001 /**
002 *
003 * Copyright 2005 The Apache Software Foundation
004 *
005 * Licensed under the Apache License, Version 2.0 (the "License");
006 * you may not use this file except in compliance with the License.
007 * You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017 package org.apache.geronimo.security.jaas;
018
019 import java.io.IOException;
020 import java.util.Map;
021 import java.util.Set;
022 import javax.security.auth.Subject;
023 import javax.security.auth.DestroyFailedException;
024 import javax.security.auth.callback.Callback;
025 import javax.security.auth.callback.CallbackHandler;
026 import javax.security.auth.callback.NameCallback;
027 import javax.security.auth.callback.PasswordCallback;
028 import javax.security.auth.callback.UnsupportedCallbackException;
029 import javax.security.auth.login.LoginException;
030 import javax.security.auth.spi.LoginModule;
031
032
033 /**
034 * Inserts Username/Password credential into private credentials of Subject.
035 * <p/>
036 * If either the username or password is not passed in the callback handler,
037 * then the credential is not placed into the Subject.
038 *
039 * @version $Revision: 355877 $ $Date: 2005-12-10 18:48:27 -0800 (Sat, 10 Dec 2005) $
040 */
041 public class UPCredentialLoginModule implements LoginModule {
042
043 private Subject subject;
044 private CallbackHandler callbackHandler;
045 private UsernamePasswordCredential upCredential;
046
047 public boolean abort() throws LoginException {
048
049 return logout();
050 }
051
052 public boolean commit() throws LoginException {
053
054 if (subject.isReadOnly()) {
055 throw new LoginException("Subject is ReadOnly");
056 }
057
058 Set pvtCreds = subject.getPrivateCredentials();
059 if (upCredential != null && !pvtCreds.contains(upCredential)) {
060 pvtCreds.add(upCredential);
061 }
062
063 return true;
064 }
065
066 public boolean login() throws LoginException {
067
068 Callback[] callbacks = new Callback[2];
069
070 callbacks[0] = new NameCallback("User name");
071 callbacks[1] = new PasswordCallback("Password", false);
072 try {
073 callbackHandler.handle(callbacks);
074 } catch (IOException ioe) {
075 throw (LoginException) new LoginException().initCause(ioe);
076 } catch (UnsupportedCallbackException uce) {
077 throw (LoginException) new LoginException().initCause(uce);
078 }
079
080 String username = ((NameCallback) callbacks[0]).getName();
081 char[] password = ((PasswordCallback) callbacks[1]).getPassword();
082
083 if (username == null || password == null) return true;
084
085 upCredential = new UsernamePasswordCredential(username, password);
086
087 return true;
088 }
089
090 public boolean logout() throws LoginException {
091
092 if (upCredential == null) return true;
093
094 Set pvtCreds = subject.getPrivateCredentials(UsernamePasswordCredential.class);
095 if (pvtCreds.contains(upCredential)) {
096 pvtCreds.remove(upCredential);
097 }
098
099 try {
100 upCredential.destroy();
101 } catch (DestroyFailedException e) {
102 // do nothing
103 }
104 upCredential = null;
105
106 return true;
107 }
108
109 public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
110
111 this.subject = subject;
112 this.callbackHandler = callbackHandler;
113 }
114 }