Improve Linux and non-Sun JDK (specifically IBM JDK) compatibility.

core/src/main/java/org/acegisecurity/providers/jaas/JaasAuthenticationProvider.java

@@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,7 +15,6 @@
 
 package net.sf.acegisecurity.providers.jaas;
 
-import com.sun.security.auth.login.ConfigFile;
 import net.sf.acegisecurity.AcegiSecurityException;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.AuthenticationException;
@@ -24,26 +23,34 @@ import net.sf.acegisecurity.providers.AuthenticationProvider;
 import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 import net.sf.acegisecurity.providers.jaas.event.JaasAuthenticationFailedEvent;
 import net.sf.acegisecurity.providers.jaas.event.JaasAuthenticationSuccessEvent;
+
 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.InitializingBean;
+
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.ApplicationContextException;
+
 import org.springframework.core.io.Resource;
 
+import org.springframework.util.Assert;
+
+import java.io.IOException;
+
+import java.security.Principal;
+import java.security.Security;
+
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.Configuration;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
-import java.io.IOException;
-import java.security.Principal;
-import java.security.Security;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
 
 
 /**
@@ -71,10 +78,10 @@ import java.util.Set;
  * WebApplicationContext the xml to set the loginConfiguration could be as
  * follows...
  * <pre>
- * &lt;property name="loginConfig"&gt;
+&lt;property name="loginConfig"&gt;
- *  &lt;value&gt;/WEB-INF/login.conf&lt;/value&gt;
+ &lt;value&gt;/WEB-INF/login.conf&lt;/value&gt;
- * &lt;/property&gt;
+&lt;/property&gt;
- * </pre>
+</pre>
  * </p>
  * 
  * <p>
@@ -82,17 +89,17 @@ import java.util.Set;
  * specifed. The loginConfig file used in the JUnit tests appears as the
  * following...
  * <pre>
- * JAASTest {
+JAASTest {
- *   net.sf.acegisecurity.providers.jaas.TestLoginModule required;
+  net.sf.acegisecurity.providers.jaas.TestLoginModule required;
- * };
+};
- * </pre>
+</pre>
  * Using the example login configuration above, the loginContextName property
  * would be set as <i>JAASTest</i>...
  * <pre>
- * &lt;property name="loginContextName"&gt;
+&lt;property name="loginContextName"&gt;
- *  &lt;value&gt;JAASTest&lt;/value&gt;
+ &lt;value&gt;JAASTest&lt;/value&gt;
- * &lt;/property&gt;
+&lt;/property&gt;
- * </pre>
+</pre>
  * </p>
  * 
  * <p>
@@ -113,14 +120,14 @@ import java.util.Set;
  * #setCallbackHandlers(net.sf.acegisecurity.providers.jaas.JaasAuthenticationCallbackHandler[])
  * callbackHandlers} property. }
  * <pre>
- *   &lt;property name="callbackHandlers"&gt;
+  &lt;property name="callbackHandlers"&gt;
- *       &lt;list&gt;
+      &lt;list&gt;
- *           &lt;bean class="net.sf.acegisecurity.providers.jaas.TestCallbackHandler"/&gt;
+          &lt;bean class="net.sf.acegisecurity.providers.jaas.TestCallbackHandler"/&gt;
- *           &lt;bean class="{@link JaasNameCallbackHandler net.sf.acegisecurity.providers.jaas.JaasNameCallbackHandler}"/&gt;
+          &lt;bean class="{@link JaasNameCallbackHandler net.sf.acegisecurity.providers.jaas.JaasNameCallbackHandler}"/&gt;
- *           &lt;bean class="{@link JaasPasswordCallbackHandler net.sf.acegisecurity.providers.jaas.JaasPasswordCallbackHandler}"/&gt;
+          &lt;bean class="{@link JaasPasswordCallbackHandler net.sf.acegisecurity.providers.jaas.JaasPasswordCallbackHandler}"/&gt;
- *       &lt;/list&gt;
+      &lt;/list&gt;
- *   &lt;/property&gt;
+  &lt;/property&gt;
- * </pre>
+</pre>
  * </p>
  * 
  * <p>
@@ -138,13 +145,13 @@ import java.util.Set;
  * <p>
  * AuthorityGranters are configured in spring xml as follows...
  * <pre>
- * &lt;property name="authorityGranters"&gt;
+&lt;property name="authorityGranters"&gt;
- *   &lt;list&gt;
+  &lt;list&gt;
- *       &lt;bean class="net.sf.acegisecurity.providers.jaas.TestAuthorityGranter"/&gt;
+      &lt;bean class="net.sf.acegisecurity.providers.jaas.TestAuthorityGranter"/&gt;
- *   &lt;/list&gt;
+  &lt;/list&gt;
- * &lt;/property&gt;
+&lt;/property&gt;
- * <p/>
+<p/>
- * </pre>
+</pre>
  * </p>
  *
  * @author Ray Krueger
@@ -157,10 +164,10 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
     private ApplicationContext context;
     private LoginExceptionResolver loginExceptionResolver = new DefaultLoginExceptionResolver();
     private Resource loginConfig;
+    private final String SYSPROP = "java.security.auth.login.config";
     private String loginContextName = "ACEGI";
     private AuthorityGranter[] authorityGranters;
     private JaasAuthenticationCallbackHandler[] callbackHandlers;
-    private final String SYSPROP = "java.security.auth.login.config";
 
     //~ Methods ================================================================
 
@@ -174,6 +181,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
      * granted to the Authentication.
      *
      * @param authorityGranters AuthorityGranter array
+     *
      * @see JaasAuthenticationProvider
      */
     public void setAuthorityGranters(AuthorityGranter[] authorityGranters) {
@@ -186,6 +194,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
      * were ever set.
      *
      * @return The AuthorityGranter array, or null
+     *
      * @see #setAuthorityGranters(net.sf.acegisecurity.providers.jaas.AuthorityGranter[])
      */
     public AuthorityGranter[] getAuthorityGranters() {
@@ -198,7 +207,8 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
      *
      * @param callbackHandlers Array of JAASAuthenticationCallbackHandlers
      */
-    public void setCallbackHandlers(JaasAuthenticationCallbackHandler[] callbackHandlers) {
+    public void setCallbackHandlers(
+        JaasAuthenticationCallbackHandler[] callbackHandlers) {
         this.callbackHandlers = callbackHandlers;
     }
 
@@ -207,6 +217,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
      * none are set.
      *
      * @return the JAASAuthenticationCallbackHandlers.
+     *
      * @see #setCallbackHandlers(net.sf.acegisecurity.providers.jaas.JaasAuthenticationCallbackHandler[])
      */
     public JaasAuthenticationCallbackHandler[] getCallbackHandlers() {
@@ -219,6 +230,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
      * @param loginConfig <a
      *        href="http://www.springframework.org/docs/api/org/springframework/core/io/Resource.html">Spring
      *        Resource</a>
+     *
      * @see <a
      *      href="http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/JAASRefGuide.html">JAAS
      *      Reference</a>
@@ -245,7 +257,8 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
         return loginContextName;
     }
 
-    public void setLoginExceptionResolver(LoginExceptionResolver loginExceptionResolver) {
+    public void setLoginExceptionResolver(
+        LoginExceptionResolver loginExceptionResolver) {
         this.loginExceptionResolver = loginExceptionResolver;
     }
 
@@ -260,12 +273,14 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
         }
 
         if ((loginContextName == null) || "".equals(loginContextName)) {
-            throw new ApplicationContextException("loginContextName must be set on " + getClass());
+            throw new ApplicationContextException(
+                "loginContextName must be set on " + getClass());
         }
 
         String loginConfigStr = loginConfig.getURL().toString();
 
-        boolean allowed = "true".equalsIgnoreCase(Security.getProperty("policy.allowSystemProperty"));
+        boolean allowed = "true".equalsIgnoreCase(Security.getProperty(
+                    "policy.allowSystemProperty"));
 
         if (allowed) {
             System.setProperty(SYSPROP, loginConfigStr);
@@ -273,7 +288,8 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
             setPropertyUsingLoop(loginConfigStr);
         }
 
-        Configuration.setConfiguration(new ConfigFile());
+        Assert.notNull(Configuration.getConfiguration(),
+            "As per http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html \"If a Configuration object was set via the Configuration.setConfiguration method, then that object is returned. Otherwise, a default Configuration object is returned\". Your JRE returned null to Configuration.getConfiguration().");
     }
 
     /**
@@ -281,8 +297,10 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
      * and credential
      *
      * @param auth The Authentication object to be authenticated.
+     *
      * @return The authenticated Authentication object, with it's
      *         grantedAuthorities set.
+     *
      * @throws AuthenticationException This implementation does not handle
      *         'locked' or 'disabled' accounts. This method only throws a
      *         AuthenticationServiceException, with the message of the
@@ -329,7 +347,8 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
                 }
 
                 //Convert the authorities set back to an array and apply it to the token.
-                token.setAuthorities((GrantedAuthority[]) authorities.toArray(new GrantedAuthority[authorities.size()]));
+                token.setAuthorities((GrantedAuthority[]) authorities.toArray(
+                        new GrantedAuthority[authorities.size()]));
 
                 //Publish the success event
                 context.publishEvent(new JaasAuthenticationSuccessEvent(token));

doc/xdocs/changes.xml

@@ -47,6 +47,7 @@
       <action dev="benalex" type="add">AuthenticationProcessingFilter now provides hook for extra credentials (eg postcodes)</action>
       <action dev="benalex" type="add">New WebAuthenticationDetails class now used by processing filters for Authentication.setDetails()</action>
       <action dev="benalex" type="update">Significantly refactor "well-known location model" to authentication processing mechanism and HttpSessionContextIntegrationFilter model</action>
+      <action dev="benalex" type="fix">Improve Linux and non-Sun JDK (specifically IBM JDK) compatibility</action>
     </release>
     <release version="0.7.0" date="2005-01-16">
       <action dev="carlossg" type="add">Major CVS repository restructure to support Maven and eliminate libraries</action>