View Javadoc

1   package org.astrogrid.security;
2   
3   import javax.security.auth.Subject;
4   import org.apache.axis.MessageContext;
5   import org.apache.log4j.Logger;
6   
7   
8   /***
9    * A SecurityGuard specialized for a web service. Objects of
10   * this class are used in the implementation methods of the
11   * service to get access to the credentials acquired and tested
12   * by the handler chain.
13   *
14   * The public, no-argument constructor creates a
15   * ServiceSecurityGuard with no credentials (i.e. with an
16   * empty JAAS subject). This is not very useful. A service
17   * should normal acquire a ServiceSecurityGuard by calling the
18   * static method getInstanceFromContext() which
19   * initializes the guard from the JAX-RPC message context.
20   *
21   * @author Guy Rixon
22   */
23  public class AxisServiceSecurityGuard extends SecurityGuard {
24  
25    static Logger log = Logger.getLogger("org.astrogrid.security.AxisServiceSecurityGuard");
26  
27    /***
28     * Constructs a ServiceSecurityGuard with an empty JAAS subject.
29     */
30    public AxisServiceSecurityGuard () {
31      super();
32    }
33  
34    /***
35     * Constructs a ServiceSecurityGuard with a given JAAS subject.
36     */
37    public AxisServiceSecurityGuard (Subject s) {
38      super(s);
39    }
40  
41    /***
42     * Constructs a ServiceSecurityGuard and sets its credentials
43     * from the message context of the call to the web service.
44     */
45    public static AxisServiceSecurityGuard getInstanceFromContext () {
46      AxisServiceSecurityGuard guard = null;
47  
48      // Get the authentication results from the current message context.
49      // There may be no result: the might not be a message context, or
50      // authentication might not have occured.
51      MessageContext msgContext = MessageContext.getCurrentContext();
52      if (msgContext == null) {
53        log.debug("There is no Axis message context, so principals and credentials cannot be retrieved.");
54      }
55      if (msgContext != null) {
56        guard = (AxisServiceSecurityGuard)(msgContext.getProperty("org.astrogrid.security.guard"));
57      }
58      if (guard == null) {
59        guard = new AxisServiceSecurityGuard();
60      }
61      
62      return guard;
63    }
64  
65  
66    /***
67     * Tests whether the current call to the web service is
68     * anonymous. The call is considered anonymous if there
69     * are no JAAS principals in the JAAS Subject.
70     *
71     * @return true if the call is anonymous
72     */
73    public boolean isAnonymous () {
74      return this.getSubject().getPrincipals().size() == 0;
75    }
76  
77  }
78