001: package com.technoetic.xplanner.security.module.jaas;
002:
003: import java.security.Principal;
004: import java.util.*;
005: import javax.security.auth.Subject;
006: import javax.security.auth.login.FailedLoginException;
007: import javax.security.auth.login.LoginException;
008: import javax.servlet.http.HttpServletRequest;
009:
010: import org.apache.log4j.Logger;
011:
012: import com.technoetic.xplanner.security.AuthenticationException;
013: import com.technoetic.xplanner.security.LoginModule;
014: import com.technoetic.xplanner.security.module.LoginSupport;
015:
016: /**
017: * This is an unsupported JAAS login module adapter. It's provide as an
018: * example of a LoginModule implementation.
019: */
020: public class JaasLoginModuleAdapter implements LoginModule {
021: protected transient Logger log = Logger.getLogger(getClass());
022: private static final String USERID = "javax.security.auth.login.name";
023: private static final String PASSWORD = "javax.security.auth.login.password";
024:
025: private Class principalClass;
026: private Map options;
027: private String name;
028: private transient javax.security.auth.spi.LoginModule jaasLoginModule;
029: private transient LoginSupport loginSupport;
030:
031: public JaasLoginModuleAdapter(LoginSupport support) {
032: loginSupport = support;
033: }
034:
035: public JaasLoginModuleAdapter(LoginSupport support,
036: javax.security.auth.spi.LoginModule jaasLoginModule,
037: Class principalClass, Map options) {
038: this .options = options;
039: this .principalClass = principalClass;
040: this .jaasLoginModule = jaasLoginModule;
041: this .loginSupport = support;
042: }
043:
044: public void setOptions(Map options) {
045: this .options = options;
046: }
047:
048: public javax.security.auth.spi.LoginModule getJAASLoginModule() {
049: return jaasLoginModule;
050: }
051:
052: public Class getPrincipalClass() {
053: return principalClass;
054: }
055:
056: public Subject authenticate(String userId, String password)
057: throws AuthenticationException {
058: log.debug(ATTEMPTING_TO_AUTHENTICATE + this .getName() + " ("
059: + userId + ")");
060: Subject subject = loginSupport.createSubject();
061: Map sharedState = new HashMap();
062: sharedState.put(USERID, userId);
063: sharedState.put(PASSWORD, password.toCharArray());
064: jaasLoginModule.initialize(subject,
065: new UserIdAndPasswordCallbackHandler(userId, password),
066: sharedState, options);
067: try {
068: if (jaasLoginModule.login()) {
069: jaasLoginModule.commit();
070: } else {
071: throw new AuthenticationException(
072: MESSAGE_AUTHENTICATION_FAILED_KEY);
073: }
074: } catch (FailedLoginException e) {
075: throw new AuthenticationException(
076: MESSAGE_AUTHENTICATION_FAILED_KEY);
077: } catch (LoginException e) {
078: log.error("login error", e);
079: throw new AuthenticationException(MESSAGE_SERVER_ERROR_KEY);
080: }
081: Set principals = subject.getPrincipals(getPrincipalClass());
082: Iterator principalIterator = principals.iterator();
083: if (principalIterator.hasNext()) {
084: Principal jaasUserPrincipal = (Principal) principalIterator
085: .next();
086: loginSupport.populateSubjectPrincipalFromDatabase(subject,
087: jaasUserPrincipal.getName());
088: }
089: log.debug(AUTHENTICATION_SUCCESFULL + this .getName());
090: return subject;
091: }
092:
093: public boolean isCapableOfChangingPasswords() {
094: return false;
095: }
096:
097: public void changePassword(String userId, String password)
098: throws AuthenticationException {
099: throw new UnsupportedOperationException(
100: "changePassword not supported");
101: }
102:
103: public void logout(HttpServletRequest request)
104: throws AuthenticationException {
105: request.getSession().invalidate();
106: }
107:
108: public String getName() {
109: return name;
110: }
111:
112: public void setName(String name) {
113: this .name = name;
114: }
115:
116: public void setLoginSupport(LoginSupport loginSupport) {
117: this.loginSupport = loginSupport;
118: }
119:
120: }
|