1 23 package com.sun.enterprise.security.auth.login; 24 25 import java.util.*; 26 import javax.security.auth.*; 27 import javax.security.auth.callback.*; 28 import javax.security.auth.login.*; 29 import javax.security.auth.spi.*; 30 import com.sun.enterprise.security.auth.login.PasswordCredential; 31 import com.sun.enterprise.deployment.PrincipalImpl; 32 import com.sun.enterprise.util.LocalStringManagerImpl; 33 import java.util.logging.*; 34 import com.sun.logging.*; 35 36 37 46 47 public class ClientPasswordLoginModule implements LoginModule { 48 49 private static Logger _logger=null; 50 static { 51 _logger=LogDomains.getLogger(LogDomains.SECURITY_LOGGER); 52 } 53 54 private static final String DEFAULT_REALMNAME = "default"; 55 private static LocalStringManagerImpl localStrings = 56 new LocalStringManagerImpl(ClientPasswordLoginModule.class); 57 private Subject subject; 59 private CallbackHandler callbackHandler; 60 private Map sharedState; 61 private Map options; 62 63 private boolean succeeded = false; 65 private boolean commitSucceeded = false; 66 67 private String username; 69 private char[] password; 70 71 private PrincipalImpl userPrincipal; 73 public static String LOGIN_NAME = "j2eelogin.name"; 74 public static String LOGIN_PASSWORD = "j2eelogin.password"; 75 76 77 94 public void initialize(Subject subject, CallbackHandler callbackHandler, 95 Map sharedState, Map options) { 96 97 this.subject = subject; 98 this.callbackHandler = callbackHandler; 99 this.sharedState = sharedState; 100 this.options = options; 101 102 } 103 104 117 public boolean login() throws LoginException { 118 119 if (callbackHandler == null){ 121 String failure = localStrings.getLocalString("login.nocallback","Error: no CallbackHandler available to garner authentication information from the user"); 122 throw new LoginException(failure); 123 } 124 String uname = System.getProperty (LOGIN_NAME); 125 String pswd; 126 if (uname != null) { 127 username = new String (uname); 128 pswd = System.getProperty (LOGIN_PASSWORD); 129 char[] dest; 130 if (pswd == null){ 131 dest = new char[0]; 132 password = new char[0]; 133 } else { 134 int length = pswd.length(); 135 dest = new char[length]; 136 pswd.getChars(0, length, dest, 0 ); 137 password = new char[length]; 138 } 139 System.arraycopy (dest, 0, password, 0, dest.length); 140 } else{ 141 Callback[] callbacks = new Callback[2]; 142 callbacks[0] = new NameCallback(localStrings.getLocalString("login.username", "ClientPasswordModule username: ")); 143 callbacks[1] = new PasswordCallback(localStrings.getLocalString("login.password", "ClientPasswordModule password: "), false); 144 145 try { 146 callbackHandler.handle(callbacks); 147 username = ((NameCallback)callbacks[0]).getName(); 148 if(username == null){ 149 String fail = localStrings.getLocalString("login.nousername", "No user specified"); 150 throw new LoginException(fail); 151 } 152 char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword(); 153 if (tmpPassword == null) { 154 tmpPassword = new char[0]; 156 } 157 password = new char[tmpPassword.length]; 158 System.arraycopy(tmpPassword, 0, 159 password, 0, tmpPassword.length); 160 ((PasswordCallback)callbacks[1]).clearPassword(); 161 162 } catch (java.io.IOException ioe) { 163 throw new LoginException(ioe.toString()); 164 } catch (UnsupportedCallbackException uce) { 165 String nocallback = localStrings.getLocalString("login.callback","Error: Callback not available to garner authentication information from user(CallbackName):" ); 166 throw new LoginException(nocallback + 167 uce.getCallback().toString()); 168 } 169 } 170 171 175 _logger.log(Level.FINEST,"\t\t[ClientPasswordLoginModule] " + 176 "authentication succeeded"); 177 succeeded = true; 178 return true; 179 } 180 181 182 204 public boolean commit() throws LoginException { 205 if (succeeded == false) { 206 return false; 207 } else { 208 211 userPrincipal = new PrincipalImpl(username); 213 if (!subject.getPrincipals().contains(userPrincipal)){ 214 subject.getPrincipals().add(userPrincipal); 215 } 216 _logger.log(Level.FINE,"\t\t[ClientPasswordLoginModule] " + 217 "added PrincipalImpl to Subject"); 218 219 String realm = DEFAULT_REALMNAME; 220 221 PasswordCredential pc = 222 new PasswordCredential(username, new String (password), realm); 223 if(!subject.getPrivateCredentials().contains(pc)) { 224 subject.getPrivateCredentials().add(pc); 225 } 226 username = null; 228 for (int i = 0; i < password.length; i++){ 229 password[i] = ' '; 230 } 231 password = null; 232 commitSucceeded = true; 233 return true; 234 } 235 } 236 237 255 public boolean abort() throws LoginException { 256 if (succeeded == false) { 257 return false; 258 } else if (succeeded == true && commitSucceeded == false) { 259 succeeded = false; 261 username = null; 262 if (password != null) { 263 for (int i = 0; i < password.length; i++){ 264 password[i] = ' '; 265 } 266 password = null; 267 } 268 userPrincipal = null; 269 } else { 270 logout(); 273 } 274 return true; 275 } 276 277 290 public boolean logout() throws LoginException { 291 292 subject.getPrincipals().remove(userPrincipal); 293 succeeded = false; 294 succeeded = commitSucceeded; 295 username = null; 296 if (password != null) { 297 for (int i = 0; i < password.length; i++){ 298 password[i] = ' '; 299 } 300 password = null; 301 } 302 userPrincipal = null; 303 return true; 304 } 305 } 306 | Popular Tags |