001 /*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied. See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019
020 package org.apache.geronimo.gshell.remote.server.auth;
021
022 import java.io.IOException;
023 import java.util.HashSet;
024 import java.util.Map;
025 import java.util.Set;
026
027 import javax.security.auth.Subject;
028 import javax.security.auth.callback.Callback;
029 import javax.security.auth.callback.CallbackHandler;
030 import javax.security.auth.callback.NameCallback;
031 import javax.security.auth.callback.PasswordCallback;
032 import javax.security.auth.callback.UnsupportedCallbackException;
033 import javax.security.auth.login.FailedLoginException;
034 import javax.security.auth.login.LoginException;
035 import javax.security.auth.spi.LoginModule;
036
037 import org.apache.geronimo.gshell.remote.jaas.UserPrincipal;
038 import org.slf4j.Logger;
039 import org.slf4j.LoggerFactory;
040
041 /**
042 * ???
043 *
044 * @version $Rev: 580729 $ $Date: 2007-09-30 07:31:37 -0700 (Sun, 30 Sep 2007) $
045 */
046 public class BogusLoginModule
047 implements LoginModule
048 {
049 private final Logger log = LoggerFactory.getLogger(getClass());
050
051 private Subject subject;
052
053 private CallbackHandler callbackHandler;
054
055 private Set<UserPrincipal> principals = new HashSet<UserPrincipal>();
056
057 private String username;
058
059 public void initialize(final Subject subject, final CallbackHandler callbackHandler, final Map<String, ?> sharedState, final Map<String, ?> options) {
060 this.subject = subject;
061 this.callbackHandler = callbackHandler;
062 }
063
064 private void reset() {
065 username = null;
066 }
067
068 public boolean login() throws LoginException {
069 // Process the username + password callbacks
070 Callback[] callbacks = {
071 new NameCallback("Username: "),
072 new PasswordCallback("Password: ", false)
073 };
074
075 try {
076 callbackHandler.handle(callbacks);
077 }
078 catch (IOException e) {
079 throw new LoginException(e.getMessage());
080 }
081 catch (UnsupportedCallbackException e) {
082 throw new LoginException(e.getMessage());
083 }
084
085 username = ((NameCallback)callbacks[0]).getName();
086 char[] passwd = ((PasswordCallback) callbacks[1]).getPassword();
087
088 if ("bogus".equals(username)) {
089 throw new FailedLoginException("Invalid username: " + username);
090 }
091 else if ("bogus".equals(new String(passwd))) {
092 throw new FailedLoginException("Invalid password");
093 }
094
095 return true;
096 }
097
098 public boolean commit() throws LoginException {
099 principals.add(new UserPrincipal(username));
100
101 subject.getPrincipals().addAll(principals);
102
103 reset();
104
105 return true;
106 }
107
108 public boolean abort() throws LoginException {
109 reset();
110
111 return true;
112 }
113
114 public boolean logout() throws LoginException {
115 subject.getPrincipals().removeAll(principals);
116
117 principals.clear();
118
119 reset();
120
121 return true;
122 }
123 }