public final class SecurityManager extends java.lang.Object implements Authenticator, Scope
Details on client authentication protocol:
Once the TLS connection is established and certificates are exchanged and
verified:
String
userID followed by char[]
password. UserID is serialized using
writeUTF()
method. Password is serialized using
writeShort()
encoding the array length, plus
writeChar
for every character in the array.
A unique session ID is assigned to each security context upon creation. Whenever a thread is assigned to a context, it is mapped to a new ID. While the thread IDs (which are integers) could theoretically wrap, such that a thread associated with a very long running context could be assigned an ID already in use, the combination of session ID and thread ID is guaranteed always to be unique, and it is really only this combination which is meaningful for practical use.
Modifier and Type | Class and Description |
---|---|
static interface |
SecurityManager.EncryptedKeyStoreFunction
An interface to expose the
getEncryptedKeyStoreWorker(java.lang.String, java.lang.String, java.lang.String, com.goldencode.p2j.main.ServerKeyStore.Store) to threads
which have proper server context. |
private class |
SecurityManager.HookClassLoader
This class extends
ClassLoader to enable the loading of
a class file stored as a byte array in memory. |
private class |
SecurityManager.PasswordChange
Implements password change that requires the privilege of running within
the initial security context.
|
private class |
SecurityManager.SecurityCacheRefresh
Implements concurrent security cache refresh function.
|
Modifier and Type | Field and Description |
---|---|
private static int |
ALWAYS_RETRY
Constant used when no retries are allowed in authentication process.
|
private java.lang.String |
authOption
The value of "option" node from AuthPlugin for this Authenticator
|
private SecurityCache |
cache
Caches context data.
|
private int |
cacheSerial
Last used serial number for security cache creation.
|
private BootstrapConfig |
cfg
The bootstrap configuration.
|
private java.util.Map<java.lang.Object,java.lang.Boolean> |
cleanupLocks
Map containing flags which inform other threads that cleanup for a
certain context is in progress, so they should skip it.
|
static java.util.logging.Level |
DATA
Logging level DATA.
|
private java.util.logging.Level |
debugLevel
Debug level currently in effect.
|
private java.util.concurrent.locks.ReentrantReadWriteLock |
debugLevelLock
Debug level lock
|
private java.util.logging.Level |
debugLevelRequest
Debug level requested.
|
static java.util.logging.Level |
ERROR
Logging level ERROR.
|
static java.lang.String |
FILE_SEPARATOR
file separator that works on both Windows and Linux.
|
private boolean |
init
Flag to detect if we are initialized or not.
|
static java.util.logging.Level |
LIST
Logging level LIST.
|
private java.util.List<Session> |
listOfSess
List of sessions.
|
private java.util.logging.Logger |
LOG
Anonymous log instance.
|
private int |
nextThreadID
Next available, unique thread ID.
|
private int |
nextUserSessionID
Next available, unique user session ID.
|
static java.util.logging.Level |
NONE
Logging level NONE.
|
private java.lang.Object |
pwchSync
Object for serializing password change requests.
|
private static java.lang.ThreadGroup |
secThreads
Thread group for all security threads.
|
private static SecurityManager |
securityManager
Reference to the singleton instance.
|
static java.util.logging.Level |
STAT
Logging level STAT.
|
private java.util.Map<java.lang.Thread,java.lang.Integer> |
threadIDs
Map of threads to their current IDs.
|
static java.util.logging.Level |
TRACE
Logging level TRACE.
|
private TransportSecurity |
tranSec
Provides network socket security services.
|
static java.util.logging.Level |
WARNING
Logging level WARNING.
|
AUTH_ACTION_ABORT, AUTH_ACTION_CONTINUE, AUTH_ACTION_DONE, AUTH_ACTION_RETRY, AUTH_MODE_CUSTOM, AUTH_MODE_HIGHEST, AUTH_MODE_IDPW, AUTH_MODE_LOWEST, AUTH_MODE_NONE, AUTH_MODE_X509, AUTH_MODE_X509_IDPW, AUTH_REQ_PROCESS, AUTH_REQ_PROGRAM, AUTH_REQ_USER, AUTH_RESULT_INSUFFICIENT_RIGHTS, AUTH_RESULT_INVALID_PASSWORD, AUTH_RESULT_INVALID_USERID, AUTH_RESULT_NONE, AUTH_RESULT_SKIP_TO_NEXT, AUTH_RESULT_SUCCESS, AUTH_RESULT_UNSPECIFIED_FAILURE, PKT_SIZE_SKIP_TO_NEXT
Modifier | Constructor and Description |
---|---|
private |
SecurityManager(BootstrapConfig bc)
Private constructor to enable this as a singleton class.
|
Modifier and Type | Method and Description |
---|---|
(package private) boolean |
addToken(ContextKey key,
java.lang.Object token)
Adds a token to the context map.
|
private boolean |
adminAccess()
Checks the rights of the caller to perform admin operations.
|
int |
adminGetCacheSerial(boolean scope)
Gets the server's account name.
|
java.lang.String |
adminGetServerName(boolean scope)
Gets the server's account name.
|
int |
adminRefresh(java.util.List<java.lang.String[]> msgBuf)
Refreshes the security cache from the current state of the directory.
|
private void |
agePassword(UserAccount user)
Calculates the age of the existing user account password and checks to
see whether it is too old, according to the maxAge parameter.
|
private void |
assignContext(SecurityContext context)
Assign the current thread to the given security context, and add a
unique identifier for this thread to the thread ID map.
|
AuthData |
authenticateClient(NetSocket socket,
BootstrapConfig config)
Performs the requester side of a process or interactive client
authentication.
|
private AuthData |
authenticateClientWorker(NetSocket socket,
BootstrapConfig config)
Does all the work as described above.
|
java.lang.Object |
authenticateLocal(NetSocket socket)
Implements the server side of the authentication procedure for
processes or interactive clients.
|
java.lang.Object |
authenticateRemote(java.lang.String identity)
Verifies peer's credentials and performs remote authentication.
|
java.lang.Object |
authenticateServer(BootstrapConfig cfg)
Authenticate the current in-JVM thread using the configured certificate.
|
int |
authenticateServer(java.lang.Object sessionId,
java.lang.String userid,
java.lang.String password)
After this call the initial security context will be established
|
java.lang.Object |
authenticateSingle(BootstrapConfig cfg)
Implements the authentication procedure for interactive clients which
run inside the same JVM process as the rest of the server.
|
private static java.lang.String |
buildClassFileName(java.lang.String name)
Creates a valid filename using a fully qualified class name.
|
boolean |
changePassword()
Initiates the password change procedure, calls the configured password
input hook, and changes the password for the current user when it is
verified.
|
static boolean |
checkCaller(java.lang.String allowed)
Checks the call stack to see if the caller is the method specified.
|
static boolean |
checkCaller(java.lang.String allowed,
java.lang.String ignore)
Checks the call stack to see if the caller is the method specified.
|
static void |
checkCallerAbort(java.lang.String allowed)
Checks the call stack to see if the caller is the method specified.
|
static void |
checkCallerAbort(java.lang.String[] allowed)
Checks the call stack to see if the caller is any of the methods
specified.
|
static void |
checkCallerAbort(java.lang.String[] allowed,
java.lang.String ignore)
Checks the call stack to see if the caller is any of the methods
specified.
|
static void |
checkCallerAbort(java.lang.String allowed,
java.lang.String ignore)
Checks the call stack to see if the caller is the method specified.
|
private static boolean |
checkCallerWorker(java.lang.String[] allowed,
java.lang.StringBuilder entry,
java.lang.String ignore)
Checks the call stack to see if the caller is the method specified.
|
private boolean |
checkPassword(java.lang.String plain,
UserAccount user)
Verifies the plain text password against the one stored with
the specified user account.
|
boolean |
checkShutdownAccess()
Checks access rights of the current subject with regards to the
"shutdown" instance of the "system" abstract resource.
|
private static boolean |
classExists(java.lang.String name)
Checks the validity (existence) of a class, first creating a filename
using a given fully qualified class name.
|
static void |
clearInstance()
Clean the storage caches.
|
byte[] |
clientAuthHook(java.util.Map<java.lang.String,java.lang.Object> parameters,
int code)
Implements client side standard authentication logic.
|
private byte[] |
clientAuthHookWorker(java.util.Map<java.lang.String,java.lang.Object> parameters,
int code,
BootstrapConfig config)
Implements client side standard authentication logic.
|
void |
clientFinalize()
Finalizes any resources allocated during authentication by the client.
|
boolean |
closeBatch(boolean disposition)
Notifies the Security Manager about a batch editing session to be
closed assuming the security cache to be refreshed.
|
boolean |
closeBatch(boolean disposition,
boolean refresh)
Notifies the Security Manager about a batch editing session to be
closed.
|
void |
closeRightsSearch(int handle,
boolean decision,
boolean cache)
Terminates the open search of Rights and frees up the related resources.
|
void |
closeRightsSearch(java.lang.String subject,
int handle,
boolean decision)
Terminates the open search of Rights and frees up the related resources.
|
void |
configure(java.lang.String option)
Configures the Authenticator by setting the "option" parameter from directory.xml.
|
static SecurityManager |
createInstance(BootstrapConfig bc)
Instantiates SecurityManager as a singleton.
|
private SecurityContext |
createSecurityContext(SecurityCache sc,
java.lang.String pid,
java.lang.String uid)
Private worker method that creates a new security context.
|
void |
dData(java.lang.String message)
Logs detailed data, possibly including sensitive information.
|
void |
debug(java.util.logging.Level level,
java.lang.String message)
Conditionally outputs a debug message.
|
void |
debug(java.util.logging.Level level,
java.lang.String message,
java.lang.Exception exc)
Conditionally outputs a debug message with an optional stack trace.
|
void |
dErr(java.lang.String message)
Logs error messages.
|
void |
dList(java.lang.String message)
Logs detailed lists.
|
void |
dropInitialSecurityContext()
Releases the initial security context assigned to the calling thread.
|
void |
dStat(java.lang.String message)
Logs statistics.
|
void |
dTrace(java.lang.String message)
Logs detailed traces.
|
void |
dWarn(java.lang.String message)
Logs warnings.
|
private void |
endContext(SecurityContextStack cts,
SecurityContext ctx)
Worker routine to centralize unassignment and cleanup (if this was the
final usage) of the given context.
|
java.lang.Object |
evaluate(int resourceId,
java.lang.Object link,
java.lang.String expr)
Compiles and evalautes an expression.
|
private static java.util.List |
fetchAltNames(java.security.cert.X509Certificate x509,
int altNameType)
Parses a X.509 certificate and returns a list of alternative names of a
specified type.
|
(package private) void |
forceSecurityContext(SecurityContextStack stack)
Initializes the security context switching for the calling thread using
the given context stack as the source of the initial and effective
contexts.
|
private Account |
getAccount(java.lang.String uid)
Get the account associated with the given user id.
|
java.lang.String |
getAccountAlias(java.lang.String subjectId)
Get the certificate alias for the specified subject.
|
java.lang.String[] |
getAccountIds()
Returns ALL subject IDs associated with the current context.
|
java.lang.String[] |
getAccountIds(java.lang.String acct)
Get all the subject IDs associated with the given P2J account.
|
java.lang.String[] |
getAccountsForAppserver(java.lang.String appServer)
Get the accounts configured to start the given appserver.
|
AccessControlList[] |
getACLs(int resourceId)
Returns the array of all ACLs defined for the specified resource type.
|
(package private) SessionInfo[] |
getActiveSessions(java.lang.String jar,
java.lang.String iface)
Get the list of all active sessions which have executed API(s)
associated to this jar.
|
java.lang.String[] |
getAllSubjects()
Gets IDs of all defined accounts.
|
java.lang.String[] |
getAllUsers()
Gets IDs of all defined user accounts.
|
java.lang.String |
getAppServer()
Returns the the appserver associated with the current context.
|
java.lang.String |
getAppserverForProcess(java.lang.String pid)
Resolve the appserver associated with the given process ID.
|
java.util.Set<java.lang.String> |
getAuthenticationEntities()
Returns a set of entities that this class handles.
|
java.lang.String |
getBrokerForProcess(java.lang.String pid)
Resolve the broker associated with the given process ID.
|
(package private) SecurityCache |
getCache()
Safely gets the reference to the security cache in a multithreaded
environment.
|
java.lang.Boolean |
getCachedDecision(int resourceId,
java.lang.String instanceName,
int mode)
Searches the cache for a previously made decision.
|
private static byte[] |
getClassBytes(java.lang.String name)
Gets a byte array filled with the binary class data for the given
class.
|
(package private) BootstrapConfig |
getConfig()
Returns the bootstrap configuration used to construct this instance.
|
java.util.Map<java.lang.String,java.util.Map<java.lang.Integer,Rights>> |
getConsolidatedACLs(java.lang.String type)
Get a map of consolidated ACL's, per each function.
|
java.lang.String |
getCustomClientExt()
Gets custom client extension plugin name.
|
java.lang.String |
getCustomServerExt()
Gets custom server extension plugin name.
|
java.util.logging.Level |
getDebugLevel()
Gets the current debug level.
|
java.lang.Object |
getEffectiveContext()
Get the effective security context associated with the current thread,
if any.
|
Scope |
getEnclosingScope()
Gets the parent scope for this scope.
|
SecurityManager.EncryptedKeyStoreFunction |
getEncryptedKeyStore()
Get a function worker to resolve an encrypted key store with the SSL private key.
|
private byte[] |
getEncryptedKeyStoreWorker(java.lang.String alias,
java.lang.String ksPassword,
java.lang.String kePassword,
ServerKeyStore.Store type)
Get an encrypted key store with the SSL private key.
|
byte[] |
getEncryptedTrustStore(java.lang.String password)
Get an encrypted key store with the trusted certificates.
|
java.lang.Boolean |
getExtBoolean(java.lang.String extName)
Gets the named piece of account extension data of type boolean for the
current user account.
|
java.lang.Boolean |
getExtBoolean(java.lang.String extName,
java.lang.String subjectId)
Gets the named piece of account extension data of type boolean for the
specified account.
|
byte[] |
getExtBytes(java.lang.String extName)
Gets the named piece of account extension data of type byte[] for the
current user account.
|
byte[] |
getExtBytes(java.lang.String extName,
java.lang.String subjectId)
Gets the named piece of account extension data of type byte[] for the
specified account.
|
DateValue |
getExtDate(java.lang.String extName)
Gets the named piece of account extension data of type String for the
current user account.
|
DateValue |
getExtDate(java.lang.String extName,
java.lang.String subjectId)
Gets the named piece of account extension data of type date for the
specified account.
|
java.lang.Integer |
getExtInteger(java.lang.String extName)
Gets the named piece of account extension data of type int for the
current user account.
|
java.lang.Integer |
getExtInteger(java.lang.String extName,
java.lang.String subjectId)
Gets the named piece of account extension data of type int for the
specified account.
|
java.lang.String |
getExtString(java.lang.String extName)
Gets the named piece of account extension data of type String for the
current user account.
|
java.lang.String |
getExtString(java.lang.String extName,
java.lang.String subjectId)
Gets the named piece of account extension data of type String for the
specified account.
|
private java.lang.String |
getHookParam(SecurityCache cache,
java.lang.String hookName)
Get the default "option" value (specified into directory) for the given
custom auth hook.
|
java.lang.String |
getIdByExtInteger(java.lang.String extName,
int extValue)
Gets the user ID of a user having a matching value in a specified
named account extension of integer type.
|
java.lang.String |
getIdByExtString(java.lang.String extName,
java.lang.String extValue,
boolean cs)
Gets the user ID of a user having a matching value in a specified
named account extension of string type.
|
java.lang.String |
getIdByOrdinal(int ordinal)
Gets IDs by thier ordinals.
|
java.lang.String |
getIdentity(java.lang.Object key)
Returns the subject ID associated with the passed key.
|
static SecurityManager |
getInstance()
Returns the reference to the instance of SecurityManager.
|
Rights |
getNextRights(int handle)
Returns an instance of Rights interface to be used next in the access
rights check loop.
|
Rights |
getNextRights(java.lang.String subject,
int handle)
Returns an instance of Rights interface to be used next in the access
rights check loop.
|
private int |
getNextUserSessionID()
Retrieve a unique user session ID to assign to a new security context.
|
java.lang.String |
getPeerHost()
Get the peer (remote) host for this session.
|
int |
getPeerPort()
Get the peer (remote) port for this session.
|
private NetSocket |
getPeerSocket()
Get the peer (remote) socket for this session.
|
AbstractResource |
getPluginInstance(java.lang.String resourceTypeName)
Searches abstract resource registry for a plugin that is responsible
for the resources of the specified type.
|
(package private) java.util.logging.Level |
getRequestedDebugLevel()
Gets the requested debug level.
|
javax.net.ssl.SSLContext |
getSecureSocketContext()
Initializes and returns a valid SSL environment.
|
javax.net.ssl.SSLContext |
getSecureSocketContext(BootstrapConfig config)
Initializes and returns a valid SSL environment.
|
java.lang.String |
getServerAlias()
Get the certificate alias for the running sever.
|
java.lang.String |
getServerId()
Get the server account ID.
|
(package private) SessionInfo |
getSessionDescriptor(Session session)
Obtain a descriptor for the given session.
|
java.lang.Integer |
getSessionId()
Get the number which uniquely identifies the current context, or
null if there is no current context. |
SessionListener |
getSessionListener()
Always returns
null . |
(package private) SessionInfo[] |
getSessionReport()
Creates a report of all current user and process sessions.
|
SessionToken |
getSessionToken()
Get the session token which uniquely identifies the current context, or
null if there is no current context. |
(package private) static java.lang.String |
getSubjectCommonName(java.security.cert.X509Certificate x509)
Parses a X.509 certificate and returns the CN component of the subject's
distinctive name.
|
private java.util.Map<java.lang.String,java.util.Set<java.lang.Integer>> |
getSubjectsByInstanceName(int resourceId)
Consolidate all the subjects for each instance with defined ACLs, for
the given resources.
|
java.lang.String |
getSystemPassword(java.lang.String subjectId)
Get the system user password used to authenticate this subjectId on the machine running
the P2J server.
|
java.lang.String |
getSystemUser(java.lang.String subjectId)
Get the system user used to authenticate this subjectId on the machine running the P2J
server.
|
java.lang.Integer |
getThreadId()
Get the identifier mapped to the current thread.
|
java.lang.Object |
getToken(ContextKey key)
Gets the token from the context map.
|
private TransportSecurity |
getTransportSecurity(BootstrapConfig config)
Creates an instance of
TransportSecurity class that serves
the client or server end of secured TLS connections, as needed. |
java.lang.String |
getUserId()
Returns the subject ID associated with the current context.
|
java.lang.String |
getWebServerAlias()
Get the certificate alias for the web sever.
|
boolean |
hasContext()
Detects if there is a valid context associated with the current thread.
|
boolean |
hasToken(ContextKey key)
Checks whether the specified token is in the context map.
|
private static int |
hostMatch(java.lang.String host,
java.util.List list)
Compares the list of DNS names with the given host name.
|
static boolean |
initialized()
Returns a flag indicating the readiness of the security manager to
properly operate.
|
boolean |
isClient()
Returns
true if this is a client (not server) application. |
boolean |
isDataLevel()
Tests if logging is active for calls to
dData(java.lang.String) . |
boolean |
isEditing()
Checks to see if a batch editing is in progress.
|
boolean |
isErrLevel()
Tests if logging is active for calls to
dErr(java.lang.String) . |
boolean |
isGroupDefined(java.lang.String uid)
Checks whether the specified group account exists.
|
boolean |
isListLevel()
Tests if logging is active for calls to
dList(java.lang.String) . |
boolean |
isPasswordAged()
Gets password age status for the current account.
|
boolean |
isProcessDefined(java.lang.String pid)
Checks whether the specified process account exists.
|
boolean |
isServer()
Returns
true if this is the server application. |
boolean |
isServerAccount()
Checks if the current context is the server one.
|
boolean |
isStatLevel()
Tests if logging is active for calls to
dStat(java.lang.String) . |
boolean |
isTraceLevel()
Tests if logging is active for calls to
dTrace(java.lang.String) . |
boolean |
isUserDefined(java.lang.String uid)
Checks whether the specified user account exists.
|
boolean |
isWarnLevel()
Tests if logging is active for calls to
dWarn(java.lang.String) . |
(package private) void |
killSession(int sid)
Forcibly terminates (closes) the socket in use for the given session.
|
private java.lang.String |
locateExtensionPath(java.lang.String uid)
Locates the account extension directory path for the specified user ID.
|
(package private) Session |
locateSession(SecurityContext context)
Locates the session in the list of sessions with matching security context.
|
(package private) Session |
locateSessionById(java.lang.Object sessionId)
Locates the session in the list of sessions with matching session id.
|
private void |
logContext(SecurityCache cache,
SecurityContext ctx)
Creates an audit record for security context switch event.
|
private void |
logGoingContext(SecurityContext ctx)
Creates an audit record for a terminated security context.
|
private void |
logNewContext(SecurityCache cache,
SecurityContext ctx)
Creates an audit record for security context creation event.
|
(package private) void |
logResource(SecurityCache cache,
int resourceId,
java.lang.String instanceName,
int mode,
boolean decision)
Creates an audit record for a resource instance access event.
|
(package private) void |
logResource(SecurityCache cache,
int resourceId,
java.lang.String instanceName,
int mode,
boolean decision,
java.lang.String message)
Creates an audit record for a resource instance access event.
|
private boolean |
needsServerValidation(BootstrapConfig config)
Detects if server certificate validation is required.
|
private Authenticator |
obtainCustomAuthHook(java.lang.String hookName)
Get an instance of the in-process authentication class.
|
private Authenticator |
obtainCustomClientHook(java.io.DataInput dis)
Gets custom authentication class and parameters from the server and runs
the specified method.
|
int |
openBatch(java.lang.String nodeId)
Notifies the Security Manager about a batch editing session to be
started for the specified directory branch.
|
int |
openRightsSearch(int resourceId,
java.lang.String instanceName,
int mode)
Creates a search handle.
|
int |
openRightsSearch(java.lang.String subject,
int resourceId,
java.lang.String instanceName,
int mode)
Creates a search handle.
|
static byte[] |
packageIdPassword(java.lang.String userid,
java.lang.String password)
Package a user ID and password into a single entity for transmission.
|
(package private) void |
popAllSecurityContext()
Terminates all security contexts associated with the current thread,
including the initial context.
|
void |
popAndRestoreSecurityContext()
Restores the initial security context of the calling thread when it is
done with the user request.
|
private void |
popContextWorker()
Restores the initial security context of the calling thread when it is
done with the user request.
|
private java.lang.Object[] |
postAuthenticateWorker(java.lang.Object sessionId,
java.lang.String localProcId,
java.lang.String localUserId)
Implements the server side of the authentication procedure for
processes or interactive clients.
|
void |
pushAndSwitchSecurityContext(java.lang.Object key)
Temporarily switches to a user context to serve the associated request.
|
void |
pushAndSwitchSecurityContextBySessionId(java.lang.Object sessionId)
Temporarily switches to a user context to serve the associated request.
|
(package private) void |
pushContextWorker(java.lang.Object key)
Temporarily switches to a user context to serve the associated request.
|
private static java.util.logging.Level |
readDebugLevel(DirectoryService ds)
Read the debug level configured in the directory as a string node with
the path "/security/config/debug-level", convert this debug level name
to a valid debug level and return it.
|
private Session |
removeSession(SecurityContext key)
Remove the session (which is associated with the given context) from the
master session list.
|
private Session |
removeSessionById(java.lang.Object sessionId)
Remove the session (which is associated with the given session id) from the
master session list.
|
(package private) boolean |
removeToken(ContextKey key)
Remove a token from the context map.
|
void |
resetContext()
Reset the effective security context associated with the current thread.
|
private AuthenticationResponse |
runCustomServerHook(SecurityCache sc,
java.lang.String targetHookName,
Authenticator serverAuth,
java.lang.String entity,
byte[] auth)
Instantiates and runs the server side of the custom authentication hook.
|
private boolean |
sendAuthResult(java.io.ObjectOutputStream out,
int authResult,
int authAction)
Worker to send back the authentication result and a disposition code.
|
private boolean |
sendAuthType(java.io.ObjectOutputStream output,
BootstrapConfig cfg)
Send the client's requested authorization type on the given connection.
|
AuthenticationResponse |
serverAuthHook(byte[] auth,
java.lang.String entity)
Implements server side standard authorization logic.
|
private void |
setCache(SecurityCache cache)
Safely sets the reference to the security cache in a mutithreaded
environment.
|
void |
setCleanupLock(java.lang.Object context,
java.lang.Object lock)
Set the context cleanup
lock , to avoid concurrent cleanups. |
boolean |
setDebugLevel(java.util.logging.Level newLevel)
Sets a new debug level.
|
boolean |
setExtBoolean(java.lang.String extName,
boolean value)
Sets the named piece of account extension data of type boolean for the
current user account.
|
boolean |
setExtBoolean(java.lang.String extName,
java.lang.String subjectId,
boolean value)
Sets the named piece of account extension data of type boolean for the
specified account.
|
boolean |
setExtBytes(java.lang.String extName,
byte[] value)
Sets the named piece of account extension data of type byte[] for the
current user account.
|
boolean |
setExtBytes(java.lang.String extName,
java.lang.String subjectId,
byte[] value)
Sets the named piece of account extension data of type byte[] for the
specified account.
|
boolean |
setExtInteger(java.lang.String extName,
int value)
Sets the named piece of account extension data of type int for the
current user account.
|
boolean |
setExtInteger(java.lang.String extName,
java.lang.String subjectId,
int value)
Sets the named piece of account extension data of type int for the
specified account.
|
boolean |
setExtString(java.lang.String extName,
java.lang.String value)
Sets the named piece of account extension data of type String for the
current user account.
|
boolean |
setExtString(java.lang.String extName,
java.lang.String subjectId,
java.lang.String value)
Sets the named piece of account extension data of type String for the
specified account.
|
void |
setInitialSecurityContext()
Initializes security context switching for the calling thread.
|
private void |
setInitialSecurityContextWorker(boolean unique,
SecurityContextStack stack)
Drops any current context (if any) and establishes an initial context
for the thread.
|
(package private) boolean |
setPassword(java.lang.String newPassword)
Sets new password for the current user account.
|
void |
setUniqueInitialSecurityContext()
Initializes security context switching for the calling thread making
sure that the context is newly created and is not shared with any other
thread.
|
void |
terminateSession(java.lang.Object key)
Destroys the security context associated with the given key.
|
void |
terminateSessionById(java.lang.Object sessionId)
Destroys the security context associated with the session id.
|
(package private) void |
terminateSessions(java.lang.String jar,
java.lang.String iface)
Terminate all active sessions which have invoked the given APIs in the
given jar.
|
private void |
terminateSessionWorker(Session session)
Destroys the security context associated with the given session.
|
void |
terminateSingle(java.lang.Object key)
Destroys the security context associated with the given key.
|
boolean |
testDebugLevel(java.util.logging.Level level)
Tests if the given logging level is active based on a comparison with
the currently configured logging level.
|
java.lang.String |
toString()
Returns the string representation of this object.
|
private boolean |
unassignContext(SecurityContext context)
Unassign the current thread from the given security context, and remove
its entry from the thread ID map.
|
static boolean |
updateCachedUserAccount(UserDef user)
Find and update user account stored in cache.
|
private boolean |
validateServer(javax.net.ssl.SSLSession locSess,
BootstrapConfig config)
Validate the server's certificate if this was specified in the
bootstrap configuration.
|
public static final java.lang.String FILE_SEPARATOR
public static final java.util.logging.Level NONE
public static final java.util.logging.Level ERROR
public static final java.util.logging.Level WARNING
public static final java.util.logging.Level STAT
public static final java.util.logging.Level LIST
public static final java.util.logging.Level TRACE
public static final java.util.logging.Level DATA
private static final int ALWAYS_RETRY
private static SecurityManager securityManager
private static java.lang.ThreadGroup secThreads
private BootstrapConfig cfg
private SecurityCache cache
private int cacheSerial
private TransportSecurity tranSec
private java.util.List<Session> listOfSess
private java.util.logging.Logger LOG
private java.util.logging.Level debugLevel
private final java.util.concurrent.locks.ReentrantReadWriteLock debugLevelLock
private java.util.logging.Level debugLevelRequest
private int nextUserSessionID
private int nextThreadID
private java.util.Map<java.lang.Thread,java.lang.Integer> threadIDs
private boolean init
private java.lang.Object pwchSync
private java.util.Map<java.lang.Object,java.lang.Boolean> cleanupLocks
private java.lang.String authOption
private SecurityManager(BootstrapConfig bc) throws ConfigurationException, java.lang.NoSuchMethodException
createInstance(com.goldencode.p2j.cfg.BootstrapConfig)
.bc
- an instance of BootstrapConfig
class used to get
the security related configuration informationConfigurationException
- may be thrown in SecurityCachejava.lang.NoSuchMethodException
- may be thrown in SecurityCachepublic static void clearInstance() throws RestrictedUseException
RestrictedUseException
- If called outside of expected code.public static SecurityManager createInstance(BootstrapConfig bc) throws ConfigurationException, java.lang.NoSuchMethodException
bc
- an instance of BootstrapConfig
class used to get
the security related configuration informationSecurityManager
ConfigurationException
- may be thrown in SecurityManager constructorjava.lang.NoSuchMethodException
- may be thrown in SecurityCachepublic static SecurityManager getInstance()
SecurityManager
public static boolean initialized()
true
if the security manager is ready to accept
requests.public static boolean updateCachedUserAccount(UserDef user) throws RestrictedUseException
user
- User account parameters.true
if account is found and updated.
false
if account not found.RestrictedUseException
- If called improperly.public java.lang.String getCustomServerExt()
public java.lang.String getCustomClientExt()
public static byte[] packageIdPassword(java.lang.String userid, java.lang.String password)
userid
- The subject ID.password
- The password.public static void checkCallerAbort(java.lang.String[] allowed, java.lang.String ignore) throws RestrictedUseException
The closest entry to the top of the stack where the class name differs
from both the SecurityManager
and the given
ignore
class name is the entry checked.
A function of SecurityManager
can be specified as the
allowed function. In this case it should be the closest entry to the
top except ignore
class functions and other functions of
SecurityManager
.
This arrangement allows for multiple levels of calls within this class and the class which is checking the caller without affecting the check.
allowed
- A list of fully qualified (package.class.method) names from
which the call is allowed.ignore
- A class name of entries (other than that of the
SecurityManager
) which should be ignored at
the top of the stack. May be null
.RestrictedUseException
- If the check fails.public static void checkCallerAbort(java.lang.String[] allowed) throws RestrictedUseException
The closest entry to the top of the stack where the class name differs
from the SecurityManager
is the entry checked.
This arrangement allows for multiple levels of calls within this class and the class which is checking the caller without affecting the check.
allowed
- A list of fully qualified (package.class.method) names from
which the call is allowed.RestrictedUseException
- If the check fails.public static void checkCallerAbort(java.lang.String allowed, java.lang.String ignore) throws RestrictedUseException
The closest entry to the top of the stack where the class name differs
from both the SecurityManager
and the given
ignore
class name is the entry checked.
A function of SecurityManager
can be specified as the
allowed function. In this case it should be the closest entry to the
top except ignore
class functions and other functions of
SecurityManager
.
This arrangement allows for multiple levels of calls within this class and the class which is checking the caller without affecting the check.
allowed
- A fully qualified (package.class.method) name from which the
call is allowed.ignore
- A class name of entries (other than that of the
SecurityManager
) which should be ignored at
the top of the stack. May be null
.RestrictedUseException
- If the check fails.public static void checkCallerAbort(java.lang.String allowed) throws RestrictedUseException
The closest entry to the top of the stack where the class name differs
from the SecurityManager
is the entry checked.
This arrangement allows for multiple levels of calls within this class and the class which is checking the caller without affecting the check.
allowed
- A fully qualified (package.class.method) name from which the
call is allowed.RestrictedUseException
- If the check fails.public static boolean checkCaller(java.lang.String allowed, java.lang.String ignore)
The closest entry to the top of the stack where the class name differs
from both the SecurityManager
and the given
ignore
class name is the entry checked.
A function of SecurityManager
can be specified as the
allowed function. In this case it should be the closest entry to the
top except ignore
class functions and other functions of
SecurityManager
.
This arrangement allows for multiple levels of calls within this class and the class which is checking the caller without affecting the check.
allowed
- A fully qualified (package.class.method) name from which the
call is allowed.ignore
- A class name of entries (other than that of the
SecurityManager
) which should be ignored at
the top of the stack. May be null
.true
if allowed.public static boolean checkCaller(java.lang.String allowed)
The closest entry to the top of the stack where the class name differs
from both the SecurityManager
is the entry checked.
This arrangement allows for multiple levels of calls within this class and the class which is checking the caller without affecting the check.
allowed
- A fully qualified (package.class.method) name from which the
call is allowed.true
if allowed.static java.lang.String getSubjectCommonName(java.security.cert.X509Certificate x509) throws java.security.cert.CertificateParsingException
x509
- certificate to parsejava.security.cert.CertificateParsingException
- if DN is malformed or no CN was found in DNprivate static java.util.logging.Level readDebugLevel(DirectoryService ds)
ds
- The directory from which to read. May be null
if there is no directory service available (e.g. on the
client).null
if no debug
level (or no valid level) is configured in the directory. If
there is no valid directory, null
will be
returned.private static boolean checkCallerWorker(java.lang.String[] allowed, java.lang.StringBuilder entry, java.lang.String ignore)
The closest entry to the top of the stack where the class name differs
from both the SecurityManager
and the given
ignore
class name is the entry checked.
A function of SecurityManager
can be specified as the
allowed function. In this case it should be the closest entry to the
top except ignore
class functions and other functions of
SecurityManager
.
This arrangement allows for multiple levels of calls within this class and the class which is checking the caller without affecting the check.
allowed
- A list of fully qualified (package.class.method) names from
which the call is allowed.entry
- Optional user-supplied buffer so that on failure the invalid
value will be available. May be null
if not
needed by the caller.ignore
- A class name of entries (other than that of the
SecurityManager
) which should be ignored at
the top of the stack. May be null
.true
if allowed.private static java.util.List fetchAltNames(java.security.cert.X509Certificate x509, int altNameType) throws java.security.cert.CertificateParsingException
x509
- certificate to parsealtNameType
- integer type of alternative name to look forList
of found names as String
s. May be
empty.java.security.cert.CertificateParsingException
private static int hostMatch(java.lang.String host, java.util.List list)
host
- name to checklist
- list of namesprivate Authenticator obtainCustomAuthHook(java.lang.String hookName)
private Authenticator obtainCustomClientHook(java.io.DataInput dis)
The AUTHCUSTOM packet is two consecutive strings written using the
writeUTF()
method. The first is the class name, followed
by the parameters. The no parameter case is handled as if it was an
empty string.
dis
- The input stream to read from.private static java.lang.String buildClassFileName(java.lang.String name)
name
- A fully qualified class name (without the ".class" at the
end). Note that any "." characters are converted into the
system-specific file separators.private static boolean classExists(java.lang.String name)
name
- A fully qualified class name (without the ".class" at the
end). Note that any "." characters are converted into path
separators.true
if the class file exists.private static byte[] getClassBytes(java.lang.String name)
name
- A fully qualified class name (without the ".class" at the
end).public java.lang.String adminGetServerName(boolean scope)
scope
- true
means using the latest security cache,
otherwise the session security cachenull
public int adminGetCacheSerial(boolean scope)
scope
- true
means using the latest security cache,
otherwise the session security cachepublic int adminRefresh(java.util.List<java.lang.String[]> msgBuf)
msgBuf
- list to receive messages if logmode enables admin messagespublic final Scope getEnclosingScope()
getEnclosingScope
in interface Scope
Scope
object, which is null
.public void clientFinalize()
clientFinalize
in interface Authenticator
public java.util.logging.Level getDebugLevel()
public boolean isErrLevel()
dErr(java.lang.String)
.true
if logging would occur in a call to the
dErr(java.lang.String)
method.public boolean isWarnLevel()
dWarn(java.lang.String)
.true
if logging would occur in a call to the
dWarn(java.lang.String)
method.public boolean isStatLevel()
dStat(java.lang.String)
.true
if logging would occur in a call to the
dStat(java.lang.String)
method.public boolean isListLevel()
dList(java.lang.String)
.true
if logging would occur in a call to the
dList(java.lang.String)
method.public boolean isTraceLevel()
dTrace(java.lang.String)
.true
if logging would occur in a call to the
dTrace(java.lang.String)
method.public boolean isDataLevel()
dData(java.lang.String)
.true
if logging would occur in a call to the
dData(java.lang.String)
method.public boolean testDebugLevel(java.util.logging.Level level)
level
- The logging level to test.true
if logging would occur in a call with the
given logging level.public boolean setDebugLevel(java.util.logging.Level newLevel)
Changing debug level is a protected action and requires the caller to have sufficient access rights to the "debug" instance of the "system" abstract resource.
newLevel
- debug level. Levels < 0 disable debug output. Levels 0 and
higher enable debug output. The higher is the level, the more
debug output is generated.true
if the requested debug level was setpublic void setCleanupLock(java.lang.Object context, java.lang.Object lock)
lock
, to avoid concurrent cleanups.context
- The SecurityContext
instance to configure.lock
- The instance on which to lock for context cleanup.public javax.net.ssl.SSLContext getSecureSocketContext() throws java.security.NoSuchAlgorithmException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.KeyManagementException, ConfigurationException
java.security.NoSuchAlgorithmException
java.security.KeyStoreException
java.security.UnrecoverableKeyException
java.security.KeyManagementException
ConfigurationException
public javax.net.ssl.SSLContext getSecureSocketContext(BootstrapConfig config) throws java.security.NoSuchAlgorithmException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, java.security.KeyManagementException, ConfigurationException
config
- Bootstrap configuration information used to initialize the
secure socket context.java.security.NoSuchAlgorithmException
java.security.KeyStoreException
java.security.UnrecoverableKeyException
java.security.KeyManagementException
ConfigurationException
public AuthData authenticateClient(NetSocket socket, BootstrapConfig config) throws RestrictedUseException
If required, the server's X.509 certificate is validated first. If this does not fail, its DNS name is checked as defined in RFC2830, p3.6:
The next and last step is the client authentication procedure.
Restricted use. This method checks the caller to be
com.goldencode.p2j.net.SessionManager.createQueue()
.
socket
- The socket identifying this connection.config
- BootstrapConfig instance which should override the security
manager's version; null
to use default config.null
if authentication failed.RestrictedUseException
- If called improperly.private AuthData authenticateClientWorker(NetSocket socket, BootstrapConfig config)
socket
- The socket identifying this connection.config
- BootstrapConfig instance which should override the security
Can't be null
.null
if authentication failed.public java.lang.Object authenticateLocal(NetSocket socket) throws RestrictedUseException
Restricted use. This method checks the caller to be
com.goldencode.p2j.net.RouterSessionManager$Incoming.run()
.
There are two major classes of connections: certified and anonymous.
socket
- Socket identifying this connection.null
for failures
or a string describing normal client exit from authentication.RestrictedUseException
- If called improperly.public java.lang.Object authenticateServer(BootstrapConfig cfg) throws RestrictedUseException
cfg
- The configuration.null
if authentication failed.RestrictedUseException
- If this method is called from restricted contextpublic int authenticateServer(java.lang.Object sessionId, java.lang.String userid, java.lang.String password) throws RestrictedUseException
sessionId
- The session iduserid
- The user idpassword
- The passwordRestrictedUseException
- If this method is called from restricted contextpublic java.lang.String getServerId()
public java.lang.String getUserId()
The subject ID returned is either userID, or processId, if no user is logged on.
public java.lang.String getAppServer()
If no appserver is associated with the current context, it returns null
public java.lang.String getPeerHost()
public int getPeerPort()
public void resetContext() throws RestrictedUseException
RestrictedUseException
- If called outside of expected code.public boolean hasContext()
true
if there is a valid security context.public java.lang.Object getEffectiveContext() throws RestrictedUseException
null
if either
this is not a server-side security manager, or there is no
effective security context associated with the current
thread.RestrictedUseException
- if called improperly.public java.lang.Integer getSessionId()
null
if there is no current context.public java.lang.String getServerAlias()
null
if not called on a server thread.public java.lang.String getWebServerAlias()
null
if not called on a server thread.public java.lang.String getAccountAlias(java.lang.String subjectId)
null
.public java.lang.String getSystemUser(java.lang.String subjectId)
Utils.DirScope.BOTH
.
If none configured, default to the subject ID.
subjectId
- The subject ID.public java.lang.String getSystemPassword(java.lang.String subjectId)
Utils.DirScope.BOTH
.
If none configured, default to null
.
subjectId
- The subject ID.public SecurityManager.EncryptedKeyStoreFunction getEncryptedKeyStore()
getEncryptedKeyStoreWorker(java.lang.String, java.lang.String, java.lang.String, com.goldencode.p2j.main.ServerKeyStore.Store)
or null
if the thread doesn't have a server context.private byte[] getEncryptedKeyStoreWorker(java.lang.String alias, java.lang.String ksPassword, java.lang.String kePassword, ServerKeyStore.Store type)
alias
- The alias.ksPassword
- Password used to encrypt the key store.kePassword
- Password used to encrypt the key entry within the store.type
- The key store typenull
if the alias does not exist or
the store could not be generated.public byte[] getEncryptedTrustStore(java.lang.String password)
password
- The password used to encrypt the store.null
if the store could not be generated.public SessionToken getSessionToken()
null
if there is no current context.public java.lang.Integer getThreadId()
public java.lang.String[] getAccountIds(java.lang.String acct)
acct
- The P2J subject ID.public java.lang.String[] getAccountIds()
The first subject ID in the array is either a userID or a processId (if no user is logged on). All subsequent subject IDs are the list of group names. Note that as long as there is a security context, there will be at least 1 subject ID. The group subject IDs will only be there if the user or process belongs to 1 or more groups.
public java.lang.String getIdentity(java.lang.Object key) throws RestrictedUseException
The subject ID returned is in the form processID/userID. Either part can be empty. No group IDs are returned as they must be uniquely identifiable by userID.
Note that the security cache has to be taken from the passed key which is a SecurityContext, as the correct identity of the key is bound to the security cache generation.
Restricted use. This method checks the caller to be the "authenticateRemote" method of the com.goldencode.p2j.net.Dispatcher class.
key
- a key to a security context to be queriedRestrictedUseException
- if called improperlypublic java.lang.Object authenticateSingle(BootstrapConfig cfg) throws RestrictedUseException
Restricted Use. This method checks the caller to be
com.goldencode.p2j.main.ClientCore.start()
.
cfg
- Local configuration.null
for failures
or a string describing normal client exit from authentication.RestrictedUseException
- If called improperly.public java.lang.Object authenticateRemote(java.lang.String identity) throws RestrictedUseException
Restricted use. This method checks the caller to be
com.goldencode.p2j.net.RouterSessionManager.authenticateRemote()
.
identity
- remote application/client identity in the form "processID/userID"null
RestrictedUseException
- if called improperlypublic void terminateSession(java.lang.Object key) throws RestrictedUseException
Restricted use. This method checks the caller to be:
key
- The security context.RestrictedUseException
- If called improperly from unauthorized code.public void terminateSessionById(java.lang.Object sessionId) throws RestrictedUseException
Restricted use. This method checks the caller to be:
sessionId
- The session id.RestrictedUseException
- If called improperly from unauthorized code.private void terminateSessionWorker(Session session) throws RestrictedUseException
session
- The session to terminate.RestrictedUseException
- If called improperly from unauthorized code.public void terminateSingle(java.lang.Object key) throws RestrictedUseException
Restricted Use. This method checks the caller to be
com.goldencode.p2j.main.ClientCore.start()
.
key
- The security context.RestrictedUseException
- If called improperly or from unauthorized code.public byte[] clientAuthHook(java.util.Map<java.lang.String,java.lang.Object> parameters, int code)
Returns a byte array to be transmitted to the server as authentication
input. The userid and password values will be obtained by prompting
the user using stdin
and stdout
.
If this method is called, it simply provides a userID and password no matter what authentication mode is. It works, because certificates are verified before the call, if the authentication mode required that.
This logic allows specifying
com.goldencode.p2j.security.SecurityManager
as a hook name.
clientAuthHook
in interface Authenticator
parameters
- Additional configuration parameters. Not used in this
implementation.code
- The result of the most recent attempt to authenticate or
AUTH_RESULT_NONE
if this is the first attempt.serverAuthHook(byte[], java.lang.String)
for authentication processing.public AuthenticationResponse serverAuthHook(byte[] auth, java.lang.String entity)
Accepts the byte array produced by the client side authorization hook as the authentication input, and custom parameters.
serverAuthHook
in interface Authenticator
auth
- The authentication input from the client in a form that is
created using packageIdPassword(java.lang.String, java.lang.String)
.entity
- Entity to be processed.
Not used in this implementation.public SessionListener getSessionListener()
null
.getSessionListener
in interface Authenticator
null
.public java.util.Set<java.lang.String> getAuthenticationEntities()
getAuthenticationEntities
in interface Authenticator
null
.public void configure(java.lang.String option)
configure
in interface Authenticator
option
- The value of "option" entry for the auth plugin.public void setInitialSecurityContext() throws RestrictedUseException
This call immediately exits if called from the client.
If this call is made repeatedly, it checks whether the security cache is refreshed compared to the generation of the cache used to create the initial security context currently in use. If this is the case, the old security context is released and replaced with the current one.
Restricted use. This method checks the caller to be:
RestrictedUseException
- if called improperlypublic void setUniqueInitialSecurityContext() throws RestrictedUseException
This call is supposed to be repeatable for permanent threads to allow proper security cache refresh function.
This call immediately exits if called from the client.
If this call is made repeatedly, it checks whether the security cache is refreshed compared to the generation of the cache used to create the initial security context currently in use. If this is the case, the old security context is released and replaced with the current one.
Restricted use. This method checks the caller to be:
RestrictedUseException
- if called improperlyvoid forceSecurityContext(SecurityContextStack stack)
stack
- Context stack to use instead of creating a new one. This
allows the caller to override the initial and effective
contexts.private Session removeSession(SecurityContext key)
key
- The security context.private Session removeSessionById(java.lang.Object sessionId)
sessionId
- The session id.private byte[] clientAuthHookWorker(java.util.Map<java.lang.String,java.lang.Object> parameters, int code, BootstrapConfig config)
Returns a byte array to be transmitted to the server as authentication
input. If not contained in the given bootstrap configuration, the userid
and password values will be obtained by prompting the user using
stdin
and stdout
.
If this method is called, it simply provides a userID and password no matter what authentication mode is. It works, because certificates are verified before the call, if the authentication mode required that.
parameters
- Additional configuration parameters. Not used in this
implementation.code
- The result of the most recent attempt to authenticate or
AUTH_RESULT_NONE
if this is the first attempt.config
- Configuration data upon which to base default processing.serverAuthHook(byte[], java.lang.String)
for authentication processing.private void setInitialSecurityContextWorker(boolean unique, SecurityContextStack stack)
unique
- true
to instantiate a new context that is not
associated with the current server account and does not share
any context-local data. false
to get the standard
server-wide initial context which is associated with the
server's account AND shares context-local data with all other
server threads that also share this initial context. This
parameter is only honored if the context
parameter
is null
.stack
- Optional context stack to use instead of creating a new one.
This allows the caller to override the initial and effective
contexts.public void dropInitialSecurityContext()
If called improperly, has no effect.
public void pushAndSwitchSecurityContext(java.lang.Object key) throws RestrictedUseException
The use count for the target security context is incremented by 1.
key
- security context keyRestrictedUseException
- If called improperly.public void pushAndSwitchSecurityContextBySessionId(java.lang.Object sessionId) throws RestrictedUseException
The use count for the target security context is incremented by 1.
sessionId
- session idRestrictedUseException
- If called improperly.void popAllSecurityContext() throws RestrictedUseException
setUniqueInitialSecurityContext()
. If this
is not used, then the unique initial contexts will never be cleaned up
and there will be a memory leak.
The use count for the all security contexts is decremented by 1. If it becomes 0, it gets deleted immediately.
RestrictedUseException
- If called from an unauthorized location.public void popAndRestoreSecurityContext() throws RestrictedUseException
The use count for the current security context is decremented by 1. If it becomes 0, it gets deleted immediately.
RestrictedUseException
- If called from an unauthorized location.public AbstractResource getPluginInstance(java.lang.String resourceTypeName)
Note that the security cache has to be taken from the security context of the thread, since in the current cache the resource plugin can be either registered under different ID or even be dropped.
resourceTypeName
- resource type nameAbstractResource
objectpublic java.lang.Boolean getCachedDecision(int resourceId, java.lang.String instanceName, int mode)
Plugins call this method to check whether a cached access check decision is available. Cached access check decisions are identified by triplets of {resourceId, instanceName, mode} exactly as they were specified when the decision was taken.
Note that the security cache has to be taken from the security context of the thread.
resourceId
- resource identityinstanceName
- resource instance namemode
- access mode (requested rights) the decision was made aboutBoolean
that wraps a decision, or null
if not available.public int openRightsSearch(int resourceId, java.lang.String instanceName, int mode)
Plugins call this method to initiate the access rights search for the specified resource instance and requested rights.
Note that the security cache has to be taken from the security context of the thread.
resourceId
- resource identityinstanceName
- resource instance namemode
- access mode (requested rights) the decision was made aboutpublic Rights getNextRights(int handle)
Plugins cast Rights to their own classes and use their custom methods to perform the check.
Note that the security cache has to be taken from the security context of the thread.
handle
- search handleRights
public void closeRightsSearch(int handle, boolean decision, boolean cache)
Note that the security cache has to be taken from the security context of the thread.
handle
- search handledecision
- true
or false
decision just madecache
- true
if the decision has to be cachedpublic int openRightsSearch(java.lang.String subject, int resourceId, java.lang.String instanceName, int mode)
Plugins call this method to initiate the access rights search for the specified resource instance and requested rights.
Note that the security cache has to be taken from the security context of the thread.
The search handle is created for the specified subject.
subject
- subject ID to which this search belongs.resourceId
- resource identityinstanceName
- resource instance namemode
- access mode (requested rights) the decision was made aboutpublic Rights getNextRights(java.lang.String subject, int handle)
Plugins cast Rights to their own classes and use their custom methods to perform the check.
Note that the security cache has to be taken from the security context of the thread.
subject
- subject ID to which the search handle belongs.handle
- search handleRights
public void closeRightsSearch(java.lang.String subject, int handle, boolean decision)
Note that the security cache has to be taken from the security context of the thread.
subject
- subject ID to which the search handle belongs.handle
- search handledecision
- true
or false
decision just madepublic java.lang.Object evaluate(int resourceId, java.lang.Object link, java.lang.String expr)
The expression may refer to Security Manager's variables and functions and to the plugin's variables and functions, should one decide to expose any.
The current implementation arbitrates names clashes using natural scoping provided by Expression Engine, which can be modified by using qualifiers in the expression.
Note that the security cache has to be taken from the security context of the thread.
resourceId
- resource identitylink
- an Object that supplies the raw data for this computation and is
shared between the resource plugin and its library of exportsexpr
- expression to compile and evaluatenull
is returnedpublic int openBatch(java.lang.String nodeId)
Restricted use. This method checks the caller to be:
DirectoryService calls this method before it opens a batch. This method checks the subject's access rights to the "system", "change" instance, if the batch is for any branch of "/security".
The action is different for master servers versus regular ones. Only master servers are allowed to edit the P2J security directory. Regular servers cannot edit, but still need this call as a way of refreshing their internal caches.
Note that the security cache has to be taken from the security context of the thread.
nodeId
- Subtree which will be edited.public boolean isEditing()
Restricted use. This method checks the caller to be:
true
if there is an open editing batchpublic boolean closeBatch(boolean disposition)
DirectoryService calls this method after having successfully commited
the changes to the directory (disposition is true
) or to
signal rollback.
Restricted use. This method checks the caller to be:
disposition
- If this parameter is true
then changes need to
be committed. Otherwise they are just thrown away and lock is
removed.true
if operation was successful and tree was
successfully updated.public boolean closeBatch(boolean disposition, boolean refresh)
DirectoryService calls this method after having successfully commited
the changes to the directory (disposition is true
) or to
signal rollback.
Restricted use. This method checks the caller to be:
disposition
- If this parameter is true
then changes need to
be committed. Otherwise they are just thrown away and lock is
removed.refresh
- when committing the batch, tells whether to refresh the
security cache or nottrue
if operation was successful and tree was
successfully updated.public boolean checkShutdownAccess()
true
if access is allowed.public void debug(java.util.logging.Level level, java.lang.String message, java.lang.Exception exc)
level
- Debug level of this message.message
- Text to be displayed.exc
- Exception containing the stack trace to be logged. If
null
, only message
will be logged.public void debug(java.util.logging.Level level, java.lang.String message)
level
- Debug level of this messagemessage
- Text to be displayedpublic void dErr(java.lang.String message)
message
- text to be displayedpublic void dWarn(java.lang.String message)
message
- text to be displayedpublic void dStat(java.lang.String message)
message
- text to be displayedpublic void dList(java.lang.String message)
message
- text to be displayedpublic void dTrace(java.lang.String message)
message
- text to be displayedpublic void dData(java.lang.String message)
message
- text to be displayedpublic boolean isServerAccount()
Note that the value returned by this method is sometimes different that isServer()
.
This is because isServer()
will return true
on all contexts created on
P2J server application, while this method will return false
for eventual client
contexts additionally created inside the process (like an appserver Agent
class instance entity).
true
only when called on server account context.public boolean isServer()
true
if this is the server application.
Ultimately, this method checks the type
attribute of the root node of the bootstrap
configuration file. If the current process was launched using a server
value, then
this method returns true
.
true
if current process is the P2J server application.public boolean isClient()
true
if this is a client (not server) application. This is the complementary
of the above method.true
if on the client.public java.lang.Integer getExtInteger(java.lang.String extName)
extName
- account extension nameInteger
or
null
if no such extension exists.public java.lang.Boolean getExtBoolean(java.lang.String extName)
extName
- account extension nameBoolean
or
null
if no such extension exists.public java.lang.String getExtString(java.lang.String extName)
extName
- account extension namenull
if no such extension exists.public DateValue getExtDate(java.lang.String extName)
extName
- account extension namenull
if no such extension exists.public byte[] getExtBytes(java.lang.String extName)
extName
- account extension namenull
if no such extension exists.public java.lang.Integer getExtInteger(java.lang.String extName, java.lang.String subjectId)
extName
- account extension namesubjectId
- subject IDInteger
or
null
if no such extension exists.public java.lang.Boolean getExtBoolean(java.lang.String extName, java.lang.String subjectId)
extName
- account extension namesubjectId
- subject IDBoolean
or
null
if no such extension exists.public java.lang.String getExtString(java.lang.String extName, java.lang.String subjectId)
extName
- account extension namesubjectId
- subject IDnull
if no such extension exists.public DateValue getExtDate(java.lang.String extName, java.lang.String subjectId)
extName
- account extension namesubjectId
- subject IDnull
if no such extension exists.public byte[] getExtBytes(java.lang.String extName, java.lang.String subjectId)
extName
- account extension namesubjectId
- subject IDnull
if no such extension exists.public boolean setExtInteger(java.lang.String extName, int value)
extName
- account extension namevalue
- new value for the account extensiontrue
if successfully set the valuepublic boolean setExtBoolean(java.lang.String extName, boolean value)
extName
- account extension namevalue
- new value for the account extensiontrue
if successfully set the valuepublic boolean setExtString(java.lang.String extName, java.lang.String value)
extName
- account extension namevalue
- new value for the account extensiontrue
if successfully set the valuepublic boolean setExtBytes(java.lang.String extName, byte[] value)
extName
- account extension namevalue
- new value for the account extensiontrue
if successfully set the valuepublic boolean setExtInteger(java.lang.String extName, java.lang.String subjectId, int value)
extName
- account extension namesubjectId
- subject IDvalue
- new value for the account extensiontrue
if successfully set the valuepublic boolean setExtBoolean(java.lang.String extName, java.lang.String subjectId, boolean value)
extName
- account extension namesubjectId
- subject IDvalue
- new value for the account extensiontrue
if successfully set the valuepublic boolean setExtString(java.lang.String extName, java.lang.String subjectId, java.lang.String value)
extName
- account extension namesubjectId
- subject IDvalue
- new value for the account extensiontrue
if successfully set the valuepublic boolean setExtBytes(java.lang.String extName, java.lang.String subjectId, byte[] value)
extName
- account extension namesubjectId
- subject IDvalue
- new value for the account extensiontrue
if successfully set the valuepublic boolean isUserDefined(java.lang.String uid)
uid
- user IDtrue
if such user account existspublic boolean isProcessDefined(java.lang.String pid)
pid
- process IDtrue
if such process account existspublic java.lang.String getAppserverForProcess(java.lang.String pid)
pid
- The process ID.null
if the passed ID is not for a process or there is no
associated appserver for the process.public java.lang.String getBrokerForProcess(java.lang.String pid)
pid
- The process ID.null
if the passed ID is not for a process or there is no
associated broker for the process.public boolean isGroupDefined(java.lang.String uid)
uid
- group IDtrue
is such group account existspublic java.lang.String[] getAccountsForAppserver(java.lang.String appServer)
appServer
is
null
, this will return an array of length 0.appServer
- The appserver for which the accounts are needed.public java.lang.String[] getAllUsers()
public java.lang.String[] getAllSubjects()
public java.lang.String getIdByOrdinal(int ordinal)
ordinal
- ordinal number of some subject IDpublic java.lang.String getIdByExtInteger(java.lang.String extName, int extValue)
extName
- account extension nameextValue
- extension valuenull
if no such extension exists.public java.lang.String getIdByExtString(java.lang.String extName, java.lang.String extValue, boolean cs)
extName
- account extension nameextValue
- extension valuecs
- case sensitivity for comparison. true
means
case-sensitive comparison.null
if no such extension exists.public AccessControlList[] getACLs(int resourceId)
resourceId
- resource identityAccessControlList
s. The array is empty if
the caller has no access rights to the system/accounts resource
instance.public java.util.Map<java.lang.String,java.util.Map<java.lang.Integer,Rights>> getConsolidatedACLs(java.lang.String type)
type
- The resource type name for which the consolidated ACLs are
neededprivate java.util.Map<java.lang.String,java.util.Set<java.lang.Integer>> getSubjectsByInstanceName(int resourceId)
resourceId
- resource identitypublic boolean changePassword()
true
if password has been changed successfully.public boolean isPasswordAged()
true
if this password is too old and needs changingpublic java.lang.String toString()
toString
in class java.lang.Object
boolean addToken(ContextKey key, java.lang.Object token)
key
- token key to be used as a key in the maptoken
- an arbitrary object to be kept in the entrytrue
if the token is added successfullyboolean removeToken(ContextKey key)
key
- token key to be used as a key in the maptrue
if the token was removed successfullypublic boolean hasToken(ContextKey key)
key
- token key to be used as a key in the maptrue
if the token is foundpublic java.lang.Object getToken(ContextKey key)
key
- token key to be used as a key in the mapnull
SecurityCache getCache()
SecurityCache
void killSession(int sid)
sid
- Session ID to terminate.java.lang.IllegalStateException
- If the given session id is invalid, is associated with a
virtual session or if it is associated with the current
session being used.SessionInfo[] getActiveSessions(java.lang.String jar, java.lang.String iface)
jar
- The name of the target jar file.iface
- The interface for which we need the sessions;
if null
, search through the entire jar.void terminateSessions(java.lang.String jar, java.lang.String iface)
null
, terminate all active
tracked sessions.
This method guarantees that all session termination listeners have been
executed.jar
- The jar name; if null
, terminate all active
tracked sessions.iface
- The interface for which we need to terminate the sessions;
if null
, terminate all sessions for the given
jar.SessionInfo[] getSessionReport()
Session locateSession(SecurityContext context)
context
- security context to look forSession
associated with the security
contextSession locateSessionById(java.lang.Object sessionId)
sessionId
- session idSession
associated with the session idSessionInfo getSessionDescriptor(Session session)
session
- The session on which to report. Must not be null
.null
will be returned if the session cannot be
inspected.java.lang.NullPointerException
- If the given session is null
.BootstrapConfig getConfig()
BootstrapConfig
associated with this
objectprivate boolean adminAccess()
true
if the caller has sufficient rightsprivate Account getAccount(java.lang.String uid)
uid
- user IDnull
private void logNewContext(SecurityCache cache, SecurityContext ctx)
cache
- security cache where to log this eventctx
- security contextprivate void logContext(SecurityCache cache, SecurityContext ctx)
cache
- security cache where to log this eventctx
- coming security context, may be null
private void logGoingContext(SecurityContext ctx)
ctx
- security contextvoid logResource(SecurityCache cache, int resourceId, java.lang.String instanceName, int mode, boolean decision, java.lang.String message)
cache
- security cache where to log this eventresourceId
- resource identityinstanceName
- resource instance namemode
- access mode (requested rights) the decision was made aboutdecision
- access decisionmessage
- additional textvoid logResource(SecurityCache cache, int resourceId, java.lang.String instanceName, int mode, boolean decision)
cache
- security cache where to log this eventresourceId
- resource identityinstanceName
- resource instance namemode
- access mode (requested rights) the decision was made aboutdecision
- access decisionjava.util.logging.Level getRequestedDebugLevel()
boolean setPassword(java.lang.String newPassword)
newPassword
- new password as plain texttrue
if password has been set successfullyprivate boolean validateServer(javax.net.ssl.SSLSession locSess, BootstrapConfig config)
locSess
- The local SSL session to validate.config
- BootstrapConfig instance which should override the security
manager's version; null
to use default config.void pushContextWorker(java.lang.Object key) throws RestrictedUseException
The use count for the target security context is incremented by 1.
key
- security context keyRestrictedUseException
- If called improperly.private void popContextWorker() throws RestrictedUseException
The use count for the current security context is decremented by 1. If it becomes 0, it gets deleted immediately.
RestrictedUseException
- If called improperly.private void endContext(SecurityContextStack cts, SecurityContext ctx)
cts
- The context stack for the current thread.ctx
- The context to end.private TransportSecurity getTransportSecurity(BootstrapConfig config) throws java.security.NoSuchAlgorithmException, java.security.KeyStoreException, java.security.UnrecoverableKeyException, ConfigurationException
TransportSecurity
class that serves
the client or server end of secured TLS connections, as needed. The
newly created instance is a singleton within the domain of this
instance of SecurityManager
. Thus, repeatable calls return
the same reference.java.security.NoSuchAlgorithmException
java.security.KeyStoreException
java.security.UnrecoverableKeyException
ConfigurationException
private boolean needsServerValidation(BootstrapConfig config)
config
- BootstrapConfig instance which should override the security
manager's version; null
to use default config.true
if server certificate validation is
required.private boolean sendAuthType(java.io.ObjectOutputStream output, BootstrapConfig cfg)
This method inspects the bootstrap configuration to see what kind of authentication to pick:
security.keystore.processalias
is set;
AUTH_REQ_PROCESS
will be sent.
security.keystore.processalias
is not set, but
security.authentication.type
is set and equals
PROGRAM
;
AUTH_REQ_PROGRAM
will be sent.
AUTH_REQ_USER
will be sent.
output
- The connection on which to write our type.cfg
- The attempted connection's configuration.true
if successfulprivate boolean checkPassword(java.lang.String plain, UserAccount user)
plain
- plain text passworduser
- UserAccount
instancetrue
if password is validprivate void agePassword(UserAccount user)
user
- UserAccount
instanceprivate void assignContext(SecurityContext context)
context
- Security context to be assigned.private boolean unassignContext(SecurityContext context)
context
- Security context to be unassigned.private void setCache(SecurityCache cache)
In the multithreaded environment, after the closing of a batch editing
session, a newly created thread rereads the directory and builds a new
instance of SecurityCache
while the existing one continues
to serve the needs of the server. This call is the last step in the
refreshing of the security cache.
cache
- reference to a copy of SecurityCache
private AuthenticationResponse runCustomServerHook(SecurityCache sc, java.lang.String targetHookName, Authenticator serverAuth, java.lang.String entity, byte[] auth)
Accepts the byte array produced by the client side authorization hook as the authentication input, and custom parameters.
sc
- The security cache generation to be used.targetHookName
- The name of the custom auth hook to run as it is represented
into the directory. Cannot be null
.serverAuth
- The instance of the server hook or null
to
obtain the default processing.entity
- Custom parameters.auth
- The authorization input from the client.private SecurityContext createSecurityContext(SecurityCache sc, java.lang.String pid, java.lang.String uid)
sc
- SecurityCache
where new security context belongspid
- process ID for new security contextuid
- user ID for new security contextSecurityContext
private int getNextUserSessionID()
private java.lang.String locateExtensionPath(java.lang.String uid)
uid
- user IDprivate boolean sendAuthResult(java.io.ObjectOutputStream out, int authResult, int authAction)
out
- The socket to send on.authResult
- The authentication result.authAction
- The authentication disposition code.true
if sent successfully.private java.lang.String getHookParam(SecurityCache cache, java.lang.String hookName)
cache
- The security cache generation to be used.hookName
- The name of the target custom hook.private java.lang.Object[] postAuthenticateWorker(java.lang.Object sessionId, java.lang.String localProcId, java.lang.String localUserId) throws RestrictedUseException
sessionId
- The new session id.localProcId
- The local process account being authenticated.localUserId
- The local user account being authenticated.RestrictedUseException
private NetSocket getPeerSocket()