaas:module className="org.apache.servicemix.kernel.jaas.modules.properties.PropertiesLoginModule" flags="required">
+ users = ${servicemix.base}/etc/users.properties
+ </jaas:module>
+ </jaas:config>
+
+</beans>
\ No newline at end of file