1 23 24 package com.sun.appserv.security; 25 26 import java.util.*; 27 import java.util.logging.Logger ; 28 import java.util.logging.Level ; 29 import com.sun.logging.LogDomains; 30 import com.sun.enterprise.util.i18n.StringManager; 31 import javax.security.auth.*; 32 import javax.security.auth.callback.*; 33 import javax.security.auth.login.*; 34 import javax.security.auth.spi.*; 35 import com.sun.enterprise.deployment.PrincipalImpl; 36 import com.sun.enterprise.deployment.Group; 37 import com.sun.enterprise.security.auth.realm.Realm; 38 import com.sun.enterprise.security.auth.login.PasswordCredential; 39 import com.sun.web.security.PrincipalGroupFactory; 40 41 42 54 public abstract class AppservPasswordLoginModule implements LoginModule 55 { 56 protected Subject _subject; 59 protected Map _sharedState; 60 protected Map _options; 61 62 protected String _username; 63 protected String _password; 64 protected Realm _currentRealm; 65 66 protected boolean _succeeded = false; 68 protected boolean _commitSucceeded = false; 69 protected PrincipalImpl _userPrincipal; 70 protected String [] _groupsList = null; 71 72 protected Logger _logger = 73 LogDomains.getLogger(LogDomains.SECURITY_LOGGER); 74 75 protected final static StringManager sm = 76 StringManager.getManager("com.sun.enterprise.security.auth.login"); 77 78 79 90 final public void initialize(Subject subject, CallbackHandler callbackHandler, 91 Map sharedState, Map options) 92 { 93 _subject = subject; 94 _sharedState = sharedState; 95 _options = options; 96 if(_logger.isLoggable(Level.FINE)){ 97 _logger.log(Level.FINE, "Login module initialized: "+ 98 this.getClass().toString()); 99 } 100 } 101 102 103 117 final public boolean login() throws LoginException 118 { 119 if (_subject==null) { 120 String msg = sm.getString("pwdlm.noinfo"); 121 _logger.log(Level.SEVERE, msg); 122 throw new LoginException(msg); 123 } 124 125 PasswordCredential pwdCred = null; 126 127 try { 128 Iterator i = _subject.getPrivateCredentials().iterator(); 129 while (i.hasNext() && pwdCred==null) { 130 Object privCred = i.next(); 131 if (privCred instanceof PasswordCredential) { 132 pwdCred = (PasswordCredential)privCred; 133 } 134 } 135 } catch (Exception e) { 136 _logger.log(Level.WARNING, "passwordlm.nocreds", e.toString()); 137 } 138 139 if (pwdCred==null) { 140 _logger.log(Level.SEVERE, "passwordlm.nopwdcred"); 141 String msg = sm.getString("pwdlm.nocreds"); 142 throw new LoginException(msg); 143 } 144 145 147 String realm = null; 148 try { 149 realm = pwdCred.getRealm(); 150 _currentRealm = Realm.getInstance(realm); 151 152 } catch (Exception e) { 153 String msg = sm.getString("pwdlm.norealm", realm); 154 _logger.log(Level.SEVERE, msg); 155 throw new LoginException(msg); 156 } 157 158 if (_currentRealm == null) { 159 String msg = sm.getString("pwdlm.norealmavail", realm); 160 _logger.log(Level.SEVERE, msg); 161 throw new LoginException(msg); 162 } 163 164 166 _username = pwdCred.getUser(); 167 _password = pwdCred.getPassword(); 168 169 171 authenticateUser(); 172 if(_logger.isLoggable(Level.FINE)){ 173 _logger.log(Level.FINE, "JAAS login complete."); 174 } 175 return true; 176 } 177 178 179 189 public boolean commit() throws LoginException 190 { 191 if (_succeeded == false) { 192 return false; 193 } 194 195 String realm_name = _currentRealm.getName(); 198 _userPrincipal = 199 PrincipalGroupFactory.getPrincipalInstance(_username, realm_name); 200 Set principalSet = _subject.getPrincipals(); 201 if (!principalSet.contains(_userPrincipal)){ 202 principalSet.add(_userPrincipal); 203 } 204 207 for(int i = 0; i<_groupsList.length; i++){ 208 if(_groupsList[i] != null){ 209 Group g = 210 PrincipalGroupFactory.getGroupInstance(_groupsList[i], realm_name); 211 if(!principalSet.contains(g)){ 212 principalSet.add(g); 213 } 214 215 _groupsList[i] = null; 217 } 218 } 219 220 _groupsList = null; 222 _username = null; 223 _password = null; 224 _commitSucceeded = true; 225 if(_logger.isLoggable(Level.FINE)){ 226 _logger.log(Level.FINE,"JAAS authentication committed."); 227 } 228 return true; 229 } 230 231 232 236 final public boolean abort() throws LoginException 237 { 238 if(_logger.isLoggable(Level.FINE)){ 239 _logger.log(Level.FINE,"JAAS authentication aborted."); 240 } 241 242 if (_succeeded == false) { 243 return false; 244 } else if (_succeeded == true && _commitSucceeded == false) { 245 _succeeded = false; 247 _username = null; 248 _password = null; 249 _userPrincipal = null; 250 for(int i = 0; i < _groupsList.length; i++){ 251 _groupsList[i] = null; 252 } 253 _groupsList = null; 254 } else { 255 logout(); 258 } 259 return true; 260 } 261 262 263 267 final public boolean logout() throws LoginException 268 { 269 if(_logger.isLoggable(Level.FINE)){ 270 _logger.log(Level.FINE, "JAAS logout for: " + _subject.toString()); 271 } 272 273 _subject.getPrincipals().remove(_userPrincipal); 274 275 _succeeded = false; 276 _succeeded = _commitSucceeded; 277 _username = null; 278 _password = null; 279 _userPrincipal = null; 280 if(_groupsList != null){ 281 for (int i = 0; i < _groupsList.length; i++){ 282 _groupsList[i] = null; 283 } 284 _groupsList = null; 285 } 286 return true; 287 } 288 289 290 302 public final void commitUserAuthentication (final String [] groups) 303 { 304 _groupsList = groups; 305 _succeeded = true; 306 } 307 308 318 public Subject getSubject() 319 { 320 return _subject; 321 } 322 323 331 abstract protected void authenticateUser() throws LoginException; 332 } 333 | Popular Tags |