001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.resource.security;
023:
024: import java.security.Principal;
025: import java.security.acl.Group;
026: import java.util.Map;
027:
028: import javax.resource.spi.security.PasswordCredential;
029: import javax.security.auth.Subject;
030: import javax.security.auth.callback.CallbackHandler;
031: import javax.security.auth.login.LoginException;
032:
033: import org.jboss.logging.Logger;
034: import org.jboss.security.SimplePrincipal;
035:
036: /**
037: * A simple login module that simply associates the principal specified
038: * in the module options with any subject authenticated against the module.
039: * The type of Principal class used is
040: * <code>org.jboss.security.SimplePrincipal.</code>
041: * <p>
042: * If no principal option is specified a principal with the name of 'guest'
043: * is used.
044: *
045: * @see org.jboss.security.SimpleGroup
046: * @see org.jboss.security.SimplePrincipal
047: *
048: * @author Scott.Stark@jboss.org
049: * @author <a href="mailto:d_jencks@users.sourceforge.net">David Jencks</a>
050: * @version $Revision: 57189 $
051: */
052: public class ConfiguredIdentityLoginModule extends
053: AbstractPasswordCredentialLoginModule {
054: private String principalName;
055: private String userName;
056: private String password;
057:
058: private static final Logger log = Logger
059: .getLogger(ConfiguredIdentityLoginModule.class);
060:
061: public ConfiguredIdentityLoginModule() {
062: }
063:
064: public void initialize(Subject subject, CallbackHandler handler,
065: Map sharedState, Map options) {
066: super .initialize(subject, handler, sharedState, options);
067: principalName = (String) options.get("principal");
068: if (principalName == null) {
069: throw new IllegalArgumentException(
070: "Must supply a principal name!");
071: }
072: userName = (String) options.get("userName");
073: if (userName == null) {
074: throw new IllegalArgumentException(
075: "Must supply a user name!");
076: }
077: password = (String) options.get("password");
078: if (password == null) {
079: log
080: .warn("Creating LoginModule with no configured password!");
081: password = "";
082: }
083: log.trace("got principal: " + principalName + ", username: "
084: + userName + ", password: " + password);
085:
086: }
087:
088: public boolean login() throws LoginException {
089: log.trace("login called");
090: if (super .login() == true)
091: return true;
092:
093: Principal principal = new SimplePrincipal(principalName);
094: SubjectActions.addPrincipals(subject, principal);
095: // Put the principal name into the sharedState map
096: sharedState
097: .put("javax.security.auth.login.name", principalName);
098: PasswordCredential cred = new PasswordCredential(userName,
099: password.toCharArray());
100: cred.setManagedConnectionFactory(getMcf());
101: SubjectActions.addCredentials(subject, cred);
102: super .loginOk = true;
103: return true;
104: }
105:
106: protected Principal getIdentity() {
107: log.trace("getIdentity called");
108: Principal principal = new SimplePrincipal(principalName);
109: return principal;
110: }
111:
112: /** This method simply returns an empty array of Groups which means that
113: no role based permissions are assigned.
114: */
115: protected Group[] getRoleSets() throws LoginException {
116: log.trace("getRoleSets called");
117: return new Group[] {};
118: }
119:
120: }
|