blob: 9c6e0e1054dd0968e05da0020d1879a88c57b153 [file] [log] [blame]
/**
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.apollo.broker.security
import java.security.Principal
import javax.security.auth.Subject
import java.security.cert.X509Certificate
import java.net.SocketAddress
import org.apache.activemq.apollo.broker.Broker.BLOCKABLE_THREAD_POOL
import org.fusesource.hawtdispatch._
import javax.security.auth.login.LoginContext
/**
* <p>
* </p>
*
* @author <a href="http://hiramchirino.com">Hiram Chirino</a>
*/
class SecurityContext {
var user:String = _
var password:String = _
var sso_token:String = _
var certificates:Array[X509Certificate] = _
var local_address:SocketAddress = _
var remote_address:SocketAddress = _
var login_context:LoginContext = _
var session_id:Option[String] = None
def credential_dump = {
var rc = List[String]()
if(certificates!=null) {
for(cert<-certificates) {
rc ::= "certdn="+cert.getSubjectX500Principal.getName
}
}
if(user!=null) {
rc ::= "user="+user
}
"["+rc.mkString(", ")+"]"
}
def principal_dump = {
var rc = List[String]()
if(_principals!=null) {
for(principal<-_principals) {
rc ::= principal.getClass.getName+":"+principal.getName
}
}
"["+rc.mkString(", ")+"]"
}
private var _subject:Subject = _
def subject = _subject
private var _principals = Set[Principal]()
def principals = _principals
def subject_= (value:Subject) {
_subject = value
_principals = Set()
if( value!=null ) {
import collection.JavaConversions._
_principals = value.getPrincipals.toSet
}
}
def principals(kind:String):Set[Principal] = {
kind match {
case "+"=>
principals
case "*"=>
principals
case kind=>
principals.filter(_.getClass.getName == kind)
}
}
/**
* Logs the user off, called func when completed. Pass
* any errors that occurred during the log off process
* to the function or null.
*/
def logout(func: (Throwable)=>Unit) = {
if(login_context==null) {
func(null)
} else {
val lc = login_context
login_context = null
BLOCKABLE_THREAD_POOL {
try {
lc.logout()
func(null)
} catch {
case e:Throwable => func(e)
}
}
}
}
}