org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java

   1 package org.argeo.cms.auth;
   2
   3 import java.io.IOException;
   4 import java.util.Locale;
   5 import java.util.Map;
   6
   7 import javax.security.auth.Subject;
   8 import javax.security.auth.callback.Callback;
   9 import javax.security.auth.callback.CallbackHandler;
  10 import javax.security.auth.callback.LanguageCallback;
  11 import javax.security.auth.callback.NameCallback;
  12 import javax.security.auth.callback.PasswordCallback;
  13 import javax.security.auth.callback.UnsupportedCallbackException;
  14 import javax.security.auth.login.CredentialNotFoundException;
  15 import javax.security.auth.login.FailedLoginException;
  16 import javax.security.auth.login.LoginException;
  17 import javax.security.auth.spi.LoginModule;
  18
  19 import org.argeo.cms.CmsException;
  20 import org.argeo.eclipse.ui.specific.UiContext;
  21 import org.osgi.framework.BundleContext;
  22 import org.osgi.framework.FrameworkUtil;
  23 import org.osgi.service.useradmin.Authorization;
  24 import org.osgi.service.useradmin.User;
  25 import org.osgi.service.useradmin.UserAdmin;
  26
  27 public class UserAdminLoginModule implements LoginModule, AuthConstants {
  28         private CallbackHandler callbackHandler;
  29         private Map<String, Object> sharedState = null;
  30
  31         private boolean isAnonymous = false;
  32
  33         private BundleContext bc;
  34
  35         @SuppressWarnings("unchecked")
  36         @Override
  37         public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
  38                         Map<String, ?> options) {
  39                 try {
  40                         bc = FrameworkUtil.getBundle(UserAdminLoginModule.class).getBundleContext();
  41                         assert bc != null;
  42                         // this.subject = subject;
  43                         this.callbackHandler = callbackHandler;
  44                         this.sharedState = (Map<String, Object>) sharedState;
  45                         if (options.containsKey("anonymous"))
  46                                 isAnonymous = Boolean.parseBoolean(options.get("anonymous").toString());
  47                 } catch (Exception e) {
  48                         throw new CmsException("Cannot initialize login module", e);
  49                 }
  50         }
  51
  52         @Override
  53         public boolean login() throws LoginException {
  54                 UserAdmin userAdmin = bc.getService(bc.getServiceReference(UserAdmin.class));
  55                 Authorization authorization = null;
  56                 if (isAnonymous) {
  57                         authorization = userAdmin.getAuthorization(null);
  58                 } else {
  59                         // ask for username and password
  60                         NameCallback nameCallback = new NameCallback("User");
  61                         PasswordCallback passwordCallback = new PasswordCallback("Password", false);
  62                         LanguageCallback langCallback = new LanguageCallback();
  63                         try {
  64                                 callbackHandler.handle(new Callback[] { nameCallback, passwordCallback, langCallback });
  65                         } catch (IOException e) {
  66                                 throw new LoginException("Cannot handle callback: " + e.getMessage());
  67 //                      } catch (ThreadDeath e) {
  68 //                              throw new ThreadDeathLoginException("Callbackhandler thread died", e);
  69                         } catch (UnsupportedCallbackException e) {
  70                                 return false;
  71                         }
  72
  73                         // i18n
  74                         Locale locale = langCallback.getLocale();
  75                         if (locale == null)
  76                                 locale = Locale.getDefault();
  77                         UiContext.setLocale(locale);
  78
  79                         authorization = (Authorization) sharedState.get(SHARED_STATE_AUTHORIZATION);
  80
  81                         if (authorization == null) {
  82                                 // create credentials
  83                                 final String username = nameCallback.getName();
  84                                 if (username == null || username.trim().equals("")) {
  85                                         // authorization = userAdmin.getAuthorization(null);
  86                                         throw new CredentialNotFoundException("No credentials provided");
  87                                 } else {
  88                                         char[] password = {};
  89                                         if (passwordCallback.getPassword() != null)
  90                                                 password = passwordCallback.getPassword();
  91                                         else
  92                                                 throw new CredentialNotFoundException("No credentials provided");
  93
  94                                         User user = userAdmin.getUser(null, username);
  95                                         if (user == null)
  96                                                 throw new FailedLoginException("Invalid credentials");
  97                                         if (!user.hasCredential(null, password))
  98                                                 throw new FailedLoginException("Invalid credentials");
  99                                         // return false;
 100
 101                                         // Log and monitor new login
 102                                         // if (log.isDebugEnabled())
 103                                         // log.debug("Logged in to CMS with username [" + username +
 104                                         // "]");
 105
 106                                         authorization = userAdmin.getAuthorization(user);
 107                                 }
 108                         }
 109                 }
 110                 if (!sharedState.containsKey(SHARED_STATE_AUTHORIZATION))
 111                         sharedState.put(SHARED_STATE_AUTHORIZATION, authorization);
 112                 return true;
 113         }
 114
 115         @Override
 116         public boolean commit() throws LoginException {
 117                 return true;
 118         }
 119
 120         @Override
 121         public boolean abort() throws LoginException {
 122                 return true;
 123         }
 124
 125         @Override
 126         public boolean logout() throws LoginException {
 127                 return true;
 128         }
 129 }