예제 #1
0
        private static IList <PluginRealm> CreatePluginRealms(Config config, SecurityLog securityLog, SecureHasher secureHasher, SecurityConfig securityConfig)
        {
            IList <PluginRealm> availablePluginRealms = new List <PluginRealm>();
            ISet <Type>         excludedClasses       = new HashSet <Type>();

            if (securityConfig.PluginAuthentication && securityConfig.PluginAuthorization)
            {
                foreach (AuthPlugin plugin in Service.load(typeof(AuthPlugin)))
                {
                    PluginRealm pluginRealm = new PluginRealm(plugin, config, securityLog, Clocks.systemClock(), secureHasher);
                    availablePluginRealms.Add(pluginRealm);
                }
            }

            if (securityConfig.PluginAuthentication)
            {
                foreach (AuthenticationPlugin plugin in Service.load(typeof(AuthenticationPlugin)))
                {
                    PluginRealm pluginRealm;

                    if (securityConfig.PluginAuthorization && plugin is AuthorizationPlugin)
                    {
                        // This plugin implements both interfaces, create a combined plugin
                        pluginRealm = new PluginRealm(plugin, ( AuthorizationPlugin )plugin, config, securityLog, Clocks.systemClock(), secureHasher);

                        // We need to make sure we do not add a duplicate when the AuthorizationPlugin service gets loaded
                        // so we allow only one instance per combined plugin class
                        excludedClasses.Add(plugin.GetType());
                    }
                    else
                    {
                        pluginRealm = new PluginRealm(plugin, null, config, securityLog, Clocks.systemClock(), secureHasher);
                    }
                    availablePluginRealms.Add(pluginRealm);
                }
            }

            if (securityConfig.PluginAuthorization)
            {
                foreach (AuthorizationPlugin plugin in Service.load(typeof(AuthorizationPlugin)))
                {
                    if (!excludedClasses.Contains(plugin.GetType()))
                    {
                        availablePluginRealms.add(new PluginRealm(null, plugin, config, securityLog, Clocks.systemClock(), secureHasher)
                                                  );
                    }
                }
            }

            foreach (string pluginRealmName in securityConfig.PluginAuthProviders)
            {
                if (availablePluginRealms.noneMatch(r => r.Name.Equals(pluginRealmName)))
                {
                    throw IllegalConfiguration(format("Failed to load auth plugin '%s'.", pluginRealmName));
                }
            }

            IList <PluginRealm> realms = availablePluginRealms.Where(realm => securityConfig.PluginAuthProviders.Contains(realm.Name)).ToList();

//JAVA TO C# CONVERTER TODO TASK: Method reference arbitrary object instance method syntax is not converted by Java to C# Converter:
            bool missingAuthenticatingRealm = securityConfig.OnlyPluginAuthentication() && realms.noneMatch(PluginRealm::canAuthenticate);
//JAVA TO C# CONVERTER TODO TASK: Method reference arbitrary object instance method syntax is not converted by Java to C# Converter:
            bool missingAuthorizingRealm = securityConfig.OnlyPluginAuthorization() && realms.noneMatch(PluginRealm::canAuthorize);

            if (missingAuthenticatingRealm || missingAuthorizingRealm)
            {
                string missingProvider = (missingAuthenticatingRealm && missingAuthorizingRealm) ? "authentication or authorization" : missingAuthenticatingRealm ? "authentication" : "authorization";

                throw IllegalConfiguration(format("No plugin %s provider loaded even though required by configuration.", missingProvider));
            }

            return(realms);
        }