Instantly share code, notes, and snippets.
Last active
December 13, 2015 20:28
-
Save abbaspour/4969820 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package oes.rmi.client; | |
| import com.bea.security.ssmrmi.services.RMIAuthorizationService; | |
| import com.bea.security.ssmrmi.socket.SocketConfiguration; | |
| import com.bea.security.ssmrmi.socket.SocketFactory; | |
| import com.bea.security.ssmrmi.types.*; | |
| import weblogic.security.principal.WLSGroupImpl; | |
| import weblogic.security.principal.WLSUserImpl; | |
| import weblogic.security.spi.IdentityAssertionException; | |
| import javax.naming.ServiceUnavailableException; | |
| import javax.security.auth.Subject; | |
| import java.rmi.NotBoundException; | |
| import java.rmi.RemoteException; | |
| import java.rmi.registry.LocateRegistry; | |
| import java.rmi.registry.Registry; | |
| import java.security.Principal; | |
| import java.util.HashMap; | |
| import java.util.HashSet; | |
| import java.util.Set; | |
| /** | |
| * User: Amin Abbaspour | |
| * A simple client for Oracle Entitlement Server (OES) RMI SM | |
| */ | |
| public class RmiAuthorizationServiceImpl { | |
| private final RMIAuthorizationService authorizationService; | |
| public RmiAuthorizationServiceImpl(String host, int port) throws RemoteException, NotBoundException, ServiceUnavailableException, InterruptedException { | |
| final Registry registry; | |
| try { | |
| registry= LocateRegistry.getRegistry(host, port); | |
| authorizationService = (RMIAuthorizationService) registry.lookup("ALES_Authorization_Service"); | |
| } catch (RemoteException e) { | |
| throw new ExceptionInInitializerError(e); | |
| } catch (NotBoundException e) { | |
| throw new ExceptionInInitializerError(e); | |
| } | |
| SocketConfiguration socketConfiguration = new SocketConfiguration(); | |
| socketConfiguration.setServerHost(host); | |
| SocketFactory.setConfiguration(socketConfiguration); | |
| } | |
| public RMIAuthenticatedSubject getUnauthenticatedSubject(String username, String... groups) { | |
| final Set<Principal> principals = new HashSet<Principal>(groups.length + 1); | |
| principals.add(new WLSUserImpl(username)); | |
| for(final String group : groups) | |
| principals.add(new WLSGroupImpl(group)); | |
| final Subject subject = new Subject(false, principals, new HashSet<String>(), new HashSet<Object>()); | |
| RMIAuthenticatedSubject authenticatedSubject = new RMIAuthenticatedSubject(); | |
| authenticatedSubject.addSubject(subject); | |
| return authenticatedSubject; | |
| } | |
| public RMIAuthenticatedSubject authenticate(RMIAuthenticatedSubject authenticatedSubject) throws ServiceUnavailableException, RemoteException { | |
| RMIContext rmiContext = new RMIContext(new HashMap()); | |
| RMIAuthenticationResponse response = authorizationService.establishSession(authenticatedSubject, rmiContext); | |
| return response.getSubject(); | |
| } | |
| public String getActionsOnResource(RMIAuthenticatedSubject authenticatedSubject, | |
| String applicationName, String resourceType, String resource, | |
| String actionName, String namingAuthority, HashMap<String, Object> attributes) | |
| throws ServiceUnavailableException, IdentityAssertionException, RemoteException { | |
| RMIRuntimeAction runtimeAction = new RMIRuntimeAction(actionName, namingAuthority); | |
| RMIRuntimeResource runtimeResource = new RMIRuntimeResource(applicationName, resourceType, resource); | |
| RMIRuntimeResourceAction runtimeResourceAction = new RMIRuntimeResourceAction(runtimeResource, runtimeAction); | |
| return authorizationService.queryActionsOnResource(authenticatedSubject, runtimeResourceAction, new RMIContext(attributes)).toString(); | |
| } | |
| public static void main(String[] args) throws RemoteException, NotBoundException, ServiceUnavailableException, InterruptedException { | |
| final String serverAddress = "host-name-where-rmi-sm-server-is-running"; | |
| final int port = 2099; // non-controlled one | |
| RmiAuthorizationServiceImpl authorizationService = new RmiAuthorizationServiceImpl(serverAddress, port); | |
| final HashMap<String, Object> attributes = new HashMap<String, Object>(1); | |
| attributes.put("key", 101); | |
| try { | |
| RMIAuthenticatedSubject unauthenticatedSubject = authorizationService.getUnauthenticatedSubject("username", "group"); | |
| RMIAuthenticatedSubject authenticatedSubject = authorizationService.authenticate(unauthenticatedSubject); | |
| final String actions = authorizationService.getActionsOnResource(authenticatedSubject, | |
| "AppName", "ResourceType", "Resource", "Action", "", attributes); | |
| System.out.println("actions = " + actions); | |
| }catch (Exception e) { | |
| e.printStackTrace(); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment