User: user57
Date: 01/07/30 19:29:12
Modified: src/main/org/jboss/security/auth/spi Tag: jboss_buildmagic
AbstractServerLoginModule.java
UsernamePasswordLoginModule.java
Log:
o Updated some modules from HEAD
o Converted most modules to new release style (except plugins and manual)
o Most modules produce the correct binary structure.
o short of the manual and valid testsuite jars the system will build now.
Revision Changes Path
No revision
No revision
1.1.6.1 +10 -5
jbosssx/src/main/org/jboss/security/auth/spi/AbstractServerLoginModule.java
Index: AbstractServerLoginModule.java
===================================================================
RCS file:
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/spi/AbstractServerLoginModule.java,v
retrieving revision 1.1
retrieving revision 1.1.6.1
diff -u -r1.1 -r1.1.6.1
--- AbstractServerLoginModule.java 2001/04/11 02:04:21 1.1
+++ AbstractServerLoginModule.java 2001/07/31 02:29:12 1.1.6.1
@@ -27,7 +27,7 @@
/** This class implements the common functionality required for a JAAS
server side LoginModule and implements the JBossSX standard Subject usage
pattern of storing identities and roles. Subclass this module to create your
-own custom LoginModule and override the getRoles() and getIdentity()
+own custom LoginModule and override the login(), getRoleSets() and getIdentity()
methods.
You may also wish to override
@@ -42,7 +42,7 @@
@author <a href="[EMAIL PROTECTED]">Edward Kenworthy</a>, 12th Dec
2000
@author [EMAIL PROTECTED]
-@version $Revision: 1.1 $
+@version $Revision: 1.1.6.1 $
*/
public abstract class AbstractServerLoginModule implements LoginModule
{
@@ -56,13 +56,18 @@
//--- Begin LoginModule interface methods
/** Initialize the login module. This stores the subject, callbackHandler
- and sharedState and options for the login session.
+ and sharedState and options for the login session. Subclasses should
override
+ if they need to process their own options. A call to super.initialize(...)
+ must be made in the case of an override.
+ @param subject, the Subject to update after a successful login.
+ @param callbackHandler, the CallbackHandler that will be used to obtain the
+ the user identity and credentials.
+ @param sharedState, a Map shared between all configured login module instances
@param options,
- @option
@option password-stacking: if true, the login identity will be taken from
the
javax.security.auth.login.name value of the sharedState map, and
the proof of identity from the javax.security.auth.login.password
- value sharedState map.
+ value of the sharedState map.
*/
public void initialize(Subject subject, CallbackHandler callbackHandler, Map
sharedState, Map options)
{
1.4.2.1 +204 -204
jbosssx/src/main/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java
Index: UsernamePasswordLoginModule.java
===================================================================
RCS file:
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/spi/UsernamePasswordLoginModule.java,v
retrieving revision 1.4
retrieving revision 1.4.2.1
diff -u -r1.4 -r1.4.2.1
--- UsernamePasswordLoginModule.java 2001/07/09 19:57:53 1.4
+++ UsernamePasswordLoginModule.java 2001/07/31 02:29:12 1.4.2.1
@@ -1,204 +1,204 @@
-/*
- * JBoss, the OpenSource EJB server
- *
- * Distributable under LGPL license.
- * See terms of license at gnu.org.
- */
-package org.jboss.security.auth.spi;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.Map;
-import java.security.Principal;
-import java.security.acl.Group;
-import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.auth.login.LoginException;
-import javax.security.auth.login.FailedLoginException;
-import javax.security.auth.spi.LoginModule;
-
-import org.jboss.security.SimpleGroup;
-import org.jboss.security.SimplePrincipal;
-import org.jboss.security.auth.spi.AbstractServerLoginModule;
-
-
-/** An abstract subclass of AbstractServerLoginModule that imposes a
- an identity == String username, credentials == String password view on
- the login process. Subclasses override the getUsersPassword()
- and getUsersRoles() methods to return the expected password and roles
- for the user.
-
- @see #getUsername()
- @see #getUsersPassword()
- @see #getUsersRoles()
-
- @author [EMAIL PROTECTED]
- @version $Revision: 1.4 $
- */
-public abstract class UsernamePasswordLoginModule extends AbstractServerLoginModule
-{
- /** The login identity */
- private Principal identity;
- /** The proof of login identity */
- private char[] credential;
- /** the principal to use when a null username and password are seen */
- private Principal unauthenticatedIdentity;
-
- /** Override the superclass method to look for a unauthenticatedIdentity
- property. This method first invokes the super version.
- @param options,
- @option unauthenticatedIdentity: the name of the principal to asssign
- and authenticate when a null username and password are seen.
- */
- public void initialize(Subject subject, CallbackHandler callbackHandler, Map
sharedState, Map options)
- {
- super.initialize(subject, callbackHandler, sharedState, options);
- // Check for unauthenticatedIdentity option.
- String name = (String) options.get("unauthenticatedIdentity");
- if( name != null )
- unauthenticatedIdentity = new SimplePrincipal(name);
- }
-
- /**
- */
- public boolean login() throws LoginException
- {
- // See if shared credentials exist
- if( super.login() == true )
- {
- // Setup our view of the user
- Object username = sharedState.get("javax.security.auth.login.name");
- if( username instanceof Principal )
- identity = (Principal) username;
- else
- {
- String name = username.toString();
- identity = new SimplePrincipal(name);
- }
- Object password = sharedState.get("javax.security.auth.login.password");
- if( password instanceof char[] )
- credential = (char[]) password;
- else if( password != null )
- {
- String tmp = password.toString();
- credential = tmp.toCharArray();
- }
- return true;
- }
-
- String[] info = getUsernameAndPassword();
- String username = info[0];
- String password = info[1];
- if( username == null && password == null )
- identity = unauthenticatedIdentity;
- if( identity == null )
- {
- identity = new SimplePrincipal(username);
- // Validate the password supplied by the subclass
- String expectedPassword = getUsersPassword();
- if( validatePassword(password, expectedPassword) == false )
- {
- System.out.println("Bad password for username="+username);
- throw new FailedLoginException("Password Incorrect/Password Required");
- }
- }
- System.out.print("User '" + username + "' authenticated.\n");
-
- if( getUseFirstPass() == true )
- { // Add the username and password to the shared state map
- sharedState.put("javax.security.auth.login.name", username);
- sharedState.put("javax.security.auth.login.password", credential);
- }
- return true;
- }
-
- protected Principal getIdentity()
- {
- return identity;
- }
- protected Principal getUnauthenticatedIdentity()
- {
- return unauthenticatedIdentity;
- }
-
- protected Object getCredentials()
- {
- return credential;
- }
- protected String getUsername()
- {
- return getIdentity().getName();
- }
-
- /** Called by login() to acquire the username and password strings for
- authentication. This method does no validation of either.
- @return String[], [0] = username, [1] = password
- @exception LoginException thrown if CallbackHandler is not set or fails.
- */
- protected String[] getUsernameAndPassword() throws LoginException
- {
- String[] info = {null, null};
- // prompt for a username and password
- if( callbackHandler == null )
- {
- throw new LoginException("Error: no CallbackHandler available " +
- "to collect authentication information");
- }
- NameCallback nc = new NameCallback("User name: ", "guest");
- PasswordCallback pc = new PasswordCallback("Password: ", false);
- Callback[] callbacks = {nc, pc};
- String username = null;
- String password = null;
- try
- {
- callbackHandler.handle(callbacks);
- username = nc.getName();
- char[] tmpPassword = pc.getPassword();
- if( tmpPassword != null )
- {
- credential = new char[tmpPassword.length];
- System.arraycopy(tmpPassword, 0, credential, 0, tmpPassword.length);
- pc.clearPassword();
- password = new String(credential);
- }
- }
- catch(java.io.IOException ioe)
- {
- throw new LoginException(ioe.toString());
- }
- catch(UnsupportedCallbackException uce)
- {
- throw new LoginException("CallbackHandler does not support: " +
uce.getCallback());
- }
- info[0] = username;
- info[1] = password;
- return info;
- }
-
- /** A hook that allows subclasses to change the validation of the input
- password against the expected password. This version checks that
- neither inputPassword or expectedPassword are null that that
- inputPassword.equals(expectedPassword) is true;
- @return true if the inputPassword is valid, false otherwise.
- */
- protected boolean validatePassword(String inputPassword, String expectedPassword)
- {
- if( inputPassword == null || expectedPassword == null )
- return false;
- return inputPassword.equals(expectedPassword);
- }
-
- /** Get the expected password for the current username available via
- the getUsername() method. This is called from within the login()
- method after the CallbackHandler has returned the username and
- candidate password.
- @return the valid password String
- */
- abstract protected String getUsersPassword() throws LoginException;
-
-}
+/*
+ * JBoss, the OpenSource EJB server
+ *
+ * Distributable under LGPL license.
+ * See terms of license at gnu.org.
+ */
+package org.jboss.security.auth.spi;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.Map;
+import java.security.Principal;
+import java.security.acl.Group;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.jboss.security.SimpleGroup;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.auth.spi.AbstractServerLoginModule;
+
+
+/** An abstract subclass of AbstractServerLoginModule that imposes a
+ an identity == String username, credentials == String password view on
+ the login process. Subclasses override the getUsersPassword()
+ and getUsersRoles() methods to return the expected password and roles
+ for the user.
+
+ @see #getUsername()
+ @see #getUsersPassword()
+ @see #getUsersRoles()
+
+ @author [EMAIL PROTECTED]
+ @version $Revision: 1.4.2.1 $
+ */
+public abstract class UsernamePasswordLoginModule extends AbstractServerLoginModule
+{
+ /** The login identity */
+ private Principal identity;
+ /** The proof of login identity */
+ private char[] credential;
+ /** the principal to use when a null username and password are seen */
+ private Principal unauthenticatedIdentity;
+
+ /** Override the superclass method to look for a unauthenticatedIdentity
+ property. This method first invokes the super version.
+ @param options,
+ @option unauthenticatedIdentity: the name of the principal to asssign
+ and authenticate when a null username and password are seen.
+ */
+ public void initialize(Subject subject, CallbackHandler callbackHandler, Map
sharedState, Map options)
+ {
+ super.initialize(subject, callbackHandler, sharedState, options);
+ // Check for unauthenticatedIdentity option.
+ String name = (String) options.get("unauthenticatedIdentity");
+ if( name != null )
+ unauthenticatedIdentity = new SimplePrincipal(name);
+ }
+
+ /**
+ */
+ public boolean login() throws LoginException
+ {
+ // See if shared credentials exist
+ if( super.login() == true )
+ {
+ // Setup our view of the user
+ Object username = sharedState.get("javax.security.auth.login.name");
+ if( username instanceof Principal )
+ identity = (Principal) username;
+ else
+ {
+ String name = username.toString();
+ identity = new SimplePrincipal(name);
+ }
+ Object password = sharedState.get("javax.security.auth.login.password");
+ if( password instanceof char[] )
+ credential = (char[]) password;
+ else if( password != null )
+ {
+ String tmp = password.toString();
+ credential = tmp.toCharArray();
+ }
+ return true;
+ }
+
+ String[] info = getUsernameAndPassword();
+ String username = info[0];
+ String password = info[1];
+ if( username == null && password == null )
+ identity = unauthenticatedIdentity;
+ if( identity == null )
+ {
+ identity = new SimplePrincipal(username);
+ // Validate the password supplied by the subclass
+ String expectedPassword = getUsersPassword();
+ if( validatePassword(password, expectedPassword) == false )
+ {
+ System.out.println("Bad password for username="+username);
+ throw new FailedLoginException("Password Incorrect/Password Required");
+ }
+ }
+ System.out.print("User '" + identity + "' authenticated.\n");
+
+ if( getUseFirstPass() == true )
+ { // Add the username and password to the shared state map
+ sharedState.put("javax.security.auth.login.name", username);
+ sharedState.put("javax.security.auth.login.password", credential);
+ }
+ return true;
+ }
+
+ protected Principal getIdentity()
+ {
+ return identity;
+ }
+ protected Principal getUnauthenticatedIdentity()
+ {
+ return unauthenticatedIdentity;
+ }
+
+ protected Object getCredentials()
+ {
+ return credential;
+ }
+ protected String getUsername()
+ {
+ return getIdentity().getName();
+ }
+
+ /** Called by login() to acquire the username and password strings for
+ authentication. This method does no validation of either.
+ @return String[], [0] = username, [1] = password
+ @exception LoginException thrown if CallbackHandler is not set or fails.
+ */
+ protected String[] getUsernameAndPassword() throws LoginException
+ {
+ String[] info = {null, null};
+ // prompt for a username and password
+ if( callbackHandler == null )
+ {
+ throw new LoginException("Error: no CallbackHandler available " +
+ "to collect authentication information");
+ }
+ NameCallback nc = new NameCallback("User name: ", "guest");
+ PasswordCallback pc = new PasswordCallback("Password: ", false);
+ Callback[] callbacks = {nc, pc};
+ String username = null;
+ String password = null;
+ try
+ {
+ callbackHandler.handle(callbacks);
+ username = nc.getName();
+ char[] tmpPassword = pc.getPassword();
+ if( tmpPassword != null )
+ {
+ credential = new char[tmpPassword.length];
+ System.arraycopy(tmpPassword, 0, credential, 0, tmpPassword.length);
+ pc.clearPassword();
+ password = new String(credential);
+ }
+ }
+ catch(java.io.IOException ioe)
+ {
+ throw new LoginException(ioe.toString());
+ }
+ catch(UnsupportedCallbackException uce)
+ {
+ throw new LoginException("CallbackHandler does not support: " +
uce.getCallback());
+ }
+ info[0] = username;
+ info[1] = password;
+ return info;
+ }
+
+ /** A hook that allows subclasses to change the validation of the input
+ password against the expected password. This version checks that
+ neither inputPassword or expectedPassword are null that that
+ inputPassword.equals(expectedPassword) is true;
+ @return true if the inputPassword is valid, false otherwise.
+ */
+ protected boolean validatePassword(String inputPassword, String expectedPassword)
+ {
+ if( inputPassword == null || expectedPassword == null )
+ return false;
+ return inputPassword.equals(expectedPassword);
+ }
+
+ /** Get the expected password for the current username available via
+ the getUsername() method. This is called from within the login()
+ method after the CallbackHandler has returned the username and
+ candidate password.
+ @return the valid password String
+ */
+ abstract protected String getUsersPassword() throws LoginException;
+
+}
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
