/*
* RHQ Management Platform
* Copyright (C) 2005-2008 Red Hat, Inc.
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation version 2 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package org.rhq.enterprise.server.core.comm;
import java.util.Hashtable;
import java.util.Map;
import org.rhq.core.clientapi.server.core.CoreServerService;
import org.rhq.core.domain.resource.Agent;
import org.rhq.enterprise.communications.ServiceContainer;
import org.rhq.enterprise.communications.command.Command;
import org.rhq.enterprise.communications.command.impl.remotepojo.RemotePojoInvocationCommand;
import org.rhq.enterprise.communications.command.server.CommandAuthenticator;
import org.rhq.enterprise.server.core.AgentManagerLocal;
import org.rhq.enterprise.server.util.LookupUtil;
/**
* This command authenticator implementation is designed to be installed on the JON Server so it can authenticate JON
* Agents that are sending commands. It performs the necessary checks on the security token found within the command in
* order to ensure the authenticity of the agent sending the command.
*
* @author John Mazzitelli
*/
public class SecurityTokenCommandAuthenticator implements CommandAuthenticator {
/**
* This is the name of the command configuration property whose value (if it exists) is the security token string.
* Each incoming command should contain a security token within the command's
* {@link Command#getConfiguration() configuration} unless it is a command that is designed to initially establish a
* security token.
*/
private static final String CMDCONFIG_PROP_SECURITY_TOKEN = "rhq.security-token";
/**
* A cache keyed on security token strings whose values are the timestamps when the token entries were stored in the
* cache.
*/
private static final Map<String, Long> TOKENS_CACHE = new Hashtable<String, Long>();
/**
* Items in the tokens cache will be valid for this amount of milliseconds. After an token grows this old in the
* cache, that token's authenticity will again be checked with the database.
*/
private static final long TOKENS_CACHE_TIMEOUT = 5 * 60 * 1000L;
/**
* This is the server service interface that contains the "register agent" API.
*/
private static final String REGISTER_SERVICE_INTERFACE = CoreServerService.class.getName();
/**
* This is the name of the command type that will house all "register agent" commands.
*/
private static final String REGISTER_COMMAND_TYPE_NAME = RemotePojoInvocationCommand.COMMAND_TYPE.getName();
/**
* EJB that is to be used to authenticate security tokens.
*/
private AgentManagerLocal m_agentManager;
/**
* @see CommandAuthenticator#isAuthenticated(Command)
*/
@Override
public boolean isAuthenticated(Command command) {
String security_token = command.getConfiguration().getProperty(CMDCONFIG_PROP_SECURITY_TOKEN);
// if no security token is in the command, reject it unless this command is asking for a token.
// if registering - allow it to be considered authenticated since its asking to be registered for the first time
// if asking for additional properties - allow it, it might need this info for updating
if (security_token == null) {
return isRegisterCommand(command) || isGetPublicAgentUpdateEndpointAddressCommand(command);
}
// check the validity of the security token
long now = System.currentTimeMillis();
Long timestamp = TOKENS_CACHE.get(security_token);
if ((timestamp == null) || ((timestamp.longValue() + TOKENS_CACHE_TIMEOUT) < now)) {
try {
AgentManagerLocal agentManager = getAgentManager();
// see if the agent token is valid - note that we do not know if the token is coming
// from the particular agent it is assigned to - for true security, SSL certs should be used
Agent agent = agentManager.getAgentByAgentToken(security_token);
if (agent == null) {
throw new NullPointerException();
}
TOKENS_CACHE.put(security_token, new Long(now));
// let's take the opportunity to tell the server that this agent is up!
agentManager.agentIsAlive(agent);
} catch (Exception e) {
TOKENS_CACHE.remove(security_token);
return false;
}
}
return true;
}
@Override
public void setServiceContainer(ServiceContainer serviceContainer) {
// don't need this, no need to store it
}
/**
* This examines the given command and determines if it is a command asking to register an agent.
*
* @param command
*
* @return <code>true</code> if the given command is asking to register an agent; any other command results in this
* method returning <code>false</code>
*/
private boolean isRegisterCommand(Command command) {
if (REGISTER_COMMAND_TYPE_NAME.equals(command.getCommandType().getName())) {
RemotePojoInvocationCommand remote_cmd = (RemotePojoInvocationCommand) command;
String iface_name = remote_cmd.getTargetInterfaceName();
if (REGISTER_SERVICE_INTERFACE.equals(iface_name)) {
String method_name = remote_cmd.getNameBasedInvocation().getMethodName();
if ("registerAgent".equals(method_name)) {
return true;
}
}
}
return false;
}
private boolean isGetPublicAgentUpdateEndpointAddressCommand(Command command) {
if (REGISTER_COMMAND_TYPE_NAME.equals(command.getCommandType().getName())) {
RemotePojoInvocationCommand remote_cmd = (RemotePojoInvocationCommand) command;
String iface_name = remote_cmd.getTargetInterfaceName();
if (REGISTER_SERVICE_INTERFACE.equals(iface_name)) {
String method_name = remote_cmd.getNameBasedInvocation().getMethodName();
if ("getPublicAgentUpdateEndpointAddress".equals(method_name)) {
return true;
}
}
}
return false;
}
/**
* Returns the EJB used to authenticate security tokens.
*
* @return EJB used to authenticate tokens
*
* @throws Exception
*/
private AgentManagerLocal getAgentManager() throws Exception {
if (m_agentManager == null) {
m_agentManager = LookupUtil.getAgentManager();
}
return m_agentManager;
}
}