KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > security > auth > spi > XMLLoginModule


1 /*
2  * JBoss, the OpenSource WebOS
3  *
4  * Distributable under LGPL license.
5  * See terms of license at gnu.org.
6  */
7 package org.jboss.security.auth.spi;
8
9 import java.security.acl.Group JavaDoc;
10 import java.util.Map JavaDoc;
11 import javax.security.auth.Subject JavaDoc;
12 import javax.security.auth.callback.CallbackHandler JavaDoc;
13 import javax.security.auth.login.LoginException JavaDoc;
14
15 /** A login module that obtains its security information directly from its
16  login module options. The name of the login module comes from the use of
17  the login-config.xml descriptor which allows the user/roles content to be
18  embedded directly in the login module configuration. The following
19  login-config.xml fragment illustrates an example:
20
21  <?xml version="1.0" encoding="UTF-8"?>
22  <policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
23     xmlns="http://www.jboss.org/j2ee/schema/jaas"
24     targetNamespace="http://www.jboss.org/j2ee/schema/jaas"
25     >
26 ...
27     <application-policy name="test-xml-config">
28        <authentication>
29           <login-module code="org.jboss.security.auth.spi.XMLLoginModule" flag="required">
30              <module-option name="userInfo">
31                 <lm:users xmlns:lm="http://jboss.org/schemas/XMLLoginModule">
32                    <lm:user name="jduke" password="theduke">
33                       <lm:role name="TheDuke"/>
34                       <lm:role name="AnimatedCharacter"/>
35                    </lm:user>
36                    <lm:user name="javaduke" password="anotherduke">
37                       <lm:role name="TheDuke2"/>
38                       <lm:role name="AnimatedCharacter2"/>
39                       <lm:role name="Java Duke" group="CallerPrincipal" />
40                    </lm:user>
41                 </lm:users>
42              </module-option>
43              <module-option name="unauthenticatedIdentity">guest</module-option>
44           </login-module>
45        </authentication>
46     </application-policy>
47  </policy>
48
49  @author Scott.Stark@jboss.org
50  @version $Revision: 1.2 $
51  */
52 public class XMLLoginModule extends UsernamePasswordLoginModule
53 {
54    /** The name of the properties resource containing user/passwords */
55    private Users users;
56
57    /** Initialize this LoginModule.
58     *@param options - the login module option map. Supported options include:
59     *userInfo: The name of the properties resource containing
60     user/passwords. The default is "users.properties"
61     */
62    public void initialize(Subject JavaDoc subject, CallbackHandler JavaDoc callbackHandler,
63       Map JavaDoc sharedState, Map JavaDoc options)
64    {
65       super.initialize(subject, callbackHandler, sharedState, options);
66       try
67       {
68          users = (Users) options.get("userInfo");
69       }
70       catch (Exception JavaDoc e)
71       {
72          // Note that although this exception isn't passed on, users or roles will be null
73 // so that any call to login will throw a LoginException.
74 super.log.error("Failed to load users/passwords/role files", e);
75       }
76    }
77
78    /** Method to authenticate a Subject (phase 1). This validates that the
79     *users and roles properties files were loaded and then calls
80     *super.login to perform the validation of the password.
81     *@exception javax.security.auth.login.LoginException thrown if the users or roles properties files
82     *were not found or the super.login method fails.
83     */
84    public boolean login() throws LoginException JavaDoc
85    {
86       if (users == null)
87          throw new LoginException JavaDoc("Missing usersInfo user/role mapping");
88
89       return super.login();
90    }
91
92    /** Obtain the various groups of roles for the user
93     @return Group[] containing the sets of roles
94     */
95    protected Group JavaDoc[] getRoleSets() throws LoginException JavaDoc
96    {
97       String JavaDoc targetUser = getUsername();
98       Users.User user = users.getUser(targetUser);
99       Group JavaDoc[] roleSets = {};
100       if( user != null )
101          roleSets = user.getRoleSets();
102       
103       return roleSets;
104    }
105
106    protected String JavaDoc getUsersPassword()
107    {
108       String JavaDoc username = getUsername();
109       Users.User user = users.getUser(username);
110       String JavaDoc password = null;
111       if (user != null)
112       {
113          password = user.getPassword();
114       }
115
116       return password;
117    }
118
119 }
120
Popular Tags