1 package org
.argeo
.cms
.auth
;
3 import java
.net
.InetAddress
;
4 import java
.net
.UnknownHostException
;
5 import java
.security
.Principal
;
9 import javax
.naming
.ldap
.LdapName
;
10 import javax
.security
.auth
.Subject
;
11 import javax
.security
.auth
.callback
.CallbackHandler
;
12 import javax
.security
.auth
.kerberos
.KerberosPrincipal
;
13 import javax
.security
.auth
.login
.LoginException
;
14 import javax
.security
.auth
.spi
.LoginModule
;
15 import javax
.security
.auth
.x500
.X500Principal
;
17 import org
.apache
.commons
.logging
.Log
;
18 import org
.apache
.commons
.logging
.LogFactory
;
19 import org
.argeo
.cms
.internal
.auth
.ImpliedByPrincipal
;
20 import org
.argeo
.naming
.LdapAttrs
;
21 import org
.argeo
.node
.NodeConstants
;
22 import org
.argeo
.node
.security
.DataAdminPrincipal
;
23 import org
.argeo
.osgi
.useradmin
.IpaUtils
;
25 public class SingleUserLoginModule
implements LoginModule
{
26 private final static Log log
= LogFactory
.getLog(SingleUserLoginModule
.class);
28 private Subject subject
;
29 private Map
<String
, Object
> sharedState
= null;
31 @SuppressWarnings("unchecked")
33 public void initialize(Subject subject
, CallbackHandler callbackHandler
, Map
<String
, ?
> sharedState
,
34 Map
<String
, ?
> options
) {
35 this.subject
= subject
;
36 this.sharedState
= (Map
<String
, Object
>) sharedState
;
40 public boolean login() throws LoginException
{
41 String username
= System
.getProperty("user.name");
42 if (!sharedState
.containsKey(CmsAuthUtils
.SHARED_STATE_NAME
))
43 sharedState
.put(CmsAuthUtils
.SHARED_STATE_NAME
, username
);
48 public boolean commit() throws LoginException
{
49 X500Principal principal
;
50 KerberosPrincipal kerberosPrincipal
= CmsAuthUtils
.getSinglePrincipal(subject
, KerberosPrincipal
.class);
51 if (kerberosPrincipal
!= null) {
52 LdapName userDn
= IpaUtils
.kerberosToDn(kerberosPrincipal
.getName());
53 principal
= new X500Principal(userDn
.toString());
55 Object username
= sharedState
.get(CmsAuthUtils
.SHARED_STATE_NAME
);
57 throw new LoginException("No username available");
60 hostname
= InetAddress
.getLocalHost().getHostName();
61 } catch (UnknownHostException e
) {
62 log
.warn("Using localhost as hostname", e
);
63 hostname
= "localhost";
65 String baseDn
= ("." + hostname
).replaceAll("\\.", ",dc=");
66 principal
= new X500Principal(LdapAttrs
.uid
+ "=" + username
+ baseDn
);
68 Set
<Principal
> principals
= subject
.getPrincipals();
69 principals
.add(principal
);
70 principals
.add(new ImpliedByPrincipal(NodeConstants
.ROLE_ADMIN
, principal
));
71 principals
.add(new DataAdminPrincipal());
76 public boolean abort() throws LoginException
{
81 public boolean logout() throws LoginException
{
82 // TODO Auto-generated method stub