1 /* 2 * Copyright (c) 2007, Fraunhofer-Gesellschaft 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions are 7 * met: 8 * 9 * (1) Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the disclaimer at the end. 11 * Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in 13 * the documentation and/or other materials provided with the 14 * distribution. 15 * 16 * (2) Neither the name of Fraunhofer nor the names of its 17 * contributors may be used to endorse or promote products derived 18 * from this software without specific prior written permission. 19 * 20 * DISCLAIMER 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 * 34 */ 35 package org.ogf.graap.wsag.security.core; 36 37 import java.text.MessageFormat; 38 import java.util.Set; 39 40 import javax.security.auth.login.LoginContext; 41 42 import org.apache.log4j.Logger; 43 import org.apache.ws.security.WSSecurityException; 44 import org.apache.ws.security.components.crypto.Crypto; 45 46 /** 47 * SecurityUtils 48 * 49 * @author Oliver Waeldrich 50 * 51 */ 52 public class SecurityUtils 53 { 54 55 private static final Logger LOG = Logger.getLogger( SecurityUtils.class ); 56 57 /** 58 * Retrieves a Crypto from a JAAS {@link LoginContext}. The crypto is created and populated by the WSAG4J 59 * {@link org.ogf.graap.wsag.security.core.keystore.KeystoreLoginModule}. 60 * 61 * @param context 62 * the login context 63 * 64 * @return the crypto 65 */ 66 public static Crypto getCryptoFromLoginContext( LoginContext context ) 67 { 68 Crypto crypto = null; 69 70 // 71 // load the crypto from the login context 72 // 73 try 74 { 75 Set<Crypto> privateCredentials = context.getSubject().getPrivateCredentials( Crypto.class ); 76 if ( privateCredentials.isEmpty() ) 77 { 78 String message = "Could not load server credentials. No crypto found in login context."; 79 throw new WSSecurityException( message ); 80 } 81 crypto = privateCredentials.iterator().next(); 82 } 83 catch ( Exception e ) 84 { 85 Object[] filler = new Object[] { SecurityUtils.class.getName(), e.getMessage() }; 86 String message = MessageFormat.format( "{0}: Could not process security headers. ({1})", filler ); 87 LOG.error( message ); 88 } 89 90 return crypto; 91 } 92 93 }