1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback.jaas;
18
19 import java.util.ArrayList;
20 import java.util.Iterator;
21 import java.util.List;
22
23 import javax.security.auth.Subject;
24 import javax.security.auth.callback.Callback;
25 import javax.security.auth.callback.CallbackHandler;
26 import javax.security.auth.callback.NameCallback;
27 import javax.security.auth.callback.PasswordCallback;
28 import javax.security.auth.login.LoginException;
29 import javax.security.auth.spi.LoginModule;
30
31 public class PlainTextLoginModule implements LoginModule {
32
33 private Subject subject;
34
35 private CallbackHandler callbackHandler;
36
37 private boolean success;
38
39 private List principals = new ArrayList();
40
41 public boolean abort() {
42 success = false;
43 logout();
44 return true;
45 }
46
47 public boolean commit() throws LoginException {
48 if (success) {
49 if (subject.isReadOnly()) {
50 throw new LoginException("Subject is read-only");
51 }
52 try {
53 subject.getPrincipals().addAll(principals);
54 principals.clear();
55 return true;
56 }
57 catch (Exception e) {
58 throw new LoginException(e.getMessage());
59 }
60 }
61 else {
62 principals.clear();
63 }
64 return true;
65 }
66
67 public void initialize(Subject subject,
68 CallbackHandler callbackHandler,
69 java.util.Map sharedState,
70 java.util.Map options) {
71 this.subject = subject;
72 this.callbackHandler = callbackHandler;
73 }
74
75 public boolean login() throws LoginException {
76 if (callbackHandler == null) {
77 return false;
78 }
79 try {
80 NameCallback nameCallback = new NameCallback("Username: ");
81 PasswordCallback passwordCallback = new PasswordCallback("Password: ", false);
82 Callback[] callbacks = new Callback[]{nameCallback, passwordCallback};
83
84 callbackHandler.handle(callbacks);
85
86 String username = nameCallback.getName();
87 String password = new String(passwordCallback.getPassword());
88
89 ((PasswordCallback) callbacks[1]).clearPassword();
90
91 success = validate(username, password);
92
93 callbacks[0] = null;
94 callbacks[1] = null;
95
96 if (!success) {
97 throw new LoginException("Authentication failed: Password does not match");
98 }
99
100 return true;
101 }
102 catch (LoginException ex) {
103 throw ex;
104 }
105 catch (Exception ex) {
106 success = false;
107 throw new LoginException(ex.getMessage());
108 }
109 }
110
111 private boolean validate(String username, String password) {
112 if ("Bert".equals(username) && "Ernie".equals(password)) {
113 this.principals.add(new SimplePrincipal(username));
114 return true;
115 }
116 else {
117 return false;
118 }
119 }
120
121 public boolean logout() {
122 principals.clear();
123
124 Iterator iterator = subject.getPrincipals(SimplePrincipal.class).iterator();
125 while (iterator.hasNext()) {
126 SimplePrincipal principal = (SimplePrincipal) iterator.next();
127 subject.getPrincipals().remove(principal);
128 }
129
130 return true;
131 }
132
133
134 }