001    /**
002     *  Licensed to the Apache Software Foundation (ASF) under one or more
003     *  contributor license agreements.  See the NOTICE file distributed with
004     *  this work for additional information regarding copyright ownership.
005     *  The ASF licenses this file to You under the Apache License, Version 2.0
006     *  (the "License"); you may not use this file except in compliance with
007     *  the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     *  Unless required by applicable law or agreed to in writing, software
012     *  distributed under the License is distributed on an "AS IS" BASIS,
013     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     *  See the License for the specific language governing permissions and
015     *  limitations under the License.
016     */
017    package org.apache.geronimo.security.jaas;
018    
019    import java.io.IOException;
020    import java.util.Map;
021    import java.util.Set;
022    import javax.security.auth.Subject;
023    import javax.security.auth.DestroyFailedException;
024    import javax.security.auth.callback.Callback;
025    import javax.security.auth.callback.CallbackHandler;
026    import javax.security.auth.callback.NameCallback;
027    import javax.security.auth.callback.PasswordCallback;
028    import javax.security.auth.callback.UnsupportedCallbackException;
029    import javax.security.auth.login.LoginException;
030    import javax.security.auth.spi.LoginModule;
031    
032    
033    /**
034     *
035     *
036     * Inserts Username/Password credential into private credentials of Subject.
037     * <p/>
038     * If either the username or password is not passed in the callback handler,
039     * then the credential is not placed into the Subject.
040     *
041     * This login module does not check credentials so it should never be able to cause a login to succeed.
042     * Therefore the lifecycle methods must return false to indicate success or throw a LoginException to indicate failure.
043     *
044     * @deprecated As of release 2.0.3
045     * @see org.apache.geronimo.security.realm.providers.GeronimoPasswordCredentialLoginModule
046     * 
047     * @version $Revision: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $
048     */
049    @Deprecated
050    public class UPCredentialLoginModule implements LoginModule {
051    
052        private Subject subject;
053        private CallbackHandler callbackHandler;
054        private UsernamePasswordCredential upCredential;
055    
056        public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
057    
058            this.subject = subject;
059            this.callbackHandler = callbackHandler;
060        }
061    
062        public boolean login() throws LoginException {
063    
064            Callback[] callbacks = new Callback[2];
065    
066            callbacks[0] = new NameCallback("User name");
067            callbacks[1] = new PasswordCallback("Password", false);
068            try {
069                callbackHandler.handle(callbacks);
070            } catch (IOException ioe) {
071                throw (LoginException) new LoginException().initCause(ioe);
072            } catch (UnsupportedCallbackException uce) {
073                throw (LoginException) new LoginException().initCause(uce);
074            }
075    
076            String username = ((NameCallback) callbacks[0]).getName();
077            char[] password = ((PasswordCallback) callbacks[1]).getPassword();
078    
079            if (username == null || password == null) return false;
080    
081            upCredential = new UsernamePasswordCredential(username, password);
082    
083            return false;
084        }
085    
086        public boolean commit() throws LoginException {
087    
088            if (subject.isReadOnly()) {
089                throw new LoginException("Subject is ReadOnly");
090            }
091    
092            Set pvtCreds = subject.getPrivateCredentials();
093            if (upCredential != null && !pvtCreds.contains(upCredential)) {
094                pvtCreds.add(upCredential);
095            }
096    
097            return false;
098        }
099    
100        public boolean abort() throws LoginException {
101    
102            return logout();
103        }
104    
105        public boolean logout() throws LoginException {
106    
107            if (upCredential == null) return true;
108    
109            Set pvtCreds = subject.getPrivateCredentials(UsernamePasswordCredential.class);
110            if (pvtCreds.contains(upCredential)) {
111                pvtCreds.remove(upCredential);
112            }
113    
114            try {
115                upCredential.destroy();
116            } catch (DestroyFailedException e) {
117                // do nothing
118            }
119            upCredential = null;
120    
121            return false;
122        }
123    
124    }