KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jbpm > identity > security > IdentityLoginModule


1 package org.jbpm.identity.security;
2
3 import java.util.*;
4 import javax.security.auth.*;
5 import javax.security.auth.callback.*;
6 import javax.security.auth.login.*;
7 import javax.security.auth.spi.*;
8 import org.jbpm.identity.*;
9
10 /**
11  * jaas login module that, in case of successfull verification, adds the
12  * {@link org.jbpm.identity.User} as a principal to the subject. In case
13  * of successfull verification, the {@link Username} and {@link Password}
14  * will be associated as public and private credentials respectively.
15  */
16 public class IdentityLoginModule implements LoginModule {
17   
18   Subject subject = null;
19   CallbackHandler callbackHandler = null;
20   Map sharedState = null;
21   Map options = null;
22   
23   /**
24    * @inject
25    */
26   IdentityService identityService = null;
27   
28   Object JavaDoc validatedUserId = null;
29   String JavaDoc validatedPwd = null;
30
31   public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
32     this.subject = subject;
33     this.callbackHandler = callbackHandler;
34     this.sharedState = sharedState;
35     this.options = options;
36   }
37
38   public boolean login() throws LoginException {
39
40     // get userName and password
41 NameCallback nameCallback = new NameCallback(null);
42     PasswordCallback passwordCallback = new PasswordCallback(null,false);
43     try {
44       callbackHandler.handle(new Callback[]{nameCallback, passwordCallback});
45     } catch (Exception JavaDoc e) {
46       e.printStackTrace();
47       throw new LoginException("callback failed");
48     }
49     String JavaDoc userName = nameCallback.getName();
50     String JavaDoc pwd = new String JavaDoc(passwordCallback.getPassword());
51     
52     // validate the userName and password with the injected identity session
53 Object JavaDoc userId = identityService.verify(userName, pwd);
54
55     boolean success = (userId!=null);
56     // if userName matched the given password
57 if (success) {
58       // save the user id and the password in the
59 // private state of this loginmodule
60 validatedUserId = userId;
61       validatedPwd = pwd;
62     } else {
63       validatedUserId = null;
64       validatedPwd = null;
65     }
66
67     return success;
68   }
69
70   public boolean commit() throws LoginException {
71     
72     User user = identityService.getUserById(validatedUserId);
73     if (user==null) {
74       throw new LoginException("no user for validated user id '"+validatedUserId);
75     }
76     
77     // update the subject
78 subject.getPrincipals().add(user);
79     subject.getPrivateCredentials().add(new Username(user.getName()));
80     subject.getPrivateCredentials().add(new Password(validatedPwd));
81     
82     // and update the authenticated user
83 AuthenticatedUser.setAuthenticatedUser(user);
84
85     return true;
86   }
87
88   public boolean abort() throws LoginException {
89     return logout();
90   }
91
92   public boolean logout() throws LoginException {
93     if(subject!= null){
94       // TODO can we clear all or should this login module only clear the user it
95 // has added to the set of principals in the commit ?
96 subject.getPrincipals().clear();
97       subject.getPublicCredentials().clear();
98       subject.getPrivateCredentials().clear();
99     }
100
101     // and update the authenticated user
102 AuthenticatedUser.setAuthenticatedUser(null);
103     
104     callbackHandler = null;
105     sharedState = null;
106     options = null;
107     validatedUserId = null;
108     validatedPwd = null;
109     return true;
110   }
111 }
112
Popular Tags