Skip to content

Commit

Permalink
The appclient.security module converted to System.Logger
Browse files Browse the repository at this point in the history 
- Removed dependency on property files in other modules
- Added some generics
- Improved exception reporting

Signed-off-by: David Matějček <david.matejcek@omnifish.ee>
  • Loading branch information
@dmatej
dmatej committed Jul 21, 2023
1 parent 6ca5059 commit 35dc4b3
Show file tree
Hide file tree
Showing 7 changed files with 127 additions and 155 deletions.
54 changes: 25 additions & 29 deletions ...curity/src/main/java/com/sun/enterprise/security/appclient/AppClientSecurityInfoImpl.java
View file
@@ -1,4 +1,5 @@
/*
* Copyright (c) 2023 Contributors to the Eclipse Foundation
* Copyright (c) 1997, 2018 Oracle and/or its affiliates. All rights reserved.
*
* This program and the accompanying materials are made available under the
Expand All @@ -16,7 +17,6 @@

package com.sun.enterprise.security.appclient;

import com.sun.enterprise.security.ee.J2EESecurityManager;
import com.sun.enterprise.security.SecurityServicesUtil;
import com.sun.enterprise.security.UsernamePasswordStore;
import com.sun.enterprise.security.appclient.integration.AppClientSecurityInfo;
Expand All @@ -25,23 +25,29 @@
import com.sun.enterprise.security.common.ClientSecurityContext;
import com.sun.enterprise.security.common.SecurityConstants;
import com.sun.enterprise.security.common.Util;
import com.sun.enterprise.security.jmac.config.GFAuthConfigFactory;
import com.sun.enterprise.security.ee.J2EESecurityManager;
import com.sun.enterprise.security.integration.AppClientSSL;
import com.sun.enterprise.security.jmac.config.GFAuthConfigFactory;
import com.sun.enterprise.security.ssl.SSLUtils;
import com.sun.logging.LogDomains;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

import jakarta.inject.Inject;

import java.lang.System.Logger;
import java.lang.System.Logger.Level;
import java.util.List;

import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import jakarta.security.auth.message.config.AuthConfigFactory;

import org.glassfish.appclient.client.acc.config.MessageSecurityConfig;
import org.glassfish.appclient.client.acc.config.Security;
import org.glassfish.appclient.client.acc.config.Ssl;
import org.glassfish.appclient.client.acc.config.TargetServer;
import org.jvnet.hk2.annotations.Service;
import org.glassfish.enterprise.iiop.api.IIOPSSLUtil;
import org.jvnet.hk2.annotations.Service;

import static jakarta.security.auth.message.config.AuthConfigFactory.DEFAULT_FACTORY_SECURITY_PROPERTY;

/**
*
Expand All @@ -50,10 +56,7 @@
@Service
public class AppClientSecurityInfoImpl implements AppClientSecurityInfo {

private static Logger _logger=null;
static {
_logger=LogDomains.getLogger(AppClientSecurityInfoImpl.class, LogDomains.SECURITY_LOGGER);
}
private static final Logger LOG = System.getLogger(AppClientSecurityInfoImpl.class.getName());

private static final String DEFAULT_PARSER_CLASS = "com.sun.enterprise.security.appclient.ConfigXMLParser";

Expand Down Expand Up @@ -98,13 +101,7 @@ public void initializeSecurity(
J2EESecurityManager mgr = new J2EESecurityManager();
System.setSecurityManager(mgr);
}
if (_logger.isLoggable(Level.FINE)) {
if (secMgr != null) {
_logger.fine("acc.secmgron");
} else {
_logger.fine("acc.secmgroff");
}
}
LOG.log(Level.DEBUG, "SEC9002: ACC: Security Manager is {0}", secMgr);

//set the parser to ConfigXMLParser
System.setProperty("config.parser", DEFAULT_PARSER_CLASS);
Expand All @@ -113,18 +110,17 @@ public void initializeSecurity(
/* setup jsr 196 factory
* define default factory if it is not already defined
*/
String defaultFactory = java.security.Security.getProperty
(AuthConfigFactory.DEFAULT_FACTORY_SECURITY_PROPERTY);
_logger.fine("AuthConfigFactory obtained from java.security.Security.getProperty(\"authconfigprovider.factory\") :"
+ ((defaultFactory != null) ? defaultFactory : "NULL"));
String defaultFactory = java.security.Security.getProperty(DEFAULT_FACTORY_SECURITY_PROPERTY);
LOG.log(Level.DEBUG,
"AuthConfigFactory obtained from java.security.Security.getProperty(\"authconfigprovider.factory\"): {0}",
defaultFactory);
if (defaultFactory == null) {
java.security.Security.setProperty
(AuthConfigFactory.DEFAULT_FACTORY_SECURITY_PROPERTY,
GFAuthConfigFactory.class.getName());
java.security.Security.setProperty(DEFAULT_FACTORY_SECURITY_PROPERTY,
GFAuthConfigFactory.class.getName());
}

} catch (Exception e) {
_logger.log(Level.WARNING, "main.jmac_default_factory");
LOG.log(Level.WARNING, "SEC9001: ACC: Error in initializing JSR 196 Default Factory", e);
}

//TODO:V3 LoginContextDriver has a static variable dependency on AuditManager
Expand Down Expand Up @@ -189,13 +185,13 @@ private void setSSLData(List<TargetServer> tServers) {
// first one will be used.
Security security = tServer.getSecurity();
if (security == null) {
_logger.fine("No Security input set in ClientContainer.xml");
LOG.log(Level.DEBUG, "No Security input set in ClientContainer.xml");
// do nothing
return;
}
Ssl ssl = security.getSsl();
if (ssl == null) {
_logger.fine("No SSL input set in ClientContainer.xml");
LOG.log(Level.DEBUG, "No SSL input set in ClientContainer.xml");
// do nothing
return;

Expand All @@ -205,7 +201,7 @@ private void setSSLData(List<TargetServer> tServers) {
sslUtils.setAppclientSsl(convert(ssl));
this.appClientSSLUtil.setAppClientSSL(convert(ssl));
} catch (Exception ex) {

LOG.log(Level.ERROR, "setSSLData failed.", ex);
}
}

Expand Down
51 changes: 21 additions & 30 deletions .../src/main/java/com/sun/enterprise/security/appclient/AppclientIIOPInterceptorFactory.java
View file
@@ -1,4 +1,5 @@
/*
* Copyright (c) 2023 Contributors to the Eclipse Foundation
* Copyright (c) 1997, 2018 Oracle and/or its affiliates. All rights reserved.
*
* This program and the accompanying materials are made available under the
Expand All @@ -18,88 +19,78 @@

import com.sun.enterprise.iiop.security.AlternateSecurityInterceptorFactory;
import com.sun.enterprise.iiop.security.SecClientRequestInterceptor;
import com.sun.logging.LogDomains;
import java.util.logging.Level;
import java.util.logging.Logger;

import org.glassfish.api.admin.ProcessEnvironment;

import org.glassfish.enterprise.iiop.api.IIOPInterceptorFactory;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;

import java.lang.System.Logger;
import java.lang.System.Logger.Level;

import org.glassfish.api.admin.ProcessEnvironment;
import org.glassfish.enterprise.iiop.api.IIOPInterceptorFactory;
import org.jvnet.hk2.annotations.Service;
import jakarta.inject.Singleton;

import org.omg.IOP.Codec;
import org.omg.PortableInterceptor.ClientRequestInterceptor;
import org.omg.PortableInterceptor.ORBInitInfo;
import org.omg.PortableInterceptor.ServerRequestInterceptor;

import jakarta.inject.Inject;
import static com.sun.enterprise.iiop.security.AlternateSecurityInterceptorFactory.SEC_INTEROP_INTFACTORY_PROP;

/**
*
* @author Kumar
*/
@Service(name="ClientSecurityInterceptorFactory")
@Singleton
public class AppclientIIOPInterceptorFactory implements IIOPInterceptorFactory {

private static Logger _logger = null;
final String interceptorFactory =
System.getProperty(AlternateSecurityInterceptorFactory.SEC_INTEROP_INTFACTORY_PROP);
private static final Logger LOG = System.getLogger(AppclientIIOPInterceptorFactory.class.getName());

private static final String FACTORY = System.getProperty(SEC_INTEROP_INTFACTORY_PROP);

static {
_logger = LogDomains.getLogger(AppclientIIOPInterceptorFactory.class, LogDomains.SECURITY_LOGGER);
}
private ClientRequestInterceptor creq;
@Inject
private ProcessEnvironment penv;

private AlternateSecurityInterceptorFactory altSecFactory;

// are we supposed to add the interceptor and then return or just return an instance ?.
@Override
public ClientRequestInterceptor createClientRequestInterceptor(ORBInitInfo info, Codec codec) {
if (penv.getProcessType().isServer()) {
return null;
}
if (altSecFactory != null ||
(interceptorFactory != null && createAlternateSecurityInterceptorFactory())) {
(FACTORY != null && createAlternateSecurityInterceptorFactory())) {
return altSecFactory.getClientRequestInterceptor(codec);
}
ClientRequestInterceptor ret = getClientInterceptorInstance(codec);
return ret;
}

@Override
public ServerRequestInterceptor createServerRequestInterceptor(ORBInitInfo info, Codec codec) {
return null;
}

private synchronized boolean createAlternateSecurityInterceptorFactory() {
try {
Class clazz = Thread.currentThread().getContextClassLoader().loadClass(interceptorFactory);
Class<?> clazz = Thread.currentThread().getContextClassLoader().loadClass(FACTORY);
if (AlternateSecurityInterceptorFactory.class.isAssignableFrom(clazz) &&
!clazz.isInterface()) {
altSecFactory = (AlternateSecurityInterceptorFactory) clazz.newInstance();
altSecFactory = (AlternateSecurityInterceptorFactory) clazz.getDeclaredConstructor().newInstance();
return true;
} else {
_logger.log(Level.INFO, "Not a valid factory class: " + interceptorFactory +
". Must implement " + AlternateSecurityInterceptorFactory.class.getName());
}
} catch (ClassNotFoundException ex) {
_logger.log(Level.INFO, "Interceptor Factory class " + interceptorFactory + " not loaded: ", ex);
} catch (InstantiationException ex) {
_logger.log(Level.INFO, "Interceptor Factory class " + interceptorFactory + " not loaded: ", ex);
} catch (IllegalAccessException ex) {
_logger.log(Level.INFO, "Interceptor Factory class " + interceptorFactory + " not loaded: ", ex);
LOG.log(Level.ERROR, "Not a valid factory class: {0}. Must implement {1}", FACTORY,
AlternateSecurityInterceptorFactory.class);
} catch (ReflectiveOperationException ex) {
LOG.log(Level.ERROR, "Interceptor Factory class " + FACTORY + " not loaded: ", ex);
}
return false;
}

private synchronized ClientRequestInterceptor getClientInterceptorInstance(Codec codec) {
if (creq == null) {
creq = new SecClientRequestInterceptor(
"SecClientRequestInterceptor", codec);
creq = new SecClientRequestInterceptor("SecClientRequestInterceptor", codec);
}
return creq;
}
Expand Down

0 comments on commit 35dc4b3

Please sign in to comment.