karaf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gno...@apache.org
Subject git commit: [KARAF-2636] Improve security mechanism
Date Wed, 18 Dec 2013 15:51:41 GMT
Updated Branches:
  refs/heads/master 209aab280 -> 96b36a6b5


[KARAF-2636] Improve security mechanism


Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/96b36a6b
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/96b36a6b
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/96b36a6b

Branch: refs/heads/master
Commit: 96b36a6b5e8a93bb9c0ed908cec4078c9941ff7c
Parents: 209aab2
Author: Guillaume Nodet <gnodet@gmail.com>
Authored: Wed Dec 18 16:50:50 2013 +0100
Committer: Guillaume Nodet <gnodet@gmail.com>
Committed: Wed Dec 18 16:50:58 2013 +0100

----------------------------------------------------------------------
 .../src/main/resources/resources/etc/all.policy |  22 +++
 .../resources/resources/etc/system.properties   |  10 ++
 .../standard/src/main/feature/feature.xml       |   4 +
 .../apache/karaf/jaas/modules/JaasHelper.java   | 137 +++++++++++++++++++
 pom.xml                                         |   6 +
 .../impl/jline/ConsoleFactoryService.java       |   9 +-
 .../apache/karaf/shell/ssh/ShellCommand.java    |   9 +-
 webconsole/console/pom.xml                      |   5 +
 .../webconsole/internal/KarafOsgiManager.java   |  12 +-
 9 files changed, 210 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/assemblies/features/framework/src/main/resources/resources/etc/all.policy
----------------------------------------------------------------------
diff --git a/assemblies/features/framework/src/main/resources/resources/etc/all.policy b/assemblies/features/framework/src/main/resources/resources/etc/all.policy
new file mode 100644
index 0000000..7585f22
--- /dev/null
+++ b/assemblies/features/framework/src/main/resources/resources/etc/all.policy
@@ -0,0 +1,22 @@
+//===========================================================================
+//
+//   Licensed to the Apache Software Foundation (ASF) under one or more
+//   contributor license agreements.  See the NOTICE file distributed with
+//   this work for additional information regarding copyright ownership.
+//   The ASF licenses this file to You under the Apache License, Version 2.0
+//   (the "License"); you may not use this file except in compliance with
+//   the License.  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+//
+//===========================================================================
+
+grant {
+   permission java.security.AllPermission;
+};

http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/assemblies/features/framework/src/main/resources/resources/etc/system.properties
----------------------------------------------------------------------
diff --git a/assemblies/features/framework/src/main/resources/resources/etc/system.properties
b/assemblies/features/framework/src/main/resources/resources/etc/system.properties
index 2ad2002..b1ee30e 100644
--- a/assemblies/features/framework/src/main/resources/resources/etc/system.properties
+++ b/assemblies/features/framework/src/main/resources/resources/etc/system.properties
@@ -108,3 +108,13 @@ org.apache.aries.proxy.weaving.disabled = org.objectweb.asm.*,org.slf4j.*,org.ap
 # secured by expanding this filter
 #
 karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
+
+#
+# Security properties
+#
+# To enable OSGi security, uncomment the properties below,
+# install the framework-security feature and restart.
+#
+#java.security.policy=${karaf.home}/etc/all.policy
+#org.osgi.framework.security=osgi
+#org.osgi.framework.trust.repositories=${karaf.home}/etc/trustStore.ks

http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/assemblies/features/standard/src/main/feature/feature.xml
----------------------------------------------------------------------
diff --git a/assemblies/features/standard/src/main/feature/feature.xml b/assemblies/features/standard/src/main/feature/feature.xml
index 9ea23ab..d9e22a7 100644
--- a/assemblies/features/standard/src/main/feature/feature.xml
+++ b/assemblies/features/standard/src/main/feature/feature.xml
@@ -20,6 +20,10 @@
 	xsi:schemaLocation="http://karaf.apache.org/xmlns/features/v1.2.0 http://karaf.apache.org/xmlns/features/v1.2.0">
 	<repository>mvn:org.ops4j.pax.web/pax-web-features/${pax.web.version}/xml/features</repository>
 
+    <feature version="${project.version}" description="OSGi Security for Karaf" name="framework-security">
+        <bundle start="false" start-level="1">mvn:org.apache.felix/org.apache.felix.framework.security/${felix.framework.security.version}</bundle>
+    </feature>
+
     <feature name="standard" description="Karaf standard feature" version="${project.version}">
         <bundle start-level="30">mvn:org.apache.felix/org.apache.felix.gogo.runtime/${felix.gogo.version}</bundle>
         <bundle start-level="30">mvn:org.apache.karaf.shell/org.apache.karaf.shell.console/${project.version}</bundle>

http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/JaasHelper.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/JaasHelper.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/JaasHelper.java
new file mode 100644
index 0000000..111df95
--- /dev/null
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/JaasHelper.java
@@ -0,0 +1,137 @@
+/*
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *  under the License.
+ */
+package org.apache.karaf.jaas.modules;
+
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.Permission;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import java.security.ProtectionDomain;
+import javax.security.auth.Subject;
+import javax.security.auth.SubjectDomainCombiner;
+
+public class JaasHelper {
+
+    public static <T> T doAs(final Subject subject,
+                             final PrivilegedAction<T> action) {
+        if (action == null) {
+            throw new NullPointerException();
+        }
+        // set up the new Subject-based AccessControlContext for doPrivileged
+        final AccessControlContext currentAcc = AccessController.getContext();
+        final AccessControlContext newAcc = AccessController.doPrivileged
+                (new PrivilegedAction<AccessControlContext>() {
+                    public AccessControlContext run() {
+                        if (subject == null)
+                            return new AccessControlContext(currentAcc, null);
+                        else
+                            return new AccessControlContext(currentAcc, new OsgiSubjectDomainCombiner(subject));
+                    }
+                });
+        // call doPrivileged and push this new context on the stack
+        return AccessController.doPrivileged(action, newAcc);
+    }
+
+    public static <T> T doAs(final Subject subject,
+                             final PrivilegedExceptionAction<T> action) throws PrivilegedActionException
{
+        if (action == null) {
+            throw new NullPointerException();
+        }
+        // set up the new Subject-based AccessControlContext for doPrivileged
+        final AccessControlContext currentAcc = AccessController.getContext();
+        final AccessControlContext newAcc = AccessController.doPrivileged
+                (new PrivilegedAction<AccessControlContext>() {
+                    public AccessControlContext run() {
+                        if (subject == null)
+                            return new AccessControlContext(currentAcc, null);
+                        else
+                            return new AccessControlContext(currentAcc, new OsgiSubjectDomainCombiner(subject));
+                    }
+                });
+        // call doPrivileged and push this new context on the stack
+        return AccessController.doPrivileged(action, newAcc);
+    }
+
+    public static class OsgiSubjectDomainCombiner extends SubjectDomainCombiner {
+
+        private final Subject subject;
+
+        public OsgiSubjectDomainCombiner(Subject subject) {
+            super(subject);
+            this.subject = subject;
+        }
+
+        public ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
+                                          ProtectionDomain[] assignedDomains) {
+            int cLen = (currentDomains == null ? 0 : currentDomains.length);
+            int aLen = (assignedDomains == null ? 0 : assignedDomains.length);
+            ProtectionDomain[] newDomains = new ProtectionDomain[cLen + aLen];
+            Principal[] principals = subject.getPrincipals().toArray(new Principal[0]);
+            for (int i = 0; i < cLen; i++) {
+                newDomains[i] = new DelegatingProtectionDomain(currentDomains[i], principals);
+            }
+            for (int i = 0; i < aLen; i++) {
+                newDomains[cLen + i] = assignedDomains[i];
+            }
+            newDomains = optimize(newDomains);
+            return newDomains;
+        }
+
+        private ProtectionDomain[] optimize(ProtectionDomain[] domains) {
+            if (domains == null || domains.length == 0) {
+                return null;
+            }
+            ProtectionDomain[] optimized = new ProtectionDomain[domains.length];
+            ProtectionDomain pd;
+            int num = 0;
+            for (int i = 0; i < domains.length; i++) {
+                if ((pd = domains[i]) != null) {
+                    boolean found = false;
+                    for (int j = 0; j < num && !found; j++) {
+                        found = (optimized[j] == pd);
+                    }
+                    if (!found) {
+                        optimized[num++] = pd;
+                    }
+                }
+            }
+            if (num > 0 && num < domains.length) {
+                ProtectionDomain[] downSize = new ProtectionDomain[num];
+                System.arraycopy(optimized, 0, downSize, 0, downSize.length);
+                optimized = downSize;
+            }
+            return ((num == 0 || optimized.length == 0) ? null : optimized);
+        }
+    }
+
+    public static class DelegatingProtectionDomain extends ProtectionDomain {
+
+        private final ProtectionDomain delegate;
+
+        DelegatingProtectionDomain(ProtectionDomain delegate, Principal[] principals) {
+            super(delegate.getCodeSource(), delegate.getPermissions(), delegate.getClassLoader(),
principals);
+            this.delegate = delegate;
+        }
+
+        @Override
+        public boolean implies(Permission permission) {
+            return delegate.implies(permission);
+        }
+
+    }
+}

http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 298500a..8c5c82c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -152,6 +152,7 @@
         <felix.configadmin.version>1.6.0</felix.configadmin.version>
         <felix.fileinstall.version>3.2.6</felix.fileinstall.version>
         <felix.framework.version>4.2.1</felix.framework.version>
+        <felix.framework.security.version>2.2.0</felix.framework.security.version>
         <felix.gogo.version>0.10.0</felix.gogo.version>
         <felix.plugin.version>2.4.0</felix.plugin.version>
         <felix.utils.version>1.4.0</felix.utils.version>
@@ -819,6 +820,11 @@
             </dependency>
             <dependency>
                 <groupId>org.apache.felix</groupId>
+                <artifactId>org.apache.felix.framework.security</artifactId>
+                <version>${felix.framework.security.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.felix</groupId>
                 <artifactId>org.osgi.service.obr</artifactId>
                 <version>${felix.obr.version}</version>
             </dependency>

http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/shell/console/src/main/java/org/apache/karaf/shell/console/impl/jline/ConsoleFactoryService.java
----------------------------------------------------------------------
diff --git a/shell/console/src/main/java/org/apache/karaf/shell/console/impl/jline/ConsoleFactoryService.java
b/shell/console/src/main/java/org/apache/karaf/shell/console/impl/jline/ConsoleFactoryService.java
index cdd9453..4c2c90b 100644
--- a/shell/console/src/main/java/org/apache/karaf/shell/console/impl/jline/ConsoleFactoryService.java
+++ b/shell/console/src/main/java/org/apache/karaf/shell/console/impl/jline/ConsoleFactoryService.java
@@ -34,12 +34,19 @@ import org.apache.felix.service.command.CommandSession;
 import org.apache.felix.service.command.Function;
 import org.apache.felix.service.threadio.ThreadIO;
 import org.apache.karaf.jaas.boot.principal.UserPrincipal;
+import org.apache.karaf.jaas.modules.JaasHelper;
 import org.apache.karaf.shell.console.Console;
 import org.apache.karaf.shell.console.ConsoleFactory;
 import org.osgi.framework.BundleContext;
 
 public class ConsoleFactoryService implements ConsoleFactory {
 
+    private static final Class[] SECURITY_BUGFIX = {
+            JaasHelper.class,
+            JaasHelper.OsgiSubjectDomainCombiner.class,
+            JaasHelper.DelegatingProtectionDomain.class,
+    };
+
     private final BundleContext bundleContext;
 
     public ConsoleFactoryService(BundleContext bc) {
@@ -97,7 +104,7 @@ public class ConsoleFactoryService implements ConsoleFactory {
                 if (subject != null) {
                     CommandSession session = console.getSession();
                     session.put("USER", userName);
-                    Subject.doAs(subject, new PrivilegedAction<Object>() {
+                    JaasHelper.doAs(subject, new PrivilegedAction<Object>() {
                         public Object run() {
                             doRun();
                             return null;

http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java
----------------------------------------------------------------------
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java
index 9b68691..a825f07 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java
@@ -28,6 +28,7 @@ import javax.security.auth.Subject;
 import org.apache.felix.service.command.CommandProcessor;
 import org.apache.felix.service.command.CommandSession;
 import org.apache.felix.service.command.Converter;
+import org.apache.karaf.jaas.modules.JaasHelper;
 import org.apache.karaf.shell.util.ShellUtil;
 import org.apache.karaf.util.StreamUtils;
 import org.apache.sshd.server.Command;
@@ -44,6 +45,12 @@ public class ShellCommand implements Command, SessionAware {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(ShellCommand.class);
 
+    private static final Class[] SECURITY_BUGFIX = {
+                    JaasHelper.class,
+                    JaasHelper.OsgiSubjectDomainCombiner.class,
+                    JaasHelper.DelegatingProtectionDomain.class,
+            };
+
     private String command;
     private InputStream in;
     private OutputStream out;
@@ -92,7 +99,7 @@ public class ShellCommand implements Command, SessionAware {
                     try {
                         String scriptFileName = System.getProperty(SHELL_INIT_SCRIPT);
                         executeScript(scriptFileName, session);
-                        result = Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
{
+                        result = JaasHelper.doAs(subject, new PrivilegedExceptionAction<Object>()
{
                             public Object run() throws Exception {
                                 return session.execute(command);
                             }

http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/webconsole/console/pom.xml
----------------------------------------------------------------------
diff --git a/webconsole/console/pom.xml b/webconsole/console/pom.xml
index 08b1560..edf10d9 100644
--- a/webconsole/console/pom.xml
+++ b/webconsole/console/pom.xml
@@ -57,6 +57,11 @@
             <scope>provided</scope>
         </dependency>
         <dependency>
+            <groupId>org.apache.karaf.jaas</groupId>
+            <artifactId>org.apache.karaf.jaas.modules</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
             <scope>provided</scope>

http://git-wip-us.apache.org/repos/asf/karaf/blob/96b36a6b/webconsole/console/src/main/java/org/apache/felix/webconsole/internal/KarafOsgiManager.java
----------------------------------------------------------------------
diff --git a/webconsole/console/src/main/java/org/apache/felix/webconsole/internal/KarafOsgiManager.java
b/webconsole/console/src/main/java/org/apache/felix/webconsole/internal/KarafOsgiManager.java
index c7aef84..2275c41 100644
--- a/webconsole/console/src/main/java/org/apache/felix/webconsole/internal/KarafOsgiManager.java
+++ b/webconsole/console/src/main/java/org/apache/felix/webconsole/internal/KarafOsgiManager.java
@@ -27,11 +27,19 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
 import org.apache.felix.webconsole.internal.servlet.OsgiManager;
+import org.apache.karaf.jaas.modules.JaasHelper;
 import org.osgi.framework.BundleContext;
 
 public class KarafOsgiManager extends OsgiManager {
 	private static final long serialVersionUID = 1090035807469459598L;
-	public static final String SUBJECT_RUN_AS = "karaf.subject.runas";
+
+    private static final Class[] SECURITY_BUGFIX = {
+            JaasHelper.class,
+            JaasHelper.OsgiSubjectDomainCombiner.class,
+            JaasHelper.DelegatingProtectionDomain.class,
+    };
+
+    public static final String SUBJECT_RUN_AS = "karaf.subject.runas";
 
     public KarafOsgiManager(BundleContext bundleContext) {
         super(bundleContext);
@@ -42,7 +50,7 @@ public class KarafOsgiManager extends OsgiManager {
         Object obj = req.getAttribute(SUBJECT_RUN_AS);
         if (obj instanceof Subject) {
             try {
-                Subject.doAs((Subject) obj, new PrivilegedExceptionAction<Object>()
{
+                JaasHelper.doAs((Subject) obj, new PrivilegedExceptionAction<Object>()
{
                     public Object run() throws Exception {
                         doService(req, res);
                         return null;


Mime
View raw message