PlainTextLoginModule xref


1   /*
2    * Copyright 2006 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.ws.soap.security.xwss.callback.jaas;
18  
19  import java.util.ArrayList;
20  import java.util.Iterator;
21  import java.util.List;
22  
23  import javax.security.auth.Subject;
24  import javax.security.auth.callback.Callback;
25  import javax.security.auth.callback.CallbackHandler;
26  import javax.security.auth.callback.NameCallback;
27  import javax.security.auth.callback.PasswordCallback;
28  import javax.security.auth.login.LoginException;
29  import javax.security.auth.spi.LoginModule;
30  
31  public class PlainTextLoginModule implements LoginModule {
32  
33      private Subject subject;
34  
35      private CallbackHandler callbackHandler;
36  
37      private boolean success;
38  
39      private List principals = new ArrayList();
40  
41      public boolean abort() {
42          success = false;
43          logout();
44          return true;
45      }
46  
47      public boolean commit() throws LoginException {
48          if (success) {
49              if (subject.isReadOnly()) {
50                  throw new LoginException("Subject is read-only");
51              }
52              try {
53                  subject.getPrincipals().addAll(principals);
54                  principals.clear();
55                  return true;
56              }
57              catch (Exception e) {
58                  throw new LoginException(e.getMessage());
59              }
60          }
61          else {
62              principals.clear();
63          }
64          return true;
65      }
66  
67      public void initialize(Subject subject,
68                             CallbackHandler callbackHandler,
69                             java.util.Map sharedState,
70                             java.util.Map options) {
71          this.subject = subject;
72          this.callbackHandler = callbackHandler;
73      }
74  
75      public boolean login() throws LoginException {
76          if (callbackHandler == null) {
77              return false;
78          }
79          try {
80              NameCallback nameCallback = new NameCallback("Username: ");
81              PasswordCallback passwordCallback = new PasswordCallback("Password: ", false);
82              Callback[] callbacks = new Callback[]{nameCallback, passwordCallback};
83  
84              callbackHandler.handle(callbacks);
85  
86              String username = nameCallback.getName();
87              String password = new String(passwordCallback.getPassword());
88  
89              ((PasswordCallback) callbacks[1]).clearPassword();
90  
91              success = validate(username, password);
92  
93              callbacks[0] = null;
94              callbacks[1] = null;
95  
96              if (!success) {
97                  throw new LoginException("Authentication failed: Password does not match");
98              }
99  
100             return true;
101         }
102         catch (LoginException ex) {
103             throw ex;
104         }
105         catch (Exception ex) {
106             success = false;
107             throw new LoginException(ex.getMessage());
108         }
109     }
110 
111     private boolean validate(String username, String password) {
112         if ("Bert".equals(username) && "Ernie".equals(password)) {
113             this.principals.add(new SimplePrincipal(username));
114             return true;
115         }
116         else {
117             return false;
118         }
119     }
120 
121     public boolean logout() {
122         principals.clear();
123 
124         Iterator iterator = subject.getPrincipals(SimplePrincipal.class).iterator();
125         while (iterator.hasNext()) {
126             SimplePrincipal principal = (SimplePrincipal) iterator.next();
127             subject.getPrincipals().remove(principal);
128         }
129 
130         return true;
131     }
132 
133 
134 }