/** * This method will load the Fortress Tomcat implementation on a URL classloader. Methods on the * implementation are wrapped by methods on this class and are accessed via the {@code realm} * instance variable of this class. */ private void initialize() { try { URLClassLoader ucl; if (CONTAINER.equalsIgnoreCase(JBOSS_AGENT)) { LOG.info(CLS_NM + ".initialize JBoss policy agent"); URL[] cp = CpUtil.getRealmClasspath(REALM_CLASSPATH); ucl = new ChildFirstUrlClassLoader(cp, this.getClass().getClassLoader()); } else if (CONTAINER.equalsIgnoreCase("TomcatContext")) { LOG.info(CLS_NM + ".initialize Tomcat7 Context-based policy agent"); ucl = new URLClassLoader(new URL[] {}, Thread.currentThread().getContextClassLoader()); } else { LOG.info(CLS_NM + ".initialize Tomcat7 policy agent"); if ((realmClasspath != null) && (realmClasspath.length() > 0)) { ucl = new URLClassLoader( CpUtil.parseRealmClasspath(realmClasspath), this.getClass().getClassLoader()); } else { URL[] cp = CpUtil.getRealmClasspath(REALM_CLASSPATH); ucl = new URLClassLoader(cp, this.getClass().getClassLoader()); } } LOG.info(CLS_NM + ".initialize - instantiate policy agent name: " + REALM_IMPL); Class<?> sc = ucl.loadClass(REALM_IMPL); realm = (TcAccessMgr) sc.newInstance(); realm.setDefaultRoles(defaultRoles); realm.setContextId(contextId); LOG.info( CLS_NM + " J2EE Tomcat7 policy agent, contextId: " + contextId + ", defaultRoles: " + defaultRoles); } catch (ClassNotFoundException e) { String error = CLS_NM + ".initialize caught java.lang.ClassNotFoundException=" + e.toString(); LOG.severe(error); throw new RuntimeException(error, e); } catch (InstantiationException ie) { String error = CLS_NM + ".initialize caught java.lang.InstantiationException=" + ie.toString(); LOG.severe(error); throw new RuntimeException(error, ie); } catch (IllegalAccessException iae) { String error = CLS_NM + ".initialize caught java.lang.IllegalAccessException=" + iae.toString(); LOG.severe(error); throw new RuntimeException(error, iae); } }
/** * Determine if given Role is contained within User's Tomcat Principal object. This method does * not need to hit the ldap server as the User's activated Roles are loaded into {@link * org.apache.directory.fortress.realm.TcPrincipal#setContext(java.util.HashMap)} * * @param principal Contains User's Tomcat RBAC Session data that includes activated Roles. * @param role Maps to {@code org.apache.directory.fortress.core.model.Role#name}. * @return True if Role is found in TcPrincipal, false otherwise. */ @Override public boolean hasRole(Wrapper wrapper, Principal principal, String role) { if (realm == null) { throw new IllegalArgumentException( CLS_NM + "authenticate detected Fortress Tomcat7 Realm not initialized correctly. Check your Fortress Realm configuration"); } return realm.hasRole(principal, role); }
/** * Perform user authentication and evaluate password policies. * * @param userId Contains the userid of the user signing on. * @param password Contains the user's password. * @return Principal whic * This method will load the Fortress Tomcat implementation on a URL * classloader. Methods on the implementation are wrapped by methods on this class and are * accessed via the {@code realm} instance variable of this class. */ @Override public Principal authenticate(String userId, String password) { if (realm == null) { throw new IllegalArgumentException( CLS_NM + "authenticate detected Fortress Tomcat7 Realm not initialized correctly. Check your Fortress Realm configuration"); } return realm.authenticate(userId, password); }