001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */package org.apache.openejb.core.security.jaas;
017:
018: import org.apache.openejb.util.ConfUtils;
019: import org.apache.openejb.util.LogCategory;
020: import org.apache.openejb.util.Logger;
021:
022: import javax.security.auth.Subject;
023: import javax.security.auth.callback.Callback;
024: import javax.security.auth.callback.CallbackHandler;
025: import javax.security.auth.callback.NameCallback;
026: import javax.security.auth.callback.PasswordCallback;
027: import javax.security.auth.callback.UnsupportedCallbackException;
028: import javax.security.auth.login.FailedLoginException;
029: import javax.security.auth.login.LoginException;
030: import javax.security.auth.spi.LoginModule;
031: import java.io.IOException;
032: import java.net.URL;
033: import java.util.Enumeration;
034: import java.util.HashSet;
035: import java.util.Map;
036: import java.util.Properties;
037: import java.util.Set;
038:
039: /**
040: * @version $Rev: 602704 $ $Date: 2007-12-09 09:58:22 -0800 $
041: */
042: public class PropertiesLoginModule implements LoginModule {
043:
044: private final String USER_FILE = "UsersFile";
045: private final String GROUP_FILE = "GroupsFile";
046:
047: private static Logger log = Logger.getInstance(
048: LogCategory.OPENEJB_SECURITY,
049: "org.apache.openejb.util.resources");
050:
051: private Subject subject;
052: private CallbackHandler callbackHandler;
053:
054: private boolean debug;
055: private Properties users = new Properties();
056: private Properties groups = new Properties();
057: private String user;
058: private Set principals = new HashSet();
059:
060: private URL usersUrl;
061: private URL groupsUrl;
062:
063: public void initialize(Subject subject,
064: CallbackHandler callbackHandler, Map sharedState,
065: Map options) {
066: this .subject = subject;
067: this .callbackHandler = callbackHandler;
068:
069: debug = "true".equalsIgnoreCase((String) options.get("Debug"));
070: String usersFile = (String) options.get(USER_FILE) + "";
071: String groupsFile = (String) options.get(GROUP_FILE) + "";
072:
073: usersUrl = ConfUtils.getConfResource(usersFile);
074: groupsUrl = ConfUtils.getConfResource(groupsFile);
075:
076: if (debug) {
077: log.debug("Initialized debug=" + debug + " usersFile="
078: + usersFile + " groupsFile=" + groupsFile);
079: }
080: }
081:
082: public boolean login() throws LoginException {
083: try {
084: users.load(usersUrl.openStream());
085: } catch (IOException ioe) {
086: throw new LoginException(
087: "Unable to load user properties file "
088: + usersUrl.getFile());
089: }
090:
091: try {
092: groups.load(groupsUrl.openStream());
093: } catch (IOException ioe) {
094: throw new LoginException(
095: "Unable to load group properties file "
096: + groupsUrl.getFile());
097: }
098:
099: Callback[] callbacks = new Callback[2];
100:
101: callbacks[0] = new NameCallback("Username: ");
102: callbacks[1] = new PasswordCallback("Password: ", false);
103: try {
104: callbackHandler.handle(callbacks);
105: } catch (IOException ioe) {
106: throw new LoginException(ioe.getMessage());
107: } catch (UnsupportedCallbackException uce) {
108: throw new LoginException(uce.getMessage()
109: + " not available to obtain information from user");
110: }
111:
112: user = ((NameCallback) callbacks[0]).getName();
113: char[] tmpPassword = ((PasswordCallback) callbacks[1])
114: .getPassword();
115: if (tmpPassword == null)
116: tmpPassword = new char[0];
117:
118: String password = users.getProperty(user);
119:
120: if (password == null)
121: throw new FailedLoginException("User does exist");
122: if (!password.equals(new String(tmpPassword)))
123: throw new FailedLoginException("Password does not match");
124:
125: users.clear();
126:
127: if (debug) {
128: log.debug("login " + user);
129: }
130: return true;
131: }
132:
133: public boolean commit() throws LoginException {
134: principals.add(new UserPrincipal(user));
135:
136: for (Enumeration enumeration = groups.keys(); enumeration
137: .hasMoreElements();) {
138: String name = (String) enumeration.nextElement();
139: String[] userList = ((String) groups.getProperty(name) + "")
140: .split(",");
141: for (int i = 0; i < userList.length; i++) {
142: if (user.equals(userList[i])) {
143: principals.add(new GroupPrincipal(name));
144: break;
145: }
146: }
147: }
148:
149: subject.getPrincipals().addAll(principals);
150:
151: clear();
152:
153: if (debug) {
154: log.debug("commit");
155: }
156: return true;
157: }
158:
159: public boolean abort() throws LoginException {
160: clear();
161:
162: if (debug) {
163: log.debug("abort");
164: }
165: return true;
166: }
167:
168: public boolean logout() throws LoginException {
169: subject.getPrincipals().removeAll(principals);
170: principals.clear();
171:
172: if (debug) {
173: log.debug("logout");
174: }
175: return true;
176: }
177:
178: private void clear() {
179: groups.clear();
180: user = null;
181: }
182:
183: }
|