1 17 18 package org.sape.carbon.services.security.auth.jaas; 19 20 import java.io.IOException ; 21 import java.security.Principal ; 22 import java.util.HashSet ; 23 import java.util.Map ; 24 import java.util.Set ; 25 26 import javax.security.auth.Subject ; 27 import javax.security.auth.callback.Callback ; 28 import javax.security.auth.callback.CallbackHandler ; 29 import javax.security.auth.callback.NameCallback ; 30 import javax.security.auth.callback.PasswordCallback ; 31 import javax.security.auth.callback.UnsupportedCallbackException ; 32 import javax.security.auth.login.LoginException ; 33 import javax.security.auth.spi.LoginModule ; 34 35 import org.sape.carbon.core.component.Lookup; 36 import org.sape.carbon.core.exception.ExceptionUtility; 37 38 import org.sape.carbon.services.security.management.SecurityManagementDataStoreException; 39 import org.sape.carbon.services.security.management.UnknownPrincipalException; 40 import org.sape.carbon.services.security.management.UserManager; 41 42 58 public class JaasCarbonLoginModule implements LoginModule { 59 64 public static final String USERMANAGER_COMPONENT_KEY = 65 "USERMANAGER_COMPONENT_KEY"; 66 67 68 protected UserManager userManager; 69 70 71 protected Subject subject; 72 73 74 protected CallbackHandler callbackHandler; 75 76 77 protected boolean authenticated = false; 78 79 80 protected boolean principalsInSubject; 81 82 83 protected Set principalsForSubject = new HashSet (); 84 85 97 public void initialize( 98 Subject subject, CallbackHandler callbackHandler, Map sharedState, 99 Map options) { 100 this.subject = subject; 102 this.callbackHandler = callbackHandler; 103 this.userManager = 104 (UserManager) Lookup.getInstance().fetchComponent( 105 (String ) options.get( 106 JaasCarbonLoginModule.USERMANAGER_COMPONENT_KEY)); 107 } 108 109 116 public boolean login() throws LoginException { 117 Callback [] callbacks = buildCallbacks(); 118 executeCallbacks(callbacks); 119 120 String username = getUsername(callbacks); 121 Object credential = getCredential(callbacks); 122 123 try { 124 authenticated = userManager.authenticate(username, credential); 125 } catch (SecurityManagementDataStoreException smdse) { 126 throw new LoginException ( 127 "Caught SecurityManagementDataStoreException authenticating " + 128 "user: " + ExceptionUtility.printStackTracesToString(smdse)); 129 } 130 131 if (authenticated) { 132 addMainPrincipal(username); 133 addContainingGroups(username); 134 } 135 136 return authenticated; 137 } 138 139 150 public boolean commit() throws LoginException { 151 boolean result = false; 152 153 if (authenticated) { 154 subject.getPrincipals().addAll(principalsForSubject); 155 principalsInSubject = true; 156 result = true; 157 } 158 159 return result; 160 } 161 162 173 public boolean abort() throws LoginException { 174 if (principalsInSubject) { 175 subject.getPrincipals().removeAll(principalsForSubject); 176 principalsInSubject = false; 177 } 178 179 return true; 180 } 181 182 189 public boolean logout() throws LoginException { 190 return true; 191 } 192 193 206 protected Callback [] buildCallbacks() throws LoginException { 207 if (callbackHandler == null) { 208 throw new LoginException ("No CallbackHandler Specified"); 209 } 210 211 Callback [] callbacks = new Callback [2]; 212 213 callbacks[0] = new NameCallback (getUsernamePrompt()); 215 216 callbacks[1] = new PasswordCallback (getCredentialPrompt(), false); 218 219 return callbacks; 220 } 221 222 229 protected void executeCallbacks(Callback [] callbacks) 230 throws LoginException { 231 try { 237 callbackHandler.handle(callbacks); 238 } catch (IOException ioe) { 239 throw new LoginException ( 240 "Error communicating with the user when executing callbacks. " 241 + "Caused by [" 242 + ExceptionUtility.printStackTracesToString(ioe) 243 + "]"); 244 245 } catch (UnsupportedCallbackException uce) { 246 throw new LoginException ( 247 "Error executing unsupported callback. " 248 + "Caused by [" 249 + ExceptionUtility.printStackTracesToString(uce) 250 + "]"); 251 252 } 253 254 } 255 256 267 protected String getUsername(Callback [] callbacks) { 268 String username = null; 269 270 for (int i = 0; (i < callbacks.length) && (username == null); 273 i++) { 274 if (callbacks[i] instanceof NameCallback ) { 275 username = ((NameCallback ) callbacks[i]).getName(); 276 } 277 } 278 279 return username; 280 } 281 282 294 protected Object getCredential(Callback [] callbacks) { 295 char[] passwordArray = null; 296 String password = null; 297 298 for (int i = 0; (i < callbacks.length) && (passwordArray == null); 301 i++) { 302 if (callbacks[i] instanceof PasswordCallback ) { 303 passwordArray = 304 ((PasswordCallback ) callbacks[i]).getPassword(); 305 } 306 } 307 308 if (passwordArray != null) { 309 password = new String (passwordArray); 310 } 311 312 return password; 313 } 314 315 326 protected void addMainPrincipal(String username) throws LoginException { 327 try { 328 principalsForSubject.add(userManager.retreiveUser(username)); 329 } catch (SecurityManagementDataStoreException smdse) { 330 throw new LoginException ( 331 "Caught SecurityManagementDataStoreException retrieving user: " + 332 ExceptionUtility.printStackTracesToString(smdse)); 333 } 334 } 335 336 348 protected void addContainingGroups(String username) 349 throws LoginException { 350 351 try { 352 Principal user = userManager.retreiveUser(username); 353 354 principalsForSubject.addAll(userManager.retreiveGroups(user)); 355 } catch (SecurityManagementDataStoreException smdse) { 356 throw new LoginException ( 357 "Caught SecurityManagementDataStoreException retrieving user or groups: " + 358 ExceptionUtility.printStackTracesToString(smdse)); 359 } catch (UnknownPrincipalException upe) { 360 throw new LoginException ( 361 "Error retreving groups for unknown user. " 362 + "Caused by [" 363 + ExceptionUtility.printStackTracesToString(upe) 364 + "]"); 365 } 366 } 367 368 375 protected String getUsernamePrompt() { 376 return "username: "; 377 } 378 379 386 protected String getCredentialPrompt() { 387 return "password: "; 388 } 389 } 390 | Popular Tags |