felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Meschberger <fmesc...@gmail.com>
Subject Re: Google Summer of Code: Marcin Wilkos
Date Wed, 27 May 2009 13:12:11 GMT
Hi,

While I would argue along the same lines as Marcel, your proposal is 
quote appealing ...

So, as much as I would probably prefer to reuse existing API (namely 
UserAdmin), for then purpose of the WebConsole this might be sufficient.

Regards
Felix

Guillaume Nodet schrieb:
> I don't think having a UserAdmin delegating to JAAS could work because
> JAAS does not provide anything about modifying the underlying storage
> for creating / removing users or groups.   UserAdmin provides such
> features, so I think it has to be to other way around: it should be
> quite easy to implement a JAAS login module that delegates to
> UserAdmin.
> Given I don't think requiring JAAS is a good idea, that's why I
> proposed such a simple API.
> I don't really see any drawback to such a pluggable mechanism, as I
> think it can be implemented for both JAAS and UserAdmin in a few lines
> of code:
> 
> public class UserAdminProvider implements WebConsoleSecurityProvider {
>    private UserAdmin userAdmin;
>    private String userProperty;
>    private String credProperty;
>    public class UserAdminProvider(UserAdmin userAdmin, String
> userProperty, String credProperty) {
>       this.userAdmin = userAdmin;
>       this.userProperty = userProperty;
>       this.credProperty = credProperty;
>    }
>    public Object authenticate(String username, Object credential)
> throws SecurityException {
>       User user = userAdmin.getUser(userProperty, userName);
>       if (user == null) throw new SecurityException("No such user");
>       if (!user.hasCredential(credProperty, credential)) throw new
> SecurityException("Bad credential");
>       return user;
>    }
>    public void authorize(Object user, String role) throws SecurityException {
>       Authorization auth = userAdmin.getAuthorization((User) user);
>       if (!auth.hasRole(role)) throw new SecurityException("Not authorized");
>    }
> }
> 
> 
> public class JAASProvider implements WebConsoleSecurityProvider {
>    private String domain;
>    public JAASProvider(String domain) {
>       this.domain = domain;
>    }
>    public Object authenticate(String username, Object credential)
> throws SecurityException {
>         Subject subject = new Subject();
>         LoginContext loginContext = new LoginContext(domain, subject,
> new CallbackHandler() {
>             public void handle(Callback[] callbacks) throws
> IOException, UnsupportedCallbackException {
>                 for (int i = 0; i < callbacks.length; i++) {
>                     if (callbacks[i] instanceof NameCallback) {
>                         ((NameCallback) callbacks[i]).setName(username);
>                     } else if (callbacks[i] instanceof
> PasswordCallback && credentials instanceof String) {
>                         ((PasswordCallback)
> callbacks[i]).setPassword(((String) credential).toCharArray());
>                     } else if (callbacks[i] instanceof
> CertificateCallback && credentials instanceof X509Certificate) {
>                         ((CertificateCallback)
> callbacks[i]).setCertificate((X509Certificate) credential);
>                     } else {
>                         throw new UnsupportedCallbackException(callbacks[i]);
>                     }
>                 }
>             }
>         });
>         loginContext.login();
>         return subject;
>    }
>    public void authorize(Object user, String role) throws SecurityException {
>       if (!((Subject) user).getPrincipals().contains(new
> GroupPrincipal(role))) throw new SecurityException("Not authorized");
>    }
> }
> 
> Pluggability / extensibility is always a good thing imho, as long as
> it's not overengineered, which is not the case here imho.
> 
> On Wed, May 27, 2009 at 11:31, Marcel Offermans
> <marcel.offermans@luminis.nl> wrote:
>> Hello Guillaume,
>>
>> On May 27, 2009, at 11:20 , Guillaume Nodet wrote:
>>
>>> Right, I think there is a real need to support UserAdmin, but given
>>> both JAAS and UserAdmin will be used for the same thing, it should be
>>> easy to support both using a simple interface:
>>>
>>>  public interface WebConsoleSecurityProvider {
>>>     /** Check if the user with the specified password exists and
>>> return an object identifying the user, else throw an exception */
>>>     public Object authenticate(String username, String password)
>>> throws SecurityException;
>>>     /** Check that the authenticated user has the given role
>>> permission or throw an exception */
>>>     public void authorize(Object user, String role) throws
>>> SecurityException;
>>>  }
>>>
>>> Imho, this should be sufficient to provide authentication and
>>> authorization for the web console and can be easily implemented using
>>> UserAdmin or JAAS.
>> To be honest, UserAdmin already is an interface which abstracts from an
>> implementation, so I don't really see a need to add another interface to
>> abstract from that. Having a JAAS backend for UserAdmin would be nice too
>> since that would be usable in a much broader context.
>>
>> Greetings, Marcel
>>
>>
> 
> 
> 

Mime
View raw message