User: starksm
Date: 02/03/14 11:06:51
Modified: src/main/org/jboss/security ClientLoginModule.java
Log:
Set the Subject association on login
Revision Changes Path
1.3 +136 -125 jbosssx/src/main/org/jboss/security/ClientLoginModule.java
Index: ClientLoginModule.java
===================================================================
RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/ClientLoginModule.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- ClientLoginModule.java 8 Feb 2002 23:57:17 -0000 1.2
+++ ClientLoginModule.java 14 Mar 2002 19:06:51 -0000 1.3
@@ -4,7 +4,7 @@
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
-
+
package org.jboss.security;
@@ -19,136 +19,147 @@
import javax.security.auth.spi.LoginModule;
/** A simple implementation of LoginModule for use by JBoss clients for
-the establishment of the caller identity and credentials. This simply sets
-the SecurityAssociation principal to the value of the NameCallback
-filled in by the CallbackHandler, and the SecurityAssociation credential
-to the value of the PasswordCallback filled in by the CallbackHandler.
-
-It has the following options:
-<ul>
-<li>multi-threaded=[true|false]
-When the multi-threaded option is set to true, the SecurityAssociation.setServer()
-so that each login thread has its own principal and credential storage.
-<li>password-stacking=tryFirstPass|useFirstPass
-When password-stacking option is set, this module first looks for a shared
-username and password using "javax.security.auth.login.name" and
-"javax.security.auth.login.password" respectively. This allows a module configured
-prior to this one to establish a valid username and password that should be passed
-to JBoss.
-</ul>
-
-@author <a href="mailto:[EMAIL PROTECTED]";>Oleg Nitz</a>
-@author [EMAIL PROTECTED]
-*/
+ the establishment of the caller identity and credentials. This simply sets
+ the SecurityAssociation principal to the value of the NameCallback
+ filled in by the CallbackHandler, and the SecurityAssociation credential
+ to the value of the PasswordCallback filled in by the CallbackHandler.
+
+ It has the following options:
+ <ul>
+ <li>multi-threaded=[true|false]
+ When the multi-threaded option is set to true, the SecurityAssociation.setServer()
+ so that each login thread has its own principal and credential storage.
+ <li>password-stacking=tryFirstPass|useFirstPass
+ When password-stacking option is set, this module first looks for a shared
+ username and password using "javax.security.auth.login.name" and
+ "javax.security.auth.login.password" respectively. This allows a module configured
+ prior to this one to establish a valid username and password that should be passed
+ to JBoss.
+ </ul>
+
+ @author <a href="mailto:[EMAIL PROTECTED]";>Oleg Nitz</a>
+ @author [EMAIL PROTECTED]
+ */
public class ClientLoginModule implements LoginModule
{
- private CallbackHandler _callbackHandler;
- /** Shared state between login modules */
- private Map _sharedState;
- /** Flag indicating if the shared password should be used */
- private boolean _useFirstPass;
-
- /**
- * Initialize this LoginModule.
- */
- public void initialize(Subject subject, CallbackHandler callbackHandler,
- Map sharedState, Map options)
- {
- this._callbackHandler = callbackHandler;
- this._sharedState = sharedState;
- // Check for multi-threaded option
- String mt = (String) options.get("multi-threaded");
- if( mt != null && Boolean.valueOf(mt).booleanValue() == true )
- { /* Turn on the server mode which uses thread local storage for
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ /** Shared state between login modules */
+ private Map sharedState;
+ /** Flag indicating if the shared password should be used */
+ private boolean useFirstPass;
+
+ /**
+ * Initialize this LoginModule.
+ */
+ public void initialize(Subject subject, CallbackHandler callbackHandler,
+ Map sharedState, Map options)
+ {
+ this.subject = subject;
+ this.callbackHandler = callbackHandler;
+ this.sharedState = sharedState;
+ // Check for multi-threaded option
+ String mt = (String) options.get("multi-threaded");
+ if( mt != null && Boolean.valueOf(mt).booleanValue() == true )
+ { /* Turn on the server mode which uses thread local storage for
the principal information.
- */
- SecurityAssociation.setServer();
- }
-
+ */
+ SecurityAssociation.setServer();
+ }
+
/* Check for password sharing options. Any non-null value for
password_stacking sets useFirstPass as this module has no way to
validate any shared password.
*/
- String passwordStacking = (String) options.get("password-stacking");
- _useFirstPass = passwordStacking != null;
- }
-
- /**
- * Method to authenticate a Subject (phase 1).
- */
- public boolean login() throws LoginException
- {
- // If useFirstPass is true, look for the shared password
- if( _useFirstPass == true )
- {
- try
- {
- String username = (String)
_sharedState.get("javax.security.auth.login.name");
- Object credential =
_sharedState.get("javax.security.auth.login.password");
- SecurityAssociation.setPrincipal(new SimplePrincipal(username));
- SecurityAssociation.setCredential(credential);
- return true;
- }
- catch(Exception e)
- { // Dump the exception and continue
- e.printStackTrace();
- }
- }
-
- /* There is no password sharing or we are the first login module. Get
- the username and password from the callback hander.
- */
- if (_callbackHandler == null)
- throw new LoginException("Error: no CallbackHandler available " +
- "to garner authentication information from the user");
-
- PasswordCallback pc = new PasswordCallback("Password: ", false);
- NameCallback nc = new NameCallback("User name: ", "guest");
- Callback[] callbacks = {nc, pc};
- try {
- String username;
- char[] password = null;
- char[] tmpPassword;
-
- _callbackHandler.handle(callbacks);
- username = nc.getName();
+ String passwordStacking = (String) options.get("password-stacking");
+ useFirstPass = passwordStacking != null;
+ }
+
+ /**
+ * Method to authenticate a Subject (phase 1).
+ */
+ public boolean login() throws LoginException
+ {
+ // If useFirstPass is true, look for the shared password
+ if( useFirstPass == true )
+ {
+ try
+ {
+ String username = (String)
sharedState.get("javax.security.auth.login.name");
+ Object credential =
sharedState.get("javax.security.auth.login.password");
SecurityAssociation.setPrincipal(new SimplePrincipal(username));
- tmpPassword = pc.getPassword();
- if (tmpPassword != null) {
- password = new char[tmpPassword.length];
- System.arraycopy(tmpPassword, 0, password, 0, tmpPassword.length);
- pc.clearPassword();
- }
- SecurityAssociation.setCredential(password);
- } catch (java.io.IOException ioe) {
- throw new LoginException(ioe.toString());
- } catch (UnsupportedCallbackException uce) {
- throw new LoginException("Error: " + uce.getCallback().toString() +
- " not available to garner authentication information " +
- "from the user");
- }
- return true;
- }
-
- /**
- * Method to commit the authentication process (phase 2).
- */
- public boolean commit() throws LoginException {
- return true;
- }
-
- /**
- * Method to abort the authentication process (phase 2).
- */
- public boolean abort() throws LoginException {
- SecurityAssociation.setPrincipal(null);
- SecurityAssociation.setCredential(null);
- return true;
- }
-
- public boolean logout() throws LoginException {
- SecurityAssociation.setPrincipal(null);
- SecurityAssociation.setCredential(null);
- return true;
- }
+ SecurityAssociation.setCredential(credential);
+ SecurityAssociation.setSubject(subject);
+ return true;
+ }
+ catch(Exception e)
+ { // Dump the exception and continue
+ e.printStackTrace();
+ }
+ }
+
+ /* There is no password sharing or we are the first login module. Get
+ the username and password from the callback hander.
+ */
+ if (callbackHandler == null)
+ throw new LoginException("Error: no CallbackHandler available " +
+ "to garner authentication information from the user");
+
+ PasswordCallback pc = new PasswordCallback("Password: ", false);
+ NameCallback nc = new NameCallback("User name: ", "guest");
+ Callback[] callbacks = {nc, pc};
+ try
+ {
+ String username;
+ char[] password = null;
+ char[] tmpPassword;
+
+ callbackHandler.handle(callbacks);
+ username = nc.getName();
+ SecurityAssociation.setPrincipal(new SimplePrincipal(username));
+ tmpPassword = pc.getPassword();
+ if (tmpPassword != null)
+ {
+ password = new char[tmpPassword.length];
+ System.arraycopy(tmpPassword, 0, password, 0, tmpPassword.length);
+ pc.clearPassword();
+ }
+ SecurityAssociation.setCredential(password);
+ SecurityAssociation.setSubject(subject);
+ }
+ catch (java.io.IOException ioe)
+ {
+ throw new LoginException(ioe.toString());
+ }
+ catch (UnsupportedCallbackException uce)
+ {
+ throw new LoginException("Error: " + uce.getCallback().toString() +
+ " not available to garner authentication information " +
+ "from the user");
+ }
+ return true;
+ }
+
+ /**
+ * Method to commit the authentication process (phase 2).
+ */
+ public boolean commit() throws LoginException
+ {
+ return true;
+ }
+
+ /**
+ * Method to abort the authentication process (phase 2).
+ */
+ public boolean abort() throws LoginException
+ {
+ SecurityAssociation.clear();
+ return true;
+ }
+
+ public boolean logout() throws LoginException
+ {
+ SecurityAssociation.clear();
+ return true;
+ }
}
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
