1 7 8 package com.sun.security.auth.module; 9 10 import java.util.*; 11 import java.io.IOException ; 12 import javax.security.auth.*; 13 import javax.security.auth.callback.*; 14 import javax.security.auth.login.*; 15 import javax.security.auth.spi.*; 16 import com.sun.security.auth.UnixPrincipal; 17 import com.sun.security.auth.UnixNumericUserPrincipal; 18 import com.sun.security.auth.UnixNumericGroupPrincipal; 19 20 33 public class UnixLoginModule implements LoginModule { 34 35 private Subject subject; 37 private CallbackHandler callbackHandler; 38 private Map sharedState; 39 private Map options; 40 41 private boolean debug = true; 43 44 private UnixSystem ss; 46 47 private boolean succeeded = false; 49 private boolean commitSucceeded = false; 50 51 private UnixPrincipal userPrincipal; 53 private UnixNumericUserPrincipal UIDPrincipal; 54 private UnixNumericGroupPrincipal GIDPrincipal; 55 private LinkedList supplementaryGroups = new LinkedList(); 56 57 74 public void initialize(Subject subject, CallbackHandler callbackHandler, 75 Map<String ,?> sharedState, 76 Map<String ,?> options) { 77 78 this.subject = subject; 79 this.callbackHandler = callbackHandler; 80 this.sharedState = sharedState; 81 this.options = options; 82 83 debug = "true".equalsIgnoreCase((String )options.get("debug")); 85 } 86 87 102 public boolean login() throws LoginException { 103 104 long[] unixGroups = null; 105 106 ss = new UnixSystem(); 107 108 if (ss == null) { 109 succeeded = false; 110 throw new FailedLoginException 111 ("Failed in attempt to import " + 112 "the underlying system identity information"); 113 } else { 114 userPrincipal = new UnixPrincipal(ss.getUsername()); 115 UIDPrincipal = new UnixNumericUserPrincipal(ss.getUid()); 116 GIDPrincipal = new UnixNumericGroupPrincipal(ss.getGid(), true); 117 if (ss.getGroups() != null && ss.getGroups().length > 0) 118 unixGroups = ss.getGroups(); 119 for (int i = 0; i < unixGroups.length; i++) { 120 UnixNumericGroupPrincipal ngp = 121 new UnixNumericGroupPrincipal 122 (unixGroups[i], false); 123 if (!ngp.getName().equals(GIDPrincipal.getName())) 124 supplementaryGroups.add(ngp); 125 } 126 if (debug) { 127 System.out.println("\t\t[UnixLoginModule]: " + 128 "succeeded importing info: "); 129 System.out.println("\t\t\tuid = " + ss.getUid()); 130 System.out.println("\t\t\tgid = " + ss.getGid()); 131 unixGroups = ss.getGroups(); 132 for (int i = 0; i < unixGroups.length; i++) { 133 System.out.println("\t\t\tsupp gid = " + unixGroups[i]); 134 } 135 } 136 succeeded = true; 137 return true; 138 } 139 } 140 141 164 public boolean commit() throws LoginException { 165 if (succeeded == false) { 166 if (debug) { 167 System.out.println("\t\t[UnixLoginModule]: " + 168 "did not add any Principals to Subject " + 169 "because own authentication failed."); 170 } 171 return false; 172 } else { 173 if (subject.isReadOnly()) { 174 throw new LoginException 175 ("commit Failed: Subject is Readonly"); 176 } 177 if (!subject.getPrincipals().contains(userPrincipal)) 178 subject.getPrincipals().add(userPrincipal); 179 if (!subject.getPrincipals().contains(UIDPrincipal)) 180 subject.getPrincipals().add(UIDPrincipal); 181 if (!subject.getPrincipals().contains(GIDPrincipal)) 182 subject.getPrincipals().add(GIDPrincipal); 183 for (int i = 0; i < supplementaryGroups.size(); i++) { 184 if (!subject.getPrincipals().contains 185 ((UnixNumericGroupPrincipal)supplementaryGroups.get(i))) 186 subject.getPrincipals().add((UnixNumericGroupPrincipal) 187 supplementaryGroups.get(i)); 188 } 189 190 if (debug) { 191 System.out.println("\t\t[UnixLoginModule]: " + 192 "added UnixPrincipal,"); 193 System.out.println("\t\t\t\tUnixNumericUserPrincipal,"); 194 System.out.println("\t\t\t\tUnixNumericGroupPrincipal(s),"); 195 System.out.println("\t\t\t to Subject"); 196 } 197 198 commitSucceeded = true; 199 return true; 200 } 201 } 202 203 222 public boolean abort() throws LoginException { 223 if (debug) { 224 System.out.println("\t\t[UnixLoginModule]: " + 225 "aborted authentication attempt"); 226 } 227 228 if (succeeded == false) { 229 return false; 230 } else if (succeeded == true && commitSucceeded == false) { 231 232 succeeded = false; 234 ss = null; 235 userPrincipal = null; 236 UIDPrincipal = null; 237 GIDPrincipal = null; 238 supplementaryGroups = new LinkedList(); 239 } else { 240 logout(); 243 } 244 return true; 245 } 246 247 260 public boolean logout() throws LoginException { 261 262 if (subject.isReadOnly()) { 263 throw new LoginException 264 ("logout Failed: Subject is Readonly"); 265 } 266 subject.getPrincipals().remove(userPrincipal); 268 subject.getPrincipals().remove(UIDPrincipal); 269 subject.getPrincipals().remove(GIDPrincipal); 270 for (int i = 0; i < supplementaryGroups.size(); i++) { 271 subject.getPrincipals().remove 272 ((UnixNumericGroupPrincipal)supplementaryGroups.get(i)); 273 } 274 275 ss = null; 277 succeeded = false; 278 commitSucceeded = false; 279 userPrincipal = null; 280 UIDPrincipal = null; 281 GIDPrincipal = null; 282 supplementaryGroups = new LinkedList(); 283 284 if (debug) { 285 System.out.println("\t\t[UnixLoginModule]: " + 286 "logged out Subject"); 287 } 288 return true; 289 } 290 } 291 | Popular Tags |