KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > cjdbc > controller > authentication > PasswordAuthenticator


1 /**
2  * C-JDBC: Clustered JDBC.
3  * Copyright (C) 2002-2004 French National Institute For Research In Computer
4  * Science And Control (INRIA).
5  * Contact: c-jdbc@objectweb.org
6  *
7  * This library is free software; you can redistribute it and/or modify it
8  * under the terms of the GNU Lesser General Public License as published by the
9  * Free Software Foundation; either version 2.1 of the License, or any later
10  * version.
11  *
12  * This library is distributed in the hope that it will be useful, but WITHOUT
13  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
15  * for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public License
18  * along with this library; if not, write to the Free Software Foundation,
19  * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
20  *
21  * Initial developer(s): Marc Wick.
22  * Contributor(s): ______________________.
23  */
24
25 package org.objectweb.cjdbc.controller.authentication;
26
27 import javax.management.remote.JMXAuthenticator JavaDoc;
28 import javax.security.auth.Subject JavaDoc;
29
30 import org.objectweb.cjdbc.common.log.Trace;
31
32 /**
33  * This class defines a PasswordAuthenticator
34  *
35  * @author <a HREF="mailto:marc.wick@monte-bre.ch">Marc Wick </a>
36  * @version 1.0
37  */
38 public class PasswordAuthenticator implements JMXAuthenticator JavaDoc
39
40 {
41
42   /**
43    * to enable subject delegation we use a dummy authentication even if none is
44    * configured
45    */
46   public static final PasswordAuthenticator NO_AUTHENICATION = new PasswordAuthenticator(
47                                                                  null, null);
48
49   static Trace logger = Trace
50                                                                  .getLogger("org.objectweb.cjdbc.controller.authentication");
51
52   private String JavaDoc username;
53   private String JavaDoc password;
54
55   /**
56    * Creates a new <code>PasswordAuthenticator.java</code> object
57    *
58    * @param username username/loginname
59    * @param password password
60    */
61   public PasswordAuthenticator(String JavaDoc username, String JavaDoc password)
62   {
63     this.username = username;
64     this.password = password;
65   }
66
67   /**
68    * create a credentials object with the supplied username and password
69    *
70    * @param username username
71    * @param password password
72    * @return credentials Object to be used for authentication,
73    */
74   public static Object JavaDoc createCredentials(String JavaDoc username, String JavaDoc password)
75   {
76     return new String JavaDoc[]{username, password};
77   }
78
79   /**
80    * @see javax.management.remote.JMXAuthenticator#authenticate(java.lang.Object)
81    */
82   public Subject JavaDoc authenticate(Object JavaDoc credentials) throws SecurityException JavaDoc
83   {
84     try
85     {
86       if (username == null && password == null)
87       {
88         // no authentication is required we return
89 return new Subject JavaDoc();
90       }
91
92       if (credentials == null)
93       {
94         throw new SecurityException JavaDoc("credentials are required");
95       }
96
97       try
98       {
99         String JavaDoc[] credentialsArray = (String JavaDoc[]) credentials;
100         if (username.equals(credentialsArray[0])
101             && password.equals(credentialsArray[1]))
102         {
103           // username and password are ok
104 if (logger.isDebugEnabled())
105           {
106             logger.debug("successfully authenitcated ");
107           }
108           return new Subject JavaDoc();
109         }
110       }
111       catch (Exception JavaDoc e)
112       {
113         // the credentials object makes problems, is was probably not created
114 // with the createCredentials method
115 throw new SecurityException JavaDoc("problems with credentials object : "
116             + e.getMessage());
117       }
118
119       // username and password do not match
120 throw new SecurityException JavaDoc("invalid credentials");
121     }
122     catch (SecurityException JavaDoc e)
123     {
124       logger.error(e.getMessage());
125       try
126       {
127         String JavaDoc clientId = java.rmi.server.RemoteServer.getClientHost();
128         logger.warn("refused unauthorized access for client " + clientId);
129       }
130       catch (Exception JavaDoc ex)
131       {
132
133       }
134       throw e;
135     }
136   }
137 }
138
Popular Tags