KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > ext > authentication > loginmodules > XmlLoginModule


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name$
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */
28 package net.sf.jguard.ext.authentication.loginmodules;
29
30 import java.util.HashMap JavaDoc;
31 import java.util.Iterator JavaDoc;
32 import java.util.Map JavaDoc;
33 import java.util.Set JavaDoc;
34 import java.util.logging.Level JavaDoc;
35 import java.util.logging.Logger JavaDoc;
36
37 import javax.security.auth.Subject JavaDoc;
38 import javax.security.auth.callback.CallbackHandler JavaDoc;
39 import javax.security.auth.login.FailedLoginException JavaDoc;
40 import javax.security.auth.login.LoginException JavaDoc;
41 import javax.security.auth.spi.LoginModule JavaDoc;
42
43 import net.sf.jguard.core.CoreConstants;
44 import net.sf.jguard.core.authentication.credentials.JGuardCredential;
45 import net.sf.jguard.ext.authentication.AuthenticationException;
46 import net.sf.jguard.ext.authentication.manager.AuthenticationManagerFactory;
47 import net.sf.jguard.ext.authentication.manager.XmlAuthenticationManager;
48
49
50 /**
51  * LoginModule configured by the <i>jGuardUsersPrincipals</i> XML file.<br>
52  * In webapp environement using JGuardConfiguration, the AuthenticationManager related to the LoginModule is created by AccessFilter.<br>
53  * In non-JGuardConfiguration environement, the LoginModule must create its AuthenticationManager, and applicationName
54  * is required for this creation.<br>
55  * In order to retreive the application name, XmlLoginModule uses the following ways :
56  * <ul>
57  * <li>trough vm arg : <code>net.sf.jguard.application.name</code> VM arg</li>
58  * <li>trough vm arg : <code>com.sun.management.jmxremote.login.config</code>
59  * if you have already defined this property because you use JMX.
60  * Do not set application name through this property if you are not using JMX !</li>
61  * </ul>
62  * If no applicationName is explicitly passed to the application, default application name "other" is used.
63  * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
64  * @see LoginModule
65  */
66 public class XmlLoginModule extends UserLoginModule implements LoginModule JavaDoc{
67
68
69     private static final String JavaDoc LOGIN_ERROR = "login.error";
70     private static final String JavaDoc PASSWORD = "password";
71     private static final String JavaDoc LOGIN = "login";
72
73     /** Logger for this class */
74     private static final Logger JavaDoc logger = Logger.getLogger(XmlLoginModule.class.getName());
75
76     private Set JavaDoc users;
77     private Set JavaDoc globalPrincipals;
78     private Set JavaDoc globalPrivateCredentials;
79     private Set JavaDoc globalPublicCredentials;
80     
81
82
83     /**
84      * initialize the loginModule.
85      * @param subj
86      * @param cbkHandler
87      * @param sState
88      * @param opts
89      */
90     public void initialize(Subject JavaDoc subj,CallbackHandler JavaDoc cbkHandler,Map JavaDoc sState,Map JavaDoc opts) {
91         super.initialize(subj,cbkHandler,sState,opts);
92
93         if (AuthenticationManagerFactory.getAuthenticationManager() == null){
94
95             Map JavaDoc newOpts = new HashMap JavaDoc();
96             newOpts.putAll(opts);
97
98             if (opts.get(CoreConstants.APPLICATION_NAME) != null){
99                 // use XmlLoginModule options
100 newOpts.put(CoreConstants.APPLICATION_NAME, opts.get(CoreConstants.APPLICATION_NAME));
101
102             }else{
103                 String JavaDoc appNameProp = System.getProperty("net.sf.jguard.application.name");
104
105                 if (appNameProp != null){
106                     // use system property net.sf.jguard.application.name
107 newOpts.put(CoreConstants.APPLICATION_NAME, appNameProp);
108
109                 }else{
110                     String JavaDoc appNameJMXProp = System.getProperty("com.sun.management.jmxremote.login.config");
111
112                     if (appNameJMXProp != null){
113                         logger.warning("Using JMX config for application name! " +
114                                 "If you're not running JMX, prefer XmlLoginModule options or net.sf.jguard.applicationName vmarg");
115                         newOpts.put(CoreConstants.APPLICATION_NAME, appNameJMXProp);
116
117                     }else{
118                         //use default applicationName
119 newOpts.put(CoreConstants.APPLICATION_NAME, CoreConstants.DEFAULT_APPLICATION_NAME);
120                     }
121                 }
122             }
123
124             try {
125                 AuthenticationManagerFactory.createAuthenticationManager(XmlAuthenticationManager.class.getName(), newOpts);
126             } catch (AuthenticationException e) {
127                 logger.log(Level.SEVERE, " initialize ", e);
128             }
129         }
130         try {
131             users = AuthenticationManagerFactory.getAuthenticationManager().getUsers();
132         } catch (AuthenticationException e) {
133             logger.log(Level.SEVERE, " initialize ", e);
134         }
135     }
136
137     /**
138      * Authenticate the user.
139      * @return true if the user is authenticated, false otherwise.
140      * @exception FailedLoginException authentication fails
141      * @exception LoginException if this <code>LoginModule</code> is unable to perform the authentication.
142      */
143     public boolean login() throws LoginException JavaDoc{
144             super.login();
145
146             JGuardCredential loginCredential = new JGuardCredential();
147             loginCredential.setId(XmlLoginModule.LOGIN);
148             loginCredential.setValue(login);
149
150             JGuardCredential passwordCredential = new JGuardCredential();
151             passwordCredential.setId(XmlLoginModule.PASSWORD);
152             passwordCredential.setValue(new String JavaDoc(password));
153
154             Subject JavaDoc user;
155             Iterator JavaDoc it = users.iterator();
156             boolean authenticationSucceed = false;
157             
158             while(it.hasNext()){
159                 user = (Subject JavaDoc)it.next();
160                 Set JavaDoc privateCredentialsTemp = user.getPrivateCredentials();
161                 if(privateCredentialsTemp.contains(loginCredential)){
162                     if((password!=null && privateCredentialsTemp.contains(passwordCredential))
163                        ||skipPasswordCheck){
164
165                         //authentication succeed because one user has got cred1 and cred2
166 globalPrincipals = user.getPrincipals();
167                         globalPrivateCredentials = user.getPrivateCredentials();
168                         globalPublicCredentials = user.getPublicCredentials();
169                         authenticationSucceed = true;
170                     }
171                   break;
172                 }
173             }
174
175             if(authenticationSucceed==false){
176                 loginOK = false;
177                 throw new FailedLoginException JavaDoc(XmlLoginModule.LOGIN_ERROR);
178             }
179
180         return true;
181     }
182
183
184     /**
185      * add Principals and Public/Private credentials to Subject.
186      * @see javax.security.auth.spi.LoginModule#commit()
187      */
188     public boolean commit() throws LoginException JavaDoc {
189         if(!loginOK){
190             return false;
191         }
192         Set JavaDoc principals = subject.getPrincipals();
193         if(globalPrincipals!=null){
194          principals.addAll(globalPrincipals);
195         }
196         Set JavaDoc privCredentials = subject.getPrivateCredentials();
197         if(globalPrivateCredentials!=null){
198          privCredentials.addAll(globalPrivateCredentials);
199         }
200         Set JavaDoc pubCredentials = subject.getPublicCredentials();
201         if(globalPublicCredentials!= null){
202          pubCredentials.addAll(globalPublicCredentials);
203         }
204         return true;
205     }
206
207
208 }
209
Popular Tags