JDBCLoginModule


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  
24  package com.sun.enterprise.security.auth.login;
25  
26  import java.util.logging.Level  ;
27  
28  import com.sun.enterprise.security.LoginException;
29  import com.sun.enterprise.security.auth.login.PasswordLoginModule;
30  import com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm;
31  
32  
33  /**
34   * This class implement a JDBC Login module for Glassfish. The work is derivated from Sun's sample JDBC login module.
35   * Enhancement has been done to use latest features.
36   * sample setting in server.xml for JDBCLoginModule
37   * @author Jean-Baptiste Bugeaud
38   */
39  public class JDBCLoginModule extends PasswordLoginModule {
40      /**
41       * Perform JDBC authentication. Delegates to JDBCRealm.
42       *
43       * @throws LoginException If login fails (JAAS login() behavior).
44       */    
45      protected void authenticate() throws LoginException {
46          if (!(_currentRealm instanceof JDBCRealm)) {
47              String   msg = sm.getString("jdbclm.badrealm");
48              throw new LoginException(msg);
49          }
50          
51          final JDBCRealm jdbcRealm = (JDBCRealm)_currentRealm;
52  
53          // A JDBC user must have a name not null and non-empty.
54          if ( (_username == null) || (_username.length() == 0) ) {
55              String   msg = sm.getString("jdbclm.nulluser");
56              throw new LoginException(msg);
57          }
58          
59          String  [] grpList = jdbcRealm.authenticate(_username, _password);
60  
61          if (grpList == null) {  // JAAS behavior
62              String   msg = sm.getString("jdbclm.loginfail", _username);
63              throw new LoginException(msg);
64          }
65  
66          if (_logger.isLoggable(Level.FINEST)) {
67              _logger.finest("JDBC login succeeded for: " + _username
68                  + " groups:" + grpList);
69          }
70  
71          //make a copy of groupList to pass to LoginModule. This copy is the one
72          // that will be made null there. DO NOT PASS the grpList as is - as 
73          // it will get overwritten. Resulting in logins passing only once.
74          final String  [] groupListToForward = new String  [grpList.length];
75          System.arraycopy(grpList, 0, groupListToForward, 0, grpList.length);
76  
77          commitAuthentication(_username, _password,
78                               _currentRealm, groupListToForward);
79      }
80  }
81
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags