1 package org
.argeo
.cms
.auth
;
3 import java
.io
.IOException
;
4 import java
.util
.Locale
;
7 import javax
.security
.auth
.Subject
;
8 import javax
.security
.auth
.callback
.Callback
;
9 import javax
.security
.auth
.callback
.CallbackHandler
;
10 import javax
.security
.auth
.callback
.LanguageCallback
;
11 import javax
.security
.auth
.callback
.NameCallback
;
12 import javax
.security
.auth
.callback
.PasswordCallback
;
13 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
14 import javax
.security
.auth
.login
.CredentialNotFoundException
;
15 import javax
.security
.auth
.login
.FailedLoginException
;
16 import javax
.security
.auth
.login
.LoginException
;
17 import javax
.security
.auth
.spi
.LoginModule
;
19 import org
.argeo
.ArgeoException
;
20 import org
.argeo
.cms
.internal
.kernel
.Activator
;
21 import org
.argeo
.eclipse
.ui
.specific
.UiContext
;
22 import org
.osgi
.framework
.BundleContext
;
23 import org
.osgi
.service
.useradmin
.Authorization
;
24 import org
.osgi
.service
.useradmin
.User
;
25 import org
.osgi
.service
.useradmin
.UserAdmin
;
27 public class UserAdminLoginModule
implements LoginModule
, AuthConstants
{
28 // private final static Log log =
29 // LogFactory.getLog(UserAdminLoginModule.class);
31 // private Subject subject;
32 private CallbackHandler callbackHandler
;
33 private Map
<String
, Object
> sharedState
= null;
35 private boolean isAnonymous
= false;
37 // private HttpServletRequest request = null;
38 private BundleContext bc
;
40 @SuppressWarnings("unchecked")
42 public void initialize(Subject subject
, CallbackHandler callbackHandler
, Map
<String
, ?
> sharedState
,
43 Map
<String
, ?
> options
) {
45 bc
= Activator
.getBundleContext();
46 // this.subject = subject;
47 this.callbackHandler
= callbackHandler
;
48 this.sharedState
= (Map
<String
, Object
>) sharedState
;
49 if (options
.containsKey("anonymous"))
50 isAnonymous
= Boolean
.parseBoolean(options
.get("anonymous").toString());
51 } catch (Exception e
) {
52 throw new ArgeoException("Cannot initialize login module", e
);
57 public boolean login() throws LoginException
{
58 UserAdmin userAdmin
= bc
.getService(bc
.getServiceReference(UserAdmin
.class));
59 Authorization authorization
= null;
61 authorization
= userAdmin
.getAuthorization(null);
63 // HttpRequestCallback httpCallback = new HttpRequestCallback();
64 // ask for username and password
65 NameCallback nameCallback
= new NameCallback("User");
66 PasswordCallback passwordCallback
= new PasswordCallback("Password", false);
67 LanguageCallback langCallback
= new LanguageCallback();
69 callbackHandler
.handle(new Callback
[] { nameCallback
, passwordCallback
, langCallback
});
70 } catch (IOException e
) {
71 throw new LoginException("Cannot handle callback: " + e
.getMessage());
72 } catch (ThreadDeath e
) {
73 throw new ThreadDeathLoginException("Callbackhandler thread died", e
);
74 } catch (UnsupportedCallbackException e
) {
79 // request = httpCallback.getRequest();
80 // authorization = checkHttp();
83 Locale locale
= langCallback
.getLocale();
85 locale
= Locale
.getDefault();
86 UiContext
.setLocale(locale
);
88 authorization
= (Authorization
) sharedState
.get(SHARED_STATE_AUTHORIZATION
);
90 if (authorization
== null) {
92 final String username
= nameCallback
.getName();
93 if (username
== null || username
.trim().equals("")) {
94 // authorization = userAdmin.getAuthorization(null);
95 throw new CredentialNotFoundException("No credentials provided");
98 if (passwordCallback
.getPassword() != null)
99 password
= passwordCallback
.getPassword();
101 throw new CredentialNotFoundException("No credentials provided");
103 User user
= userAdmin
.getUser(null, username
);
105 throw new FailedLoginException("Invalid credentials");
106 if (!user
.hasCredential(null, password
))
107 throw new FailedLoginException("Invalid credentials");
110 // Log and monitor new login
111 // if (log.isDebugEnabled())
112 // log.debug("Logged in to CMS with username [" + username +
115 authorization
= userAdmin
.getAuthorization(user
);
119 if (!sharedState
.containsKey(SHARED_STATE_AUTHORIZATION
))
120 sharedState
.put(SHARED_STATE_AUTHORIZATION
, authorization
);
121 // subject.getPrivateCredentials().add(authorization);
125 // private Authorization checkHttp() {
126 // Authorization authorization = null;
127 // if (request != null) {
128 // authorization = (Authorization)
129 // request.getAttribute(HttpContext.AUTHORIZATION);
130 // if (authorization == null) {
131 // String sessionId = request.getSession().getId();
132 // authorization = (Authorization)
133 // request.getSession().getAttribute(HttpContext.AUTHORIZATION);
134 // if (authorization == null) {
135 // Collection<ServiceReference<CmsSession>> sr;
137 // sr = bc.getServiceReferences(CmsSession.class,
138 // "(" + CmsSession.CMS_SESSION_ID + "=" + sessionId + ")");
139 // } catch (InvalidSyntaxException e) {
140 // throw new CmsException("Cannot get CMS session for id " + sessionId, e);
142 // if (sr.size() == 1) {
143 // CmsSession cmsSession = bc.getService(sr.iterator().next());
144 // authorization = cmsSession.getAuthorization();
145 // if (log.isTraceEnabled())
146 // log.trace("Retrieved authorization from " + cmsSession);
151 // return authorization;
155 public boolean commit() throws LoginException
{
156 // Authorization authorization =
157 // subject.getPrivateCredentials(Authorization.class).iterator().next();
158 // if (request != null && authorization.getName() != null) {
159 // request.setAttribute(HttpContext.REMOTE_USER,
160 // authorization.getName());
161 // request.setAttribute(HttpContext.AUTHORIZATION, authorization);
163 // HttpSession httpSession = request.getSession();
164 // if (httpSession.getAttribute(HttpContext.AUTHORIZATION) == null) {
166 // String sessionId = request.getSession().getId();
167 // Collection<ServiceReference<CmsSession>> sr;
169 // sr = bc.getServiceReferences(CmsSession.class,
170 // "(" + CmsSession.CMS_SESSION_ID + "=" + sessionId + ")");
171 // } catch (InvalidSyntaxException e) {
172 // throw new CmsException("Cannot get CMS session for id " + sessionId,
175 // CmsSession cmsSession;
176 // if (sr.size() == 1) {
177 // cmsSession = bc.getService(sr.iterator().next());
178 // } else if (sr.size() == 0) {
179 // Hashtable<String, String> props = new Hashtable<>();
180 // props.put(CmsSession.CMS_DN, authorization.getName());
181 // props.put(CmsSession.CMS_SESSION_ID, sessionId);
182 // cmsSession = new CmsSessionImpl(sessionId, authorization);
183 // bc.registerService(CmsSession.class, cmsSession, props);
184 // if (log.isDebugEnabled())
185 // log.debug("Initialized " + cmsSession + " for " +
186 // authorization.getName());
188 // throw new CmsException(sr.size() + " CMS sessions registered for " +
190 // cmsSession.addHttpSession(request);
191 // if (log.isTraceEnabled())
192 // log.trace("Added " + request.getServletPath() + " to " + cmsSession +
193 // " (" + request.getRequestURI()
195 // httpSession.setAttribute(HttpContext.AUTHORIZATION, authorization);
197 // subject.getPrivateCredentials().add(request.getSession());
203 public boolean abort() throws LoginException
{
209 public boolean logout() throws LoginException
{
210 // Set<HttpSession> httpSession =
211 // subject.getPrivateCredentials(HttpSession.class);
212 // Iterator<HttpSession> it = httpSession.iterator();
213 // while (it.hasNext()) {
214 // HttpSession sess = it.next();
215 // sess.setAttribute(HttpContext.AUTHORIZATION, null);
216 // // sess.setMaxInactiveInterval(1);// invalidate session
218 // // TODO log out CMS session
220 // subject.getPrivateCredentials().removeAll(httpSession);
226 // private void cleanUp() {
227 // subject.getPrivateCredentials().removeAll(subject.getPrivateCredentials(Authorization.class));