svn commit: r159560 - in geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas: ConfiguredIdentityNamedUsernamePasswordLoginModule.java NamedUPCredentialLoginModule.java UPCredentialLoginModule.java

31 Mar 2005 04:10:07 -0000 

Author: adc
Date: Wed Mar 30 20:10:01 2005
New Revision: 159560

URL: http://svn.apache.org/viewcvs?view=rev&rev=159560
Log:
Added Named Username Password Credential login module.  Made sure that the 
password is destroyed on logout.

Added:
    
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUPCredentialLoginModule.java
Modified:
    
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java
    
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java

Modified: 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java
URL: 
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java?view=diff&r1=159559&r2=159560
==============================================================================
--- 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java
 (original)
+++ 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java
 Wed Mar 30 20:10:01 2005
@@ -20,6 +20,7 @@
 import java.util.Set;
 import javax.security.auth.spi.LoginModule;
 import javax.security.auth.Subject;
+import javax.security.auth.DestroyFailedException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.callback.CallbackHandler;
 
@@ -72,6 +73,11 @@
             pvtCreds.remove(namedUsernamePasswordCredential);
         }
 
+        try {
+            namedUsernamePasswordCredential.destroy();
+        } catch (DestroyFailedException e) {
+            // do nothing
+        }
         namedUsernamePasswordCredential = null;
 
         return true;

Added: 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUPCredentialLoginModule.java
URL: 
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUPCredentialLoginModule.java?view=auto&rev=159560
==============================================================================
--- 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUPCredentialLoginModule.java
 (added)
+++ 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUPCredentialLoginModule.java
 Wed Mar 30 20:10:01 2005
@@ -0,0 +1,118 @@
+/**
+ *
+ * Copyright 2005 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.security.jaas;
+
+import java.io.IOException;
+import java.util.Map;
+import java.util.Set;
+import javax.security.auth.DestroyFailedException;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+
+/**
+ * Inserts named Username/Password credential into private credentials of 
Subject.
+ * <p/>
+ * If either the username or password is not passed in the callback handler,
+ * then the credential is not placed into the Subject.
+ *
+ * @version $Revision: $ $Date: $
+ */
+public class NamedUPCredentialLoginModule implements LoginModule {
+
+    public static final String CREDENTIAL_NAME = 
"org.apache.geronimo.jaas.NamedUPCredentialLoginModule.Name";
+
+    private String name;
+    private Subject subject;
+    private CallbackHandler callbackHandler;
+    private NamedUsernamePasswordCredential nupCredential;
+
+    public boolean abort() throws LoginException {
+
+        return logout();
+    }
+
+    public boolean commit() throws LoginException {
+
+        if (subject.isReadOnly()) {
+            throw new LoginException("Subject is ReadOnly");
+        }
+
+        Set pvtCreds = subject.getPrivateCredentials();
+        if (nupCredential != null && !pvtCreds.contains(nupCredential)) {
+            pvtCreds.add(nupCredential);
+        }
+
+        return true;
+    }
+
+    public boolean login() throws LoginException {
+
+        Callback[] callbacks = new Callback[2];
+
+        callbacks[0] = new NameCallback("User name");
+        callbacks[1] = new PasswordCallback("Password", false);
+        try {
+            callbackHandler.handle(callbacks);
+        } catch (IOException ioe) {
+            throw (LoginException) new LoginException().initCause(ioe);
+        } catch (UnsupportedCallbackException uce) {
+            throw (LoginException) new LoginException().initCause(uce);
+        }
+
+        String username = ((NameCallback) callbacks[0]).getName();
+        char[] password = ((PasswordCallback) callbacks[1]).getPassword();
+
+        if (username == null || password == null) return true;
+
+        nupCredential = new NamedUsernamePasswordCredential(username, 
password, name);
+
+        return true;
+    }
+
+    public boolean logout() throws LoginException {
+
+        if (nupCredential == null) return true;
+
+        Set pvtCreds = 
subject.getPrivateCredentials(NamedUsernamePasswordCredential.class);
+        if (pvtCreds.contains(nupCredential)) {
+            pvtCreds.remove(nupCredential);
+        }
+
+        try {
+            nupCredential.destroy();
+        } catch (DestroyFailedException e) {
+            // do nothing
+        }
+        nupCredential = null;
+
+        return true;
+    }
+
+    public void initialize(Subject subject, CallbackHandler callbackHandler, 
Map sharedState, Map options) {
+
+        this.subject = subject;
+        this.callbackHandler = callbackHandler;
+        this.name = (String) options.get(CREDENTIAL_NAME);
+    }
+}

Modified: 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java
URL: 
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java?view=diff&r1=159559&r2=159560
==============================================================================
--- 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java
 (original)
+++ 
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/UPCredentialLoginModule.java
 Wed Mar 30 20:10:01 2005
@@ -20,6 +20,7 @@
 import java.util.Map;
 import java.util.Set;
 import javax.security.auth.Subject;
+import javax.security.auth.DestroyFailedException;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.NameCallback;
@@ -95,6 +96,11 @@
             pvtCreds.remove(upCredential);
         }
 
+        try {
+            upCredential.destroy();
+        } catch (DestroyFailedException e) {
+            // do nothing
+        }
         upCredential = null;
 
         return true;

Reply via email to