1 17 package org.apache.geronimo.security.realm.providers; 18 19 import java.io.File ; 20 import java.io.FileOutputStream ; 21 import java.io.IOException ; 22 import java.io.PrintWriter ; 23 import java.nio.channels.FileChannel ; 24 import java.nio.channels.FileLock ; 25 import java.text.DateFormat ; 26 import java.text.SimpleDateFormat ; 27 import java.util.Date ; 28 import java.util.Map ; 29 import javax.security.auth.Subject ; 30 import javax.security.auth.callback.Callback ; 31 import javax.security.auth.callback.CallbackHandler ; 32 import javax.security.auth.callback.NameCallback ; 33 import javax.security.auth.login.LoginException ; 34 import javax.security.auth.spi.LoginModule ; 35 36 import org.apache.geronimo.security.jaas.JaasLoginModuleUse; 37 import org.apache.geronimo.system.serverinfo.ServerInfo; 38 39 52 public class FileAuditLoginModule implements LoginModule { 53 public static final String LOG_FILE_OPTION = "file"; 54 private final static DateFormat DATE_FORMAT = new SimpleDateFormat ("MM/dd/yyyy HH:mm:ss"); 55 private File logFile; 56 private CallbackHandler handler; 57 private String username; 58 59 public void initialize(Subject subject, CallbackHandler callbackHandler, 60 Map sharedState, Map options) { 61 String name = (String ) options.get(LOG_FILE_OPTION); 62 ServerInfo info = (ServerInfo) options.get(JaasLoginModuleUse.SERVERINFO_LM_OPTION); 63 logFile = info.resolve(name); 64 handler = callbackHandler; 65 } 66 67 public boolean login() throws LoginException { 68 NameCallback user = new NameCallback ("User name:"); 69 Callback [] callbacks = new Callback []{user}; 70 try { 71 handler.handle(callbacks); 72 } catch (Exception e) { 73 throw new LoginException ("Unable to process callback: "+e); 74 } 75 if(callbacks.length != 1) { 76 throw new IllegalStateException ("Number of callbacks changed by server!"); 77 } 78 user = (NameCallback ) callbacks[0]; 79 username = user.getName(); 80 writeToFile("Authentication attempt"); 81 82 return true; 83 } 84 85 private synchronized void writeToFile(String action) { 86 Date date = new Date (); 87 try { 88 FileOutputStream out = new FileOutputStream (logFile, true); 89 FileChannel channel = out.getChannel(); 90 FileLock lock = channel.lock(0, Long.MAX_VALUE, false); 91 PrintWriter writer = new PrintWriter (out, false); 92 writer.println(DATE_FORMAT.format(date)+" - "+action+" - "+username); 93 writer.flush(); 94 writer.close(); 95 if(lock.isValid()) { 96 lock.release(); 97 } 98 } catch (IOException e) { 99 throw new RuntimeException ("Unable to write to authentication log file", e); 100 } 101 } 102 103 public boolean commit() throws LoginException { 104 writeToFile("Authentication succeeded"); 105 return true; 106 } 107 108 public boolean abort() throws LoginException { 109 if(username != null) { writeToFile("Authentication failed"); 111 username = null; 112 } 113 return true; 114 } 115 116 public boolean logout() throws LoginException { 117 writeToFile("Explicit logout"); 118 username = null; 119 return true; 120 } 121 } 122 | Popular Tags |