1 package org
.argeo
.cms
.auth
;
3 import java
.io
.IOException
;
4 import java
.util
.Locale
;
7 import javax
.security
.auth
.Subject
;
8 import javax
.security
.auth
.callback
.Callback
;
9 import javax
.security
.auth
.callback
.CallbackHandler
;
10 import javax
.security
.auth
.callback
.LanguageCallback
;
11 import javax
.security
.auth
.callback
.NameCallback
;
12 import javax
.security
.auth
.callback
.PasswordCallback
;
13 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
14 import javax
.security
.auth
.login
.CredentialNotFoundException
;
15 import javax
.security
.auth
.login
.FailedLoginException
;
16 import javax
.security
.auth
.login
.LoginException
;
17 import javax
.security
.auth
.spi
.LoginModule
;
19 import org
.argeo
.cms
.CmsException
;
20 import org
.argeo
.eclipse
.ui
.specific
.UiContext
;
21 import org
.osgi
.framework
.BundleContext
;
22 import org
.osgi
.framework
.FrameworkUtil
;
23 import org
.osgi
.service
.useradmin
.Authorization
;
24 import org
.osgi
.service
.useradmin
.User
;
25 import org
.osgi
.service
.useradmin
.UserAdmin
;
27 public class UserAdminLoginModule
implements LoginModule
{
28 private Subject subject
;
29 private CallbackHandler callbackHandler
;
30 private Map
<String
, Object
> sharedState
= null;
32 // private boolean isAnonymous = false;
35 private BundleContext bc
;
36 private Authorization authorization
;
38 @SuppressWarnings("unchecked")
40 public void initialize(Subject subject
, CallbackHandler callbackHandler
, Map
<String
, ?
> sharedState
,
41 Map
<String
, ?
> options
) {
42 this.subject
= subject
;
44 bc
= FrameworkUtil
.getBundle(UserAdminLoginModule
.class).getBundleContext();
46 // this.subject = subject;
47 this.callbackHandler
= callbackHandler
;
48 this.sharedState
= (Map
<String
, Object
>) sharedState
;
49 // if (options.containsKey("anonymous"))
51 // Boolean.parseBoolean(options.get("anonymous").toString());
52 } catch (Exception e
) {
53 throw new CmsException("Cannot initialize login module", e
);
58 public boolean login() throws LoginException
{
59 Authorization sharedAuth
= (Authorization
) sharedState
.get(CmsAuthUtils
.SHARED_STATE_AUTHORIZATION
);
60 if (sharedAuth
!= null) {
61 if (callbackHandler
== null && sharedAuth
.getName() != null)
62 throw new LoginException("Shared authorization should be anonymous");
65 UserAdmin userAdmin
= bc
.getService(bc
.getServiceReference(UserAdmin
.class));
66 if (callbackHandler
== null) {// anonymous
67 authorization
= userAdmin
.getAuthorization(null);
68 sharedState
.put(CmsAuthUtils
.SHARED_STATE_AUTHORIZATION
, authorization
);
72 final String username
;
73 final char[] password
;
74 if (callbackHandler
== null && sharedState
.containsKey(CmsAuthUtils
.SHARED_STATE_NAME
)
75 && sharedState
.containsKey(CmsAuthUtils
.SHARED_STATE_PWD
)) {
76 username
= (String
) sharedState
.get(CmsAuthUtils
.SHARED_STATE_NAME
);
77 password
= (char[]) sharedState
.get(CmsAuthUtils
.SHARED_STATE_PWD
);
79 // NB: raw user name is used
80 AuthenticatingUser authenticatingUser
= new AuthenticatingUser(username
, password
);
81 authorization
= userAdmin
.getAuthorization(authenticatingUser
);
84 // ask for username and password
85 NameCallback nameCallback
= new NameCallback("User");
86 PasswordCallback passwordCallback
= new PasswordCallback("Password", false);
87 LanguageCallback langCallback
= new LanguageCallback();
89 callbackHandler
.handle(new Callback
[] { nameCallback
, passwordCallback
, langCallback
});
90 } catch (IOException e
) {
91 throw new LoginException("Cannot handle callback: " + e
.getMessage());
92 // } catch (ThreadDeath e) {
93 // throw new ThreadDeathLoginException("Callbackhandler thread
95 } catch (UnsupportedCallbackException e
) {
100 Locale locale
= langCallback
.getLocale();
102 locale
= Locale
.getDefault();
103 UiContext
.setLocale(locale
);
105 // authorization = (Authorization)
106 // sharedState.get(CmsAuthUtils.SHARED_STATE_AUTHORIZATION);
108 // if (authorization == null) {
109 // create credentials
110 username
= nameCallback
.getName();
111 if (username
== null || username
.trim().equals("")) {
112 // authorization = userAdmin.getAuthorization(null);
113 throw new CredentialNotFoundException("No credentials provided");
115 // char[] password = {};
116 if (passwordCallback
.getPassword() != null)
117 password
= passwordCallback
.getPassword();
119 throw new CredentialNotFoundException("No credentials provided");
120 // FIXME move Argeo specific convention from user admin to here
121 User user
= userAdmin
.getUser(null, username
);
123 throw new FailedLoginException("Invalid credentials");
124 if (!user
.hasCredential(null, password
))
125 throw new FailedLoginException("Invalid credentials");
128 // Log and monitor new login
129 // if (log.isDebugEnabled())
130 // log.debug("Logged in to CMS with username [" + username +
133 authorization
= userAdmin
.getAuthorization(user
);
134 assert authorization
!= null;
139 // (!sharedState.containsKey(CmsAuthUtils.SHARED_STATE_AUTHORIZATION))
140 sharedState
.put(CmsAuthUtils
.SHARED_STATE_AUTHORIZATION
, authorization
);
141 return authorization
!= null;
145 public boolean commit() throws LoginException
{
146 // Set<KerberosPrincipal> kerberosPrincipals =
147 // subject.getPrincipals(KerberosPrincipal.class);
148 // if (kerberosPrincipals.size() != 0) {
149 // KerberosPrincipal kerberosPrincipal =
150 // kerberosPrincipals.iterator().next();
151 // System.out.println(kerberosPrincipal);
152 // UserAdmin userAdmin =
153 // bc.getService(bc.getServiceReference(UserAdmin.class));
154 // User user = userAdmin.getUser(null, kerberosPrincipal.getName());
155 // Authorization authorization = userAdmin.getAuthorization(user);
156 // sharedState.put(SHARED_STATE_AUTHORIZATION, authorization);
158 if (authorization
== null) {
160 // throw new LoginException("Authorization should not be null");
162 CmsAuthUtils
.addAuthentication(subject
, authorization
);
168 public boolean abort() throws LoginException
{
169 authorization
= null;
174 public boolean logout() throws LoginException
{
175 CmsAuthUtils
.cleanUp(subject
);