KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > geronimo > security > realm > providers > FileAuditLoginModule


1 /**
2  * Licensed to the Apache Software Foundation (ASF) under one or more
3  * contributor license agreements. See the NOTICE file distributed with
4  * this work for additional information regarding copyright ownership.
5  * The ASF licenses this file to You under the Apache License, Version 2.0
6  * (the "License"); you may not use this file except in compliance with
7  * the License. You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17 package org.apache.geronimo.security.realm.providers;
18
19 import java.io.File JavaDoc;
20 import java.io.FileOutputStream JavaDoc;
21 import java.io.IOException JavaDoc;
22 import java.io.PrintWriter JavaDoc;
23 import java.nio.channels.FileChannel JavaDoc;
24 import java.nio.channels.FileLock JavaDoc;
25 import java.text.DateFormat JavaDoc;
26 import java.text.SimpleDateFormat JavaDoc;
27 import java.util.Date JavaDoc;
28 import java.util.Map JavaDoc;
29 import javax.security.auth.Subject JavaDoc;
30 import javax.security.auth.callback.Callback JavaDoc;
31 import javax.security.auth.callback.CallbackHandler JavaDoc;
32 import javax.security.auth.callback.NameCallback JavaDoc;
33 import javax.security.auth.login.LoginException JavaDoc;
34 import javax.security.auth.spi.LoginModule JavaDoc;
35
36 import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
37 import org.apache.geronimo.system.serverinfo.ServerInfo;
38
39 /**
40  * Writes audit records to a file for all authentication activity. Currently
41  * doesn't perform too well; perhaps the file management should be centralized
42  * and the IO objects kept open across many requests. It would also be nice
43  * to write in a more convenient XML format.
44  *
45  * This module does not write any Principals into the Subject.
46  *
47  * To enable this login module, set your primary login module to REQUIRED or
48  * OPTIONAL, and list this module after it (with any setting).
49  *
50  * @version $Rev: 476049 $ $Date: 2006-11-16 23:35:17 -0500 (Thu, 16 Nov 2006) $
51  */
52 public class FileAuditLoginModule implements LoginModule JavaDoc {
53     public static final String JavaDoc LOG_FILE_OPTION = "file";
54     private final static DateFormat JavaDoc DATE_FORMAT = new SimpleDateFormat JavaDoc("MM/dd/yyyy HH:mm:ss");
55     private File JavaDoc logFile;
56     private CallbackHandler JavaDoc handler;
57     private String JavaDoc username;
58
59     public void initialize(Subject JavaDoc subject, CallbackHandler JavaDoc callbackHandler,
60                            Map JavaDoc sharedState, Map JavaDoc options) {
61         String JavaDoc name = (String JavaDoc) options.get(LOG_FILE_OPTION);
62         ServerInfo info = (ServerInfo) options.get(JaasLoginModuleUse.SERVERINFO_LM_OPTION);
63         logFile = info.resolve(name);
64         handler = callbackHandler;
65     }
66
67     public boolean login() throws LoginException JavaDoc {
68         NameCallback JavaDoc user = new NameCallback JavaDoc("User name:");
69         Callback JavaDoc[] callbacks = new Callback JavaDoc[]{user};
70         try {
71             handler.handle(callbacks);
72         } catch (Exception JavaDoc e) {
73             throw new LoginException JavaDoc("Unable to process callback: "+e);
74         }
75         if(callbacks.length != 1) {
76             throw new IllegalStateException JavaDoc("Number of callbacks changed by server!");
77         }
78         user = (NameCallback JavaDoc) callbacks[0];
79         username = user.getName();
80         writeToFile("Authentication attempt");
81
82         return true;
83     }
84
85     private synchronized void writeToFile(String JavaDoc action) {
86         Date JavaDoc date = new Date JavaDoc();
87         try {
88             FileOutputStream JavaDoc out = new FileOutputStream JavaDoc(logFile, true);
89             FileChannel JavaDoc channel = out.getChannel();
90             FileLock JavaDoc lock = channel.lock(0, Long.MAX_VALUE, false);
91             PrintWriter JavaDoc writer = new PrintWriter JavaDoc(out, false);
92             writer.println(DATE_FORMAT.format(date)+" - "+action+" - "+username);
93             writer.flush();
94             writer.close();
95             if(lock.isValid()) {
96                 lock.release();
97             }
98         } catch (IOException JavaDoc e) {
99             throw new RuntimeException JavaDoc("Unable to write to authentication log file", e);
100         }
101     }
102
103     public boolean commit() throws LoginException JavaDoc {
104         writeToFile("Authentication succeeded");
105         return true;
106     }
107
108     public boolean abort() throws LoginException JavaDoc {
109         if(username != null) { //work around initial "fake" login
110 writeToFile("Authentication failed");
111             username = null;
112         }
113         return true;
114     }
115
116     public boolean logout() throws LoginException JavaDoc {
117         writeToFile("Explicit logout");
118         username = null;
119         return true;
120     }
121 }
122
Popular Tags