WebSphere Application Server for i5/OS, Version 6.1   
             オペレーティング・システム: i5/OS

             目次と検索結果のパーソナライズ化

例: com.ibm.wsspi.security.token.AuthorizationToken インプリメンテーション

このファイルを使用して、AuthorizationToken インプリメンテーションの例を示します。 以下のサンプル・コードは抽象クラスを拡張しませんが 、com.ibm.wsspi.security.token.AuthorizationToken インターフェースを直接インプリメントします。この インターフェースは直接インプリメントすることが可能ですが、重複するコードが書き込まれる可能性があります。 ただし、各種のトークン・インプリメンテーションによって処理方法が大きく異なる場合は、 インターフェースを直接インプリメントするとよいでしょう。

カスタム AuthorizationToken のインプリメント方法について詳しくは 、カスタム許可トークンのインプリメント を参照してください。

package com.ibm.websphere.security.token;

import com.ibm.websphere.security.WSSecurityException;
import com.ibm.websphere.security.auth.WSLoginFailedException;
import com.ibm.wsspi.security.token.*;
import com.ibm.websphere.security.WebSphereRuntimePermission;
import java.io.ByteArrayOutputStream;
import java.io.ByteArrayInputStream;
import java.io.DataOutputStream;
import java.io.DataInputStream;
import java.io.ObjectOutputStream;
import java.io.ObjectInputStream;
import java.io.OutputStream;
import java.io.InputStream;
import java.util.ArrayList;

public class CustomAuthorizationTokenImpl implements com.ibm.wsspi.security.token.AuthorizationToken
{
	private java.util.Hashtable hashtable = new java.util.Hashtable();
	private byte[] tokenBytes = null;
	private static long expire_period_in_millis = 2*60*60*1000; 
  // 2 hours in millis, by default
    
/**
 * Constructor used to create initial AuthorizationToken instance
 */

	public CustomAuthorizationTokenImpl (String principal)
	{
		// Sets the principal in the token
		addAttribute("principal", principal);
		// Sets the token version
		addAttribute("version", "1");
		// Sets the token expiration
		addAttribute("expiration", new Long(System.currentTimeMillis() + 
        expire_period_in_millis).toString());
	}

/**
 * Constructor used to deserialize the token bytes received during a 
 * propagation login.
 */
	public CustomAuthorizationTokenImpl (byte[] token_bytes)
	{
		try {
			hashtable = (java.util.Hashtable) com.ibm.wsspi.security.token.
           WSOpaqueTokenHelper.deserialize(token_bytes);
		}
catch (Exception e)
		{
e.printStackTrace();
		}
	}

/**
 * Validates the token including expiration, signature, and so on.
 * @return boolean
 */

	public boolean isValid ()
	{
		long expiration = getExpiration();

		// if you set the expiration to 0, it does not expire
		if (expiration != 0)
		{
			// return if this token is still valid
			long current_time = System.currentTimeMillis();
			
			boolean valid = ((current_time < expiration) ? true : false);
			System.out.println("isValid: returning " + valid);
			return valid;
		}
		else
		{
			System.out.println("isValid: returning true by default");
return true;
		}
	}

/**
 * Gets the expiration as a long.
 * @return long
 */
	public long getExpiration()
	{
		// Gets the expiration value from the hashtable
		String[] expiration = getAttributes("expiration");

		if (expiration != null && expiration[0] != null)
		{
			// The expiration is the first element. There should be only one expiration.
			System.out.println("getExpiration: returning " + expiration[0]);
			return new Long(expiration[0]).longValue();
		}

		System.out.println("getExpiration: returning 0");
return 0;
	}

/**
 * Returns if this token should be forwarded/propagated downstream.
 * @return boolean
 */
	public boolean isForwardable()
	{
		// You can choose whether your token gets propagated. In some cases, 
     // you might want it to be local only.
return true;
	}

/**
 * Gets the principal that this Token belongs to. If this is an authorization token,
 * this principal string must match the authentication token principal string or the
 * message will be rejected.
 * @return String
 */
	public String getPrincipal()
	{
		// this might be any combination of attributes
		String[] principal = getAttributes("principal");

		if (principal != null && principal[0] != null)
		{
			return principal[0];
		}

		System.out.println("getExpiration: returning null");
         return null;
	}

/**
 * Returns a unique identifier of the token based upon the information that provider
 * considers makes this a unique token.  This will be used for caching purposes
 * and might be used in combination with other token unique IDs that are part of
 * the same Subject.
 *
 * This method should return null if you want the accessID of the user to represent
 * uniqueness.  This is the typical scenario.
 *
 * @return String
 */
	public String getUniqueID()
	{
		// if you don't want to affect the cache lookup, just return NULL here.
		// return null;

		String cacheKeyForThisToken = "dynamic attributes";

		// if you do want to affect the cache lookup, return a string of 
     // attributes that you want factored into the lookup.
		return cacheKeyForThisToken;
	}

/**
 * Gets the bytes to be sent across the wire.  The information in the byte[]
 * needs to be enough to recreate the Token object at the target server.
 * @return byte[]
 */
	public byte[] getBytes ()
	{
		if (hashtable != null)
		{
			try {
				// Do this if the object is set to read-only during login commit,
				// because this makes sure that no new data gets set.
				if (isReadOnly() && tokenBytes == null)
					tokenBytes = com.ibm.wsspi.security.token.WSOpaqueTokenHelper.
                serialize(hashtable);

			  // You can deserialize this in the downstream login module using 
          // WSOpaqueTokenHelper.deserialize()
				return tokenBytes;
			}
catch (Exception e)
			{
e.printStackTrace();
         return null;
			}
		}

		System.out.println("getBytes: returning null");
         return null;
	}

/**
 * Gets the name of the token used to identify the byte[] in the protocol message.
 * @return String
 */
	public String getName()
	{
		return this.getClass().getName();
	}

/**
 * Gets the version of the token as an short.  This also is used to identify the
 * byte[] in the protocol message.
 * @return short
 */
	public short getVersion()
	{
		String[] version = getAttributes("version");

		if (version != null && version[0] != null)
			return new Short(version[0]).shortValue();

		System.out.println("getVersion: returning default of 1");
return 1;
    }

/**
 * When called, the token becomes irreversibly read-only. The implementation
 * needs to ensure that any setter methods check that this flag has been set.
 */
	public void setReadOnly()
	{
		addAttribute("readonly", "true");
	}

/**
 * Called internally to see if the token is read-only
 */
	private boolean isReadOnly()
	{
		String[] readonly = getAttributes("readonly");

		if (readonly != null && readonly[0] != null)
			return new Boolean(readonly[0]).booleanValue();

		System.out.println("isReadOnly: returning default of false");
		return false;
	}

/**
 * Gets the attribute value based on the named value.
 * @param String key
 * @return String[]
 */
	public String[] getAttributes(String key)
	{
		ArrayList array = (ArrayList) hashtable.get(key);

		if (array != null && array.size() > 0)
		{
			return (String[]) array.toArray(new String[0]);
		}

         return null;
	}

/**
 * Sets the attribute name and value pair. Returns the previous values set for key,
 * or null if not previously set.
 * @param String key
 * @param String value
 * @returns String[];
 */
	public String[] addAttribute(String key, String value)
	{
		// Gets the current value for the key
		ArrayList array = (ArrayList) hashtable.get(key);
        
		if (!isReadOnly())
		{
			// Copies the ArrayList to a String[] as it currently exists
			String[] old_array = null;
			if (array != null && array.size() > 0)
				old_array = (String[]) array.toArray(new String[0]);

			// Allocates a new ArrayList if one was not found
			if (array == null)
				array = new ArrayList();

			// Adds the String to the current array list
			array.add(value);

			// Adds the current ArrayList to the Hashtable
			hashtable.put(key, array);

			// Returns the old array
			return old_array;
		}

		return (String[]) array.toArray(new String[0]);
	}

    
/**
 * Gets the list of all attribute names present in the token.
 * @return java.util.Enumeration
 */
	public java.util.Enumeration getAttributeNames()
	{
		return hashtable.keys();
	}

/**
 * Returns a deep copying of this token, if necessary.
 * @return Object
 */
	public Object clone()
	{
		com.ibm.websphere.security.token.CustomAuthorizationTokenImpl deep_clone = 
			new com.ibm.websphere.security.token.CustomAuthorizationTokenImpl();

		java.util.Enumeration keys = getAttributeNames();

		while (keys.hasMoreElements()) 
		{
			String key = (String) keys.nextElement();

			String[] list = (String[]) getAttributes(key);
            
			for (int i=0; i<list.length; i++)
				deep_clone.addAttribute(key, list[i]);
		}
    
    		return deep_clone;
	}
}



関連タスク
カスタム許可トークンのインプリメント
参照トピック    

ご利用条件 | フィードバック

最終更新: Jan 21, 2008 5:46:14 PM EST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.base.iseries.doc/info/iseries/ae/xsec_authtoken.html