001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017
018 package org.apache.geronimo.security.realm.providers;
019
020 import java.util.Map;
021 import javax.security.auth.Subject;
022 import javax.security.auth.callback.Callback;
023 import javax.security.auth.callback.CallbackHandler;
024 import javax.security.auth.callback.NameCallback;
025 import javax.security.auth.callback.PasswordCallback;
026 import javax.security.auth.callback.UnsupportedCallbackException;
027 import javax.security.auth.login.LoginException;
028 import javax.security.auth.spi.LoginModule;
029
030
031 /**
032 * GeronimoPasswordCredentialLoginModule stores the user name and password in a GeronimoPasswordCredential.
033 * This allows an application to retrieve the subject through jacc or the geronimo specific ContextManager and
034 * find out what the password was. I can't think of any other reason to use it right now.
035 *
036 * This login module does not check credentials so it should never be able to cause a login to succeed.
037 * Therefore the lifecycle methods must return false to indicate success or throw a LoginException to indicate failure.
038 *
039 * @version $Rev: 565912 $ $Date: 2007-08-14 17:03:11 -0400 (Tue, 14 Aug 2007) $
040 */
041 public class GeronimoPasswordCredentialLoginModule implements LoginModule {
042
043 private Subject subject;
044 private CallbackHandler callbackHandler;
045
046 private GeronimoPasswordCredential geronimoPasswordCredential;
047
048 public void initialize(Subject subject, CallbackHandler callbackHandler,
049 Map sharedState, Map options) {
050 this.subject = subject;
051 this.callbackHandler = callbackHandler;
052 }
053
054 public boolean login() throws LoginException {
055 Callback[] callbacks = new Callback[2];
056 callbacks[0] = new NameCallback("name");
057 callbacks[1] = new PasswordCallback("password", false);
058 try {
059 callbackHandler.handle(callbacks);
060 } catch (java.io.IOException e) {
061 throw (LoginException) new LoginException("Could not determine username and password").initCause(e);
062 } catch (UnsupportedCallbackException e) {
063 throw (LoginException) new LoginException("Unlikely UnsupportedCallbackException").initCause(e);
064 }
065 geronimoPasswordCredential = new GeronimoPasswordCredential(((NameCallback) callbacks[0]).getName(),
066 ((PasswordCallback) callbacks[1]).getPassword());
067 return false;
068 }
069
070 public boolean commit() throws LoginException {
071 subject.getPrivateCredentials().add(geronimoPasswordCredential);
072 return false;
073 }
074
075 public boolean abort() throws LoginException {
076 geronimoPasswordCredential = null;
077 return false;
078 }
079
080 public boolean logout() throws LoginException {
081 geronimoPasswordCredential = null;
082 return false;
083 }
084 }