Examples of com.sun.enterprise.common.iiop.security.SecurityContext

• com.sun.enterprise.common.iiop.security.SecurityContext
  A subject is used a container for passing the security context information in the service context field. The security context information in the subject must be stored either as a private or a public credential according to the following convention: PasswordCredential: Client authentication will be performed using the username and password in the PasswordCredential. PasswordCredential must be passed as a PrivateCredential. X500Name: DN name specified in X500Name will be asserted. X500Name must be passed as a PublicCredential. GSSUPName: Identity specified in GSSUPName will be asserted. GSSUPName must be passed as a PublicCredential. X509CertificateCredential: The certificate chain in the credential will be asserted. The credential must be passed as a PublicCredential. AnonCredential: Anonymous identity will be asserted. Credential must be passed as a PublicCredential. Class fields in the SecurityContext are used for credential selection. There are two class fields: authcls and identcls. authcls is a Class object that identifies the credential for client authentication. identcls is a Class object that identifies the credential for identity assertion. The following semantics must be observed: 1. A client authentication token is always passed as a private credential. authcls set to the class of the authentication token 2. An identity token is always passed as a public credential. identcls is set to the class of the identity token. 3. authcls is set to null if there is no client auth token 4. identcls is set to null if there is no ident token 5. There must not be more than one instance of class identified by authcls or identcls. However, there can be one instance of identcls *and* authcls (this allows both a client auth token and an identity token to be passed across the interface).

     * by the CSIv2 interceptor.
     */
    public SecurityContext getSecurityContext(
            org.omg.CORBA.Object effective_target)
            throws InvalidMechanismException, InvalidIdentityTokenException {
        SecurityContext context = null;
        assert(orbHelper != null);
        IOR ior =  ((com.sun.corba.ee.spi.orb.ORB)orbHelper.getORB()).getIOR(effective_target, false);
        if (StubAdapter.isStub(effective_target)) {
            if (StubAdapter.isLocal(effective_target)) {
                // XXX: Workaround for non-null connection object ri for local invocation.

        try {
            // First check if the client sent the credentials
            // as required by the object's CSIv2 policy.
            // evaluateTrust will throw an exception if client did not
            // conform to security policy.
            SecurityContext ssc = sms.evaluateTrust(context, object_id, socket);

            Class cls = null;
            Subject s = null;
            if (ssc == null) {
                return STATUS_PASSED;

    public SecurityContext selectSecurityContext(IOR ior)
        throws InvalidIdentityTokenException,
            InvalidMechanismException, SecurityMechanismException
    {
        SecurityContext context = null;
  ConnectionContext cc = new ConnectionContext();
        //print CSIv2 mechanism definition in IOR
        if (traceIORs()) {
            _logger.info("\nCSIv2 Mechanism List:" +
                    getSecurityMechanismString(ctc,ior));

                        boolean clientAuthOccurred,
                        CompoundSecMech mechanism)
        throws InvalidMechanismException, InvalidIdentityTokenException,
                            SecurityMechanismException {

        SecurityContext ctx = null;
        if(!sslUsed) {
      ctx = propagateIdentity(false, ci, mechanism);
  } else {
      ctx = propagateIdentity(clientAuthOccurred, ci, mechanism);
  }

    private SecurityContext sendUsernameAndPassword(ComponentInvocation ci,
                boolean sslUsed,
                boolean clientAuthOccurred,
                                                    CompoundSecMech mechanism)
                throws SecurityMechanismException {
        SecurityContext ctx = null;
        if(mechanism == null) {
            return null;
        }
        AS_ContextSec asContext = mechanism.as_context_mech;
        if( isSet(asContext.target_requires, EstablishTrustInClient.value)

    private SecurityContext propagateIdentity(boolean clientAuth,
                                              ComponentInvocation ci,
                                              CompoundSecMech mechanism)
        throws InvalidIdentityTokenException, InvalidMechanismException, SecurityMechanismException {

        SecurityContext ctx = null;
        if(mechanism == null) {
            return null;
        }
        AS_ContextSec asContext = mechanism.as_context_mech;
        SAS_ContextSec sasContext = mechanism.sas_context_mech;

                    s = getSubjectFromSecurityCurrent();
                    // TODO check if username/password is available
                    // if not throw exception
                }
            }
            SecurityContext ctx = new SecurityContext();
            final Subject sub = s;
            ctx.subject = s;
            // determining if run-as has been used
            Set privateCredSet =
                AccessController.doPrivileged(new PrivilegedAction<Set>() {

            throws SecurityMechanismException {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "Getting PRINCIPAL/DN from TLS");
        }

        SecurityContext ctx = new SecurityContext();
        final SecurityContext sCtx = ctx;
  // get stuff from the SecurityContext class
        com.sun.enterprise.security.SecurityContext scontext =
            com.sun.enterprise.security.SecurityContext.getCurrent();
        if ((scontext == null) ||
             scontext.didServerGenerateCredentials()){

     * Called by the target to interpret client credentials after validation.
     */
    public SecurityContext evaluateTrust(SecurityContext ctx, byte[] object_id, Socket socket)
        throws SecurityMechanismException
    {
        SecurityContext ssc = null;

        // ssl_used is true if SSL was used.
        boolean ssl_used        = false ;

        // X509 Certificicate chain is non null if client has authenticated at
        // the SSL level.

        X509Certificate[] certChain = null ;

        // First gather all the information and then check the
        // conformance of the client to the security policies.
        // If the test for client conformance passes, then set the
        // security context.
        if ((socket != null) && (socket instanceof SSLSocket)) {
            ssl_used = true; // SSL was used
            // checkif there is a transport principal
            SSLSocket sslSock = (SSLSocket) socket;
            SSLSession sslSession = sslSock.getSession();
            try {
                certChain = (X509Certificate[]) sslSession.getPeerCertificates();
            } catch (Exception e) {
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE, "iiop.cannot_get_peercert", e);
                }
            }
        }


        // For a local invocation - we don't need to check the security
        // policies. The following condition guarantees the call is local
        // and thus bypassing policy checks.

        // XXX: Workaround for non-null connection object ri for local invocation.
        // if (socket == null && ctx == null)
        Long ClientID = ConnectionExecutionContext.readClientThreadID();
        if (ClientID != null && ClientID == Thread.currentThread().getId() && ctx == null)
            return null;

        if ( evaluate_client_conformance(ctx, object_id, ssl_used, certChain)
                                                                     == false) {
            String msg = "Trust evaluation failed because ";
            msg = msg + "client does not conform to configured security policies";
            throw new SecurityMechanismException(msg);
        }

        if ( ctx == null ) {
            if ( socket == null || !ssl_used || certChain == null )  {
                // Transport info is null and security context is null.
                // No need to set the anonymous credential here,
                // it will get set if any security operations
                // (e.g. getCallerPrincipal) are done.
                // Note: if the target object is not an EJB,
                // no security ctx is needed.
                return null;
            }  else {
                // Set the transport principal in subject and
                // return the X500Name class
                ssc = new SecurityContext();
                X500Name x500Name = (X500Name) certChain[0].getSubjectDN();
                ssc.subject = new Subject();
                ssc.subject.getPublicCredentials().add(x500Name);
                ssc.identcls = X500Name.class;
                ssc.authcls = null;

    _logger.log(Level.FINE,"Constructing a PasswordCredential from client authentication token");
        /* create a GSSUPToken from the authentication token */
        GSSUPToken tok  = GSSUPToken.getServerSideInstance(orb, codec, authtok);

        final PasswordCredential pwdcred = tok.getPwdcred();
        final SecurityContext fsc = sc;
      if(_logger.isLoggable(Level.FINE)) {
    _logger.log(Level.FINE,"Password credential = " + pwdcred.toString());
    _logger.log(Level.FINE,"Adding PasswordCredential to subject's PrivateCredentials");
  }
        java.security.AccessController.doPrivileged(new java.security.PrivilegedAction() {