1 package org
.argeo
.cms
.auth
;
3 import java
.io
.IOException
;
4 import java
.util
.Iterator
;
5 import java
.util
.Locale
;
9 import javax
.security
.auth
.Subject
;
10 import javax
.security
.auth
.callback
.Callback
;
11 import javax
.security
.auth
.callback
.CallbackHandler
;
12 import javax
.security
.auth
.callback
.LanguageCallback
;
13 import javax
.security
.auth
.callback
.NameCallback
;
14 import javax
.security
.auth
.callback
.PasswordCallback
;
15 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
16 import javax
.security
.auth
.login
.CredentialNotFoundException
;
17 import javax
.security
.auth
.login
.FailedLoginException
;
18 import javax
.security
.auth
.login
.LoginException
;
19 import javax
.security
.auth
.spi
.LoginModule
;
20 import javax
.servlet
.http
.HttpServletRequest
;
21 import javax
.servlet
.http
.HttpSession
;
23 import org
.apache
.commons
.logging
.Log
;
24 import org
.apache
.commons
.logging
.LogFactory
;
25 import org
.argeo
.ArgeoException
;
26 import org
.argeo
.cms
.internal
.kernel
.Activator
;
27 import org
.argeo
.eclipse
.ui
.specific
.UiContext
;
28 import org
.osgi
.framework
.BundleContext
;
29 import org
.osgi
.service
.http
.HttpContext
;
30 import org
.osgi
.service
.useradmin
.Authorization
;
31 import org
.osgi
.service
.useradmin
.User
;
32 import org
.osgi
.service
.useradmin
.UserAdmin
;
34 public class UserAdminLoginModule
implements LoginModule
, AuthConstants
{
35 private final static Log log
= LogFactory
36 .getLog(UserAdminLoginModule
.class);
38 private Subject subject
;
39 private CallbackHandler callbackHandler
;
40 private boolean isAnonymous
= false;
42 private HttpServletRequest request
= null;
45 public void initialize(Subject subject
, CallbackHandler callbackHandler
,
46 Map
<String
, ?
> sharedState
, Map
<String
, ?
> options
) {
48 this.subject
= subject
;
49 this.callbackHandler
= callbackHandler
;
50 if (options
.containsKey("anonymous"))
51 isAnonymous
= Boolean
.parseBoolean(options
.get("anonymous")
53 } catch (Exception e
) {
54 throw new ArgeoException("Cannot initialize login module", e
);
59 public boolean login() throws LoginException
{
60 BundleContext bc
= Activator
.getBundleContext();
61 UserAdmin userAdmin
= bc
.getService(bc
62 .getServiceReference(UserAdmin
.class));
63 Authorization authorization
= null;
65 authorization
= userAdmin
.getAuthorization(null);
67 HttpRequestCallback httpCallback
= new HttpRequestCallback();
68 // ask for username and password
69 NameCallback nameCallback
= new NameCallback("User");
70 PasswordCallback passwordCallback
= new PasswordCallback(
72 LanguageCallback langCallback
= new LanguageCallback();
74 callbackHandler
.handle(new Callback
[] { httpCallback
,
75 nameCallback
, passwordCallback
, langCallback
});
76 } catch (IOException e
) {
77 throw new LoginException("Cannot handle http callback: "
79 } catch (ThreadDeath e
) {
80 throw new ThreadDeathLoginException(
81 "Callbackhandler thread died", e
);
82 } catch (UnsupportedCallbackException e
) {
85 request
= httpCallback
.getRequest();
86 if (request
!= null) {
87 authorization
= (Authorization
) request
88 .getAttribute(HttpContext
.AUTHORIZATION
);
89 if (authorization
== null)
90 authorization
= (Authorization
) request
.getSession()
91 .getAttribute(HttpContext
.AUTHORIZATION
);
95 Locale locale
= langCallback
.getLocale();
97 locale
= Locale
.getDefault();
98 UiContext
.setLocale(locale
);
100 if (authorization
== null) {
101 // create credentials
102 final String username
= nameCallback
.getName();
103 if (username
== null || username
.trim().equals("")) {
104 // authorization = userAdmin.getAuthorization(null);
105 throw new CredentialNotFoundException(
106 "No credentials provided");
108 char[] password
= {};
109 if (passwordCallback
.getPassword() != null)
110 password
= passwordCallback
.getPassword();
112 throw new CredentialNotFoundException(
113 "No credentials provided");
115 User user
= userAdmin
.getUser(null, username
);
117 throw new FailedLoginException("Invalid credentials");
118 if (!user
.hasCredential(null, password
))
119 throw new FailedLoginException("Invalid credentials");
122 // Log and monitor new login
123 if (log
.isDebugEnabled())
124 log
.debug("Logged in to CMS with username [" + username
+"]");
126 authorization
= userAdmin
.getAuthorization(user
);
130 // authorization = userAdmin.getAuthorization(null);
133 subject
.getPrivateCredentials().add(authorization
);
138 public boolean commit() throws LoginException
{
139 Authorization authorization
= subject
140 .getPrivateCredentials(Authorization
.class).iterator().next();
141 if (request
!= null && authorization
.getName() != null) {
142 request
.setAttribute(HttpContext
.REMOTE_USER
,
143 authorization
.getName());
144 request
.setAttribute(HttpContext
.AUTHORIZATION
, authorization
);
145 request
.getSession().setAttribute(HttpContext
.AUTHORIZATION
,
147 subject
.getPrivateCredentials().add(request
.getSession());
153 public boolean abort() throws LoginException
{
159 public boolean logout() throws LoginException
{
160 Set
<HttpSession
> httpSession
= subject
161 .getPrivateCredentials(HttpSession
.class);
162 Iterator
<HttpSession
> it
= httpSession
.iterator();
163 while (it
.hasNext()) {
164 HttpSession sess
= it
.next();
165 sess
.setAttribute(HttpContext
.AUTHORIZATION
, null);
166 // sess.setMaxInactiveInterval(1);// invalidate session
168 subject
.getPrivateCredentials().removeAll(httpSession
);
173 private void cleanUp() {
174 subject
.getPrivateCredentials().removeAll(
175 subject
.getPrivateCredentials(Authorization
.class));