1 /**
2 *
3 * Copyright 2005 The Apache Software Foundation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17 package org.apache.geronimo.security.jaas;
18
19 import java.io.IOException;
20 import java.util.Map;
21 import java.util.Set;
22 import javax.security.auth.DestroyFailedException;
23 import javax.security.auth.Subject;
24 import javax.security.auth.callback.Callback;
25 import javax.security.auth.callback.CallbackHandler;
26 import javax.security.auth.callback.NameCallback;
27 import javax.security.auth.callback.PasswordCallback;
28 import javax.security.auth.callback.UnsupportedCallbackException;
29 import javax.security.auth.login.LoginException;
30 import javax.security.auth.spi.LoginModule;
31
32
33 /**
34 * Inserts named Username/Password credential into private credentials of Subject.
35 * <p/>
36 * If either the username or password is not passed in the callback handler,
37 * then the credential is not placed into the Subject.
38 *
39 * @version $Revision: 355877 $ $Date: 2005-12-10 18:48:27 -0800 (Sat, 10 Dec 2005) $
40 */
41 public class NamedUPCredentialLoginModule implements LoginModule {
42
43 public static final String CREDENTIAL_NAME = "org.apache.geronimo.jaas.NamedUPCredentialLoginModule.Name";
44
45 private String name;
46 private Subject subject;
47 private CallbackHandler callbackHandler;
48 private NamedUsernamePasswordCredential nupCredential;
49
50 public boolean abort() throws LoginException {
51
52 return logout();
53 }
54
55 public boolean commit() throws LoginException {
56
57 if (subject.isReadOnly()) {
58 throw new LoginException("Subject is ReadOnly");
59 }
60
61 Set pvtCreds = subject.getPrivateCredentials();
62 if (nupCredential != null && !pvtCreds.contains(nupCredential)) {
63 pvtCreds.add(nupCredential);
64 }
65
66 return true;
67 }
68
69 public boolean login() throws LoginException {
70
71 Callback[] callbacks = new Callback[2];
72
73 callbacks[0] = new NameCallback("User name");
74 callbacks[1] = new PasswordCallback("Password", false);
75 try {
76 callbackHandler.handle(callbacks);
77 } catch (IOException ioe) {
78 throw (LoginException) new LoginException().initCause(ioe);
79 } catch (UnsupportedCallbackException uce) {
80 throw (LoginException) new LoginException().initCause(uce);
81 }
82
83 String username = ((NameCallback) callbacks[0]).getName();
84 char[] password = ((PasswordCallback) callbacks[1]).getPassword();
85
86 if (username == null || password == null) return true;
87
88 nupCredential = new NamedUsernamePasswordCredential(username, password, name);
89
90 return true;
91 }
92
93 public boolean logout() throws LoginException {
94
95 if (nupCredential == null) return true;
96
97 Set pvtCreds = subject.getPrivateCredentials(NamedUsernamePasswordCredential.class);
98 if (pvtCreds.contains(nupCredential)) {
99 pvtCreds.remove(nupCredential);
100 }
101
102 try {
103 nupCredential.destroy();
104 } catch (DestroyFailedException e) {
105
106 }
107 nupCredential = null;
108
109 return true;
110 }
111
112 public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
113
114 this.subject = subject;
115 this.callbackHandler = callbackHandler;
116 this.name = (String) options.get(CREDENTIAL_NAME);
117 }
118 }