KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > core > authentication > configuration > LocalLoginContext


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name: $
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */
28 package net.sf.jguard.core.authentication.configuration;
29
30 import java.util.ArrayList JavaDoc;
31 import java.util.Arrays JavaDoc;
32 import java.util.HashMap JavaDoc;
33 import java.util.Iterator JavaDoc;
34 import java.util.List JavaDoc;
35 import java.util.Map JavaDoc;
36
37 import javax.security.auth.Subject JavaDoc;
38 import javax.security.auth.callback.CallbackHandler JavaDoc;
39 import javax.security.auth.login.AppConfigurationEntry JavaDoc;
40 import javax.security.auth.login.Configuration JavaDoc;
41 import javax.security.auth.login.LoginContext JavaDoc;
42 import javax.security.auth.login.LoginException JavaDoc;
43 import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
44 import javax.security.auth.spi.LoginModule JavaDoc;
45
46 import org.apache.commons.logging.Log;
47 import org.apache.commons.logging.LogFactory;
48
49     /**
50      * LoginContext only 'local' to this application.
51      * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
52      * @since 1.0
53      */
54     public class LocalLoginContext {
55         private static final Log logger = LogFactory.getLog(LocalLoginContext.class);
56         private static final String JavaDoc OTHER = "other";
57         private List JavaDoc appEntriesList = null;
58         private CallbackHandler JavaDoc cbHandler = null;
59         private Subject JavaDoc subject = null;
60         private Map JavaDoc flags = null;
61         private boolean loginSucceed = true;
62         private boolean subjectNotProvided;
63         private List JavaDoc loginModules = null;
64         
65         /**
66          * constructor which mimics {@link LoginContext} constructor.
67          * @param name
68          * @param cbHandler
69          * @throws LoginException
70          */
71         public LocalLoginContext(String JavaDoc name,CallbackHandler JavaDoc cbHandler) throws LoginException JavaDoc {
72             appEntriesList = getAppConfigurationEntry(Configuration.getConfiguration(),name);
73             this.cbHandler =cbHandler;
74             subject = new Subject JavaDoc();
75             flags = new HashMap JavaDoc();
76             subjectNotProvided = true;
77         }
78         
79         /**
80          * constructor which mimics {@link LoginContext} constructor.
81          * @param name
82          * @param cbHandler
83          * @throws LoginException
84          */
85         public LocalLoginContext(String JavaDoc name,CallbackHandler JavaDoc cbHandler,Configuration JavaDoc configuration) throws LoginException JavaDoc {
86             appEntriesList = getAppConfigurationEntry(configuration,name);
87             this.cbHandler =cbHandler;
88             subject = new Subject JavaDoc();
89             flags = new HashMap JavaDoc();
90             subjectNotProvided = true;
91         }
92         /**
93          * constructor which mimics {@link LoginContext} constructor.
94          * @param name
95          * @param subject
96          * @param cbHandler
97          * @throws LoginException
98          */
99         public LocalLoginContext(String JavaDoc name,Subject JavaDoc subject,CallbackHandler JavaDoc cbHandler) throws LoginException JavaDoc {
100             appEntriesList = getAppConfigurationEntry(Configuration.getConfiguration(),name);
101             this.cbHandler =cbHandler;
102             this.subject = subject;
103             flags = new HashMap JavaDoc();
104         }
105         
106         /**
107          * constructor which permits to have for java SE 4 this constructor prsent only on java SE 5.
108          * @param name
109          * @param subject
110          * @param cbHandler
111          * @param configuration
112          * @throws LoginException
113          */
114         public LocalLoginContext(String JavaDoc name,Subject JavaDoc subject,CallbackHandler JavaDoc cbHandler,Configuration JavaDoc configuration) throws LoginException JavaDoc {
115             appEntriesList = getAppConfigurationEntry(configuration,name);
116             this.cbHandler =cbHandler;
117             this.subject = subject;
118             flags = new HashMap JavaDoc();
119         }
120         
121         
122         private List JavaDoc getAppConfigurationEntry(Configuration JavaDoc config,String JavaDoc name){
123             AppConfigurationEntry JavaDoc[] appEntries = null;
124             appEntries = config.getAppConfigurationEntry(name);
125             if (appEntries==null){
126                 appEntries = config.getAppConfigurationEntry(OTHER);
127             }
128             return Arrays.asList(appEntries);
129         }
130         
131         /**
132          * perform the authentication in a <strong>local</strong> manner,
133          * i.e, not bound to the JVM's Configuration,
134          * and if successful, associate Principals and
135          * credentials with the Authenticated Subject.
136          * @throws LoginException
137          */
138         public void login() throws LoginException JavaDoc{
139             
140             loginModules = initializeLoginModules(appEntriesList,subject,cbHandler);
141             
142             //login phase
143 Iterator JavaDoc itLoginModules = loginModules.iterator();
144             //first overall authentication exception
145 LoginException JavaDoc exception = null;
146             while(itLoginModules.hasNext()){
147                 LoginModule JavaDoc module = (LoginModule JavaDoc)itLoginModules.next();
148                 LoginModuleControlFlag flag = (LoginModuleControlFlag) flags.get(module);
149                 
150                 //loginModule Flag check
151 if((!LoginModuleControlFlag.OPTIONAL.equals(flag))
152                     &&(!LoginModuleControlFlag.REQUIRED.equals(flag))
153                     &&(!LoginModuleControlFlag.REQUISITE.equals(flag))
154                     &&(!LoginModuleControlFlag.SUFFICIENT.equals(flag))){
155                         
156                     logger.error(" loginModule="+module.getClass()+" has got an invalid flag="+flag);
157                     logger.error(" this loginModule is skipped in the authentication process ");
158                     continue;
159                 }
160                     
161                 //login phase
162 try {
163                     boolean loginModuleSucceed = module.login();
164                     //loginModule should be ignored => we skip it and continue to the next one
165 //according to the Loginmodule javadoc
166 if(!loginModuleSucceed){
167                         logger.debug(" loginModule "+module.getClass()+" in 'login' phase is ignored ");
168                         continue;
169                     }
170                     
171                     logger.debug(" loginModule "+module.getClass()+" in 'login' phase succeed ");
172                     
173                     //login succeed
174 if(LoginModuleControlFlag.REQUIRED.equals(flag)){
175                         continue;
176                     }else if(LoginModuleControlFlag.REQUISITE.equals(flag)){
177                         continue;
178                     }else if(LoginModuleControlFlag.SUFFICIENT.equals(flag)){
179                         break;
180                     }else if(LoginModuleControlFlag.OPTIONAL.equals(flag)){
181                         continue;
182                     }
183                 } catch (LoginException JavaDoc e) {
184                     //we store only the first exception in the overall authentication process
185 if(exception==null){
186                         exception = e;
187                     }
188                     
189                     logger.debug(" loginModule "+module.getClass()+" in 'login' phase failed ");
190                     //login fails
191 logger.info(" authentication fails "+e.getMessage());
192                     if(LoginModuleControlFlag.REQUIRED.equals(flag)){
193                         loginSucceed = false;
194                         continue;
195                     }else if(LoginModuleControlFlag.REQUISITE.equals(flag)){
196                         loginSucceed = false;
197                         break;
198                     }else if(LoginModuleControlFlag.SUFFICIENT.equals(flag)){
199                         continue;
200                     }else if(LoginModuleControlFlag.OPTIONAL.equals(flag)){
201                         continue;
202                     }
203                 }
204                 
205             }
206             Iterator JavaDoc itLoginModules2 = loginModules.iterator();
207             
208             if(loginSucceed){
209                 //commit phase
210 while(itLoginModules2.hasNext()){
211                     LoginModule JavaDoc module = (LoginModule JavaDoc)itLoginModules2.next();
212                     try {
213                         boolean moduleCommitSucceed = module.commit();
214                         if(moduleCommitSucceed){
215                             logger.debug(" loginModule "+module.getClass()+" in 'commit' phase succeeed");
216                         }else{
217                             logger.debug(" loginModule "+module.getClass()+" in 'commit' phase is ignored ");
218                         }
219                     } catch (LoginException JavaDoc e) {
220                         logger.debug(" loginModule "+module.getClass()+" in 'commit' phase failed ");
221                         abort(loginModules,e);
222                         throw e;
223                     }
224                 }
225                 
226             }else{
227                 abort(loginModules,exception);
228             }
229             
230         }
231
232         private void abort(List JavaDoc loginModules,LoginException JavaDoc exception) throws LoginException JavaDoc {
233             Iterator JavaDoc itLoginModules = loginModules.iterator();
234             //abort phase
235 while(itLoginModules.hasNext()){
236                 LoginModule JavaDoc module = (LoginModule JavaDoc)itLoginModules.next();
237                 try {
238                     boolean moduleAbortSucceed = module.abort();
239                     if(moduleAbortSucceed){
240                         logger.debug(" loginModule "+module.getClass()+" in 'abort' phase succeeed");
241                     }else{
242                         logger.debug(" loginModule "+module.getClass()+" in 'abort' phase is ignored ");
243                     }
244                 } catch (LoginException JavaDoc e) {
245                     logger.debug(" loginModule "+module.getClass()+" in 'abort' phase failed ");
246                     logger.warn(e.getMessage());
247                     throw exception;
248                 }
249             }
250             //we throw the initial exception which causes abort phase
251 throw exception;
252         }
253
254         private List JavaDoc initializeLoginModules(List JavaDoc appConfigurationEntries,Subject JavaDoc subject ,CallbackHandler JavaDoc cbHandler) {
255             Map JavaDoc sharedState = new HashMap JavaDoc();
256             List JavaDoc loginModules = new ArrayList JavaDoc();
257             Iterator JavaDoc itAppEntries = appConfigurationEntries.iterator();
258             //we initialize loginmodules
259 while(itAppEntries.hasNext()){
260                 AppConfigurationEntry JavaDoc entry = (AppConfigurationEntry JavaDoc)itAppEntries.next();
261                 LoginModuleControlFlag flag = entry.getControlFlag();
262                 String JavaDoc loginModuleName =entry.getLoginModuleName();
263                 Map JavaDoc options = entry.getOptions();
264                 Class JavaDoc loginModuleClass = null;
265                 LoginModule JavaDoc module = null;
266                 //grab loginModule Class
267 try {
268                     loginModuleClass = (Class JavaDoc)Thread.currentThread().getContextClassLoader().loadClass(loginModuleName);
269                 } catch (ClassNotFoundException JavaDoc e) {
270                     logger.fatal(" loginModule Class "+loginModuleName+" not found ");
271                     throw new RuntimeException JavaDoc("loginModule "+loginModuleName+" is not found "+e.getMessage());
272                 }
273                 //instantiate it
274 try {
275                     module = (LoginModule JavaDoc) loginModuleClass.newInstance();
276                 } catch (InstantiationException JavaDoc e) {
277                     logger.fatal(" loginModule Class "+loginModuleName+" cannot be instantiated ");
278                     throw new RuntimeException JavaDoc(e.getMessage());
279                 } catch (IllegalAccessException JavaDoc e) {
280                     logger.fatal(" loginModule Class "+loginModuleName+" cannot be accessed ");
281                     throw new RuntimeException JavaDoc(e.getMessage());
282                 }
283                 
284                 //initialize it
285 module.initialize(subject,cbHandler,sharedState,options);
286                 flags.put(module,flag);
287                 loginModules.add(module);
288             }
289             
290             return loginModules;
291         }
292         
293         public void logout() throws LoginException JavaDoc{
294             LoginException JavaDoc exception = null;
295             Iterator JavaDoc itLoginModules = loginModules.iterator();
296             while(itLoginModules.hasNext()){
297                 LoginModule JavaDoc module =(LoginModule JavaDoc)itLoginModules.next();
298                 try {
299                     boolean moduleLogoutSucceed = module.logout();
300                     if(moduleLogoutSucceed){
301                         logger.debug(" loginModule "+module.getClass()+" in 'logout' phase succeeed");
302                     }else{
303                         logger.debug(" loginModule "+module.getClass()+" in 'logout' phase is ignored ");
304                     }
305                 } catch (LoginException JavaDoc e) {
306                     logger.debug(" loginModule "+module.getClass()+" in 'logout' phase failed ");
307                     logger.warn(e.getMessage());
308                     if (exception == null){
309                         exception = e;
310                     }
311                 }
312             }
313             
314             //we throw the first exception raised by loginModules
315 //but we try to logout before all the loginModules
316 if(exception != null){
317                 throw exception;
318             }
319         }
320         
321         public Subject JavaDoc getSubject(){
322             if(!loginSucceed && subjectNotProvided){
323                 return null;
324             }
325             return subject;
326         }
327     }
328
Popular Tags