001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: package org.apache.harmony.auth.module;
019:
020: import java.security.Principal;
021: import java.util.Map;
022: import java.util.Set;
023:
024: import javax.security.auth.Subject;
025: import javax.security.auth.callback.CallbackHandler;
026: import javax.security.auth.login.LoginException;
027: import javax.security.auth.spi.LoginModule;
028:
029: import org.apache.harmony.auth.UnixNumericGroupPrincipal;
030: import org.apache.harmony.auth.UnixNumericUserPrincipal;
031: import org.apache.harmony.auth.UnixPrincipal;
032: import org.apache.harmony.auth.internal.nls.Messages;
033:
034: /**
035: * A passive LoginModule which keeps an information about current user.
036: */
037: public class UnixLoginModule implements LoginModule {
038:
039: private UnixSystem usys;
040:
041: private Subject subject;
042:
043: private UnixPrincipal user;
044:
045: private UnixNumericUserPrincipal uid;
046:
047: private UnixNumericGroupPrincipal gid;
048:
049: private UnixNumericGroupPrincipal[] gids;
050:
051: /**
052: * @throws NullPointerException if either subject or options is null
053: */
054: public void initialize(Subject subject,
055: CallbackHandler callbackHandler,
056: Map<String, ?> sharedState, Map<String, ?> options) {
057: if (subject == null) {
058: throw new NullPointerException(Messages
059: .getString("auth.03")); //$NON-NLS-1$
060: }
061: if (options == null) {
062: throw new NullPointerException(Messages
063: .getString("auth.04")); //$NON-NLS-1$
064: }
065: this .subject = subject;
066: }
067:
068: /**
069: * Performs query to UnixSystem to retrieve user's information.
070: */
071: public boolean login() throws LoginException {
072: if (usys == null) {
073: usys = new UnixSystem();
074: }
075: usys.load();
076:
077: user = new UnixPrincipal(usys.getUsername());
078: uid = new UnixNumericUserPrincipal(usys.getUid());
079: gid = new UnixNumericGroupPrincipal(usys.getGid(), usys
080: .getGroupName(), true);
081: long[] gs = usys.getGroups();
082: String[] gns = usys.getGroupNames();
083: gids = new UnixNumericGroupPrincipal[gs.length];
084: for (int i = 0; i < gids.length; i++) {
085: gids[i] = new UnixNumericGroupPrincipal(gs[i],
086: i < gns.length ? gns[i] : null, false);
087: }
088: return true;
089: }
090:
091: /**
092: * Commits the login().
093: */
094: public boolean commit() throws LoginException {
095: if (subject.isReadOnly()) {
096: throw new LoginException(Messages.getString("auth.05")); //$NON-NLS-1$
097: }
098: Set<Principal> ps = subject.getPrincipals();
099:
100: if (!ps.contains(user)) {
101: ps.add(user);
102: }
103: if (!ps.contains(uid)) {
104: ps.add(uid);
105: }
106: if (!ps.contains(gid)) {
107: ps.add(gid);
108: }
109: for (UnixNumericGroupPrincipal element : gids) {
110: if (!ps.contains(element)) {
111: ps.add(element);
112: }
113: }
114: return true;
115: }
116:
117: /**
118: * Aborts the login() attempt and clears its information.
119: */
120: public boolean abort() throws LoginException {
121: clear();
122: return true;
123: }
124:
125: /**
126: * Wipes out the information stored in the Subject at the commit() stage,
127: * then clears clears an info store in its own fields.
128: */
129: public boolean logout() throws LoginException {
130: Set<Principal> ps = subject.getPrincipals();
131: ps.remove(user);
132: ps.remove(uid);
133: ps.remove(gid);
134: if (gids != null) {
135: for (UnixNumericGroupPrincipal element : gids) {
136: ps.remove(element);
137: }
138: }
139: clear();
140: return true;
141: }
142:
143: /**
144: * Clears information stored in this object.
145: */
146: private void clear() {
147: user = null;
148: uid = null;
149: gid = null;
150: gids = null;
151: }
152: }
|