001: /**
002: * Sequoia: Database clustering technology.
003: * Copyright (C) 2002-2004 French National Institute For Research In Computer
004: * Science And Control (INRIA).
005: * Contact: sequoia@continuent.org
006: *
007: * Licensed under the Apache License, Version 2.0 (the "License");
008: * you may not use this file except in compliance with the License.
009: * You may obtain a copy of the License at
010: *
011: * http://www.apache.org/licenses/LICENSE-2.0
012: *
013: * Unless required by applicable law or agreed to in writing, software
014: * distributed under the License is distributed on an "AS IS" BASIS,
015: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
016: * See the License for the specific language governing permissions and
017: * limitations under the License.
018: *
019: * Initial developer(s): Marc Wick.
020: * Contributor(s): ______________________.
021: */package org.continuent.sequoia.common.authentication;
022:
023: import javax.management.remote.JMXAuthenticator;
024: import javax.security.auth.Subject;
025:
026: import org.continuent.sequoia.common.log.Trace;
027:
028: /**
029: * This class defines a PasswordAuthenticator
030: *
031: * @author <a href="mailto:marc.wick@monte-bre.ch">Marc Wick </a>
032: * @version 1.0
033: */
034: public class PasswordAuthenticator implements JMXAuthenticator
035:
036: {
037:
038: /**
039: * to enable subject delegation we use a dummy authentication even if none is
040: * configured
041: */
042: public static final PasswordAuthenticator NO_AUTHENICATION = new PasswordAuthenticator(
043: null, null);
044:
045: static Trace logger = Trace
046: .getLogger("org.continuent.sequoia.common.authentication");
047:
048: private String username;
049: private String password;
050:
051: /**
052: * Creates a new <code>PasswordAuthenticator.java</code> object
053: *
054: * @param username username/loginname
055: * @param password password
056: */
057: public PasswordAuthenticator(String username, String password) {
058: this .username = username;
059: this .password = password;
060: }
061:
062: /**
063: * create a credentials object with the supplied username and password
064: *
065: * @param username username
066: * @param password password
067: * @return credentials Object to be used for authentication,
068: */
069: public static Object createCredentials(String username,
070: String password) {
071: return new String[] { username, password };
072: }
073:
074: /**
075: * @see javax.management.remote.JMXAuthenticator#authenticate(java.lang.Object)
076: */
077: public Subject authenticate(Object credentials)
078: throws SecurityException {
079: try {
080: if (username == null && password == null) {
081: // no authentication is required we return
082: return new Subject();
083: }
084:
085: if (credentials == null) {
086: throw new SecurityException("credentials are required");
087: }
088:
089: try {
090: String[] credentialsArray = (String[]) credentials;
091: if (username.equals(credentialsArray[0])
092: && password.equals(credentialsArray[1])) {
093: // username and password are ok
094: if (logger.isDebugEnabled()) {
095: logger.debug("successfully authenitcated ");
096: }
097: return new Subject();
098: }
099: } catch (Exception e) {
100: // the credentials object makes problems, is was probably not created
101: // with the createCredentials method
102: throw new SecurityException(
103: "problems with credentials object : "
104: + e.getMessage());
105: }
106:
107: // username and password do not match
108: throw new SecurityException("invalid credentials");
109: } catch (SecurityException e) {
110: logger.error(e.getMessage());
111: try {
112: String clientId = java.rmi.server.RemoteServer
113: .getClientHost();
114: logger.warn("refused unauthorized access for client "
115: + clientId);
116: } catch (Exception ex) {
117:
118: }
119: throw e;
120: }
121: }
122: }
|