KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > ext > authentication > loginmodules > JCaptchaLoginModule


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name$
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */
28 package net.sf.jguard.ext.authentication.loginmodules;
29
30 import java.io.IOException JavaDoc;
31 import java.util.Map JavaDoc;
32 import java.util.logging.Level JavaDoc;
33 import java.util.logging.Logger JavaDoc;
34
35 import javax.security.auth.Subject JavaDoc;
36 import javax.security.auth.callback.Callback JavaDoc;
37 import javax.security.auth.callback.CallbackHandler JavaDoc;
38 import javax.security.auth.callback.UnsupportedCallbackException JavaDoc;
39 import javax.security.auth.login.LoginException JavaDoc;
40 import javax.security.auth.spi.LoginModule JavaDoc;
41
42 import net.sf.jguard.ext.authentication.callbacks.JCaptchaCallback;
43
44 import com.octo.captcha.module.config.CaptchaModuleConfig;
45 import com.octo.captcha.service.CaptchaService;
46 import com.octo.captcha.service.CaptchaServiceException;
47 /**
48  * <a HREF="http://jcaptcha.sourceforge.net/">JCaptcha</a> integration.
49  * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
50  *
51  */
52 public class JCaptchaLoginModule implements LoginModule JavaDoc {
53     private static Logger JavaDoc logger = Logger.getLogger(JCaptchaLoginModule.class.getName());
54     private static final String JavaDoc CAPTCHA_ANSWER_FIELD = "captchaAnswerField";
55     private Class JavaDoc serviceClass;
56     private CaptchaService service;
57     private String JavaDoc captchaAnswerField;
58     private CallbackHandler JavaDoc callbackHandler;
59     private Subject JavaDoc subject;
60     private Map JavaDoc options;
61     private Map JavaDoc sharedState;
62     private boolean loginOK = true;
63
64     public void initialize(Subject JavaDoc subj,CallbackHandler JavaDoc cbkHandler,Map JavaDoc sState,Map JavaDoc opts){
65         this.subject = subj;
66         this.callbackHandler = cbkHandler;
67         this.sharedState = sState;
68         this.options = opts;
69         captchaAnswerField = (String JavaDoc) opts.get(JCaptchaLoginModule.CAPTCHA_ANSWER_FIELD);
70         if(captchaAnswerField==null ||captchaAnswerField.equals("")){
71             captchaAnswerField="captchaAnswer";
72         }
73
74         try {
75             serviceClass = Class.forName(CaptchaModuleConfig.getInstance().getServiceClass());
76         } catch (ClassNotFoundException JavaDoc e) {
77             logger.severe(" JCaptcha service class cannot be found ");
78         }
79     }
80
81     public boolean login() throws LoginException JavaDoc {
82         String JavaDoc sessionID = "-1";
83         String JavaDoc captchaAnswer = "";
84         boolean skipJCaptchaChallenge = false;
85
86         if (callbackHandler == null){
87             loginOK = false;
88             throw new JCaptchaLoginException("there is no CallbackHandler to validate the JCaptcha Answer");
89         }
90         Callback JavaDoc[] callbacks = new Callback JavaDoc[1];
91         callbacks[0] = new JCaptchaCallback();
92
93          try {
94             callbackHandler.handle(callbacks);
95             JCaptchaCallback jcaptchaCallback = (JCaptchaCallback) callbacks[0];
96             captchaAnswer = jcaptchaCallback.getCaptchaAnswer();
97             skipJCaptchaChallenge = jcaptchaCallback.isSkipJCaptchaChallenge();
98             sessionID = jcaptchaCallback.getSessionID();
99             logger.log(Level.FINE,"session ID="+sessionID);
100             service = jcaptchaCallback.getCaptchaService();
101             logger.log(Level.FINE,"service="+service);
102
103             if(skipJCaptchaChallenge==true){
104                return false;
105             }
106
107             if(service == null){
108                 loginOK = false;
109                 throw new JCaptchaLoginException(" JCaptcha service is null: it has not been properly initialized ");
110             }
111         } catch (IOException JavaDoc e) {
112             loginOK = false;
113             throw new JCaptchaLoginException(e.getMessage());
114         } catch (UnsupportedCallbackException JavaDoc e) {
115             loginOK = false;
116             throw new JCaptchaLoginException(e.getMessage());
117         }
118         Boolean JavaDoc valid = null;
119         try{
120          valid = service.validateResponseForID(sessionID,captchaAnswer);
121         }catch(CaptchaServiceException e){
122             logger.log(Level.WARNING,e.getMessage());
123             loginOK = false;
124             throw new JCaptchaLoginException(" an error has occured in CAPTCHA validation ");
125         }
126
127         if(valid.booleanValue()==false){
128             loginOK = false;
129              throw new JCaptchaLoginException(" invalid JCaptcha Answer ");
130         }
131         return true;
132     }
133
134     public boolean commit() throws LoginException JavaDoc {
135         if(loginOK){
136             return true;
137         }else{
138             return false;
139         }
140     }
141
142     public boolean abort() throws LoginException JavaDoc {
143         return true;
144     }
145
146     public boolean logout() throws LoginException JavaDoc {
147         return true;
148     }
149
150 }
151
Popular Tags