<extension id="osSpringLoginModule" name="Argeo Spring OS" point="org.eclipse.equinox.security.loginModule">
<loginModule class="org.argeo.eclipse.spring.SpringExtensionFactory" description="Argeo Spring OS Login Module"/>
</extension>
-
+
+ <extension id="keyringLoginModule" name="Argeo Keyring" point="org.eclipse.equinox.security.loginModule">
+ <loginModule class="org.argeo.eclipse.spring.SpringExtensionFactory" description="Argeo Keyring Login Module"/>
+ </extension>
+
<!-- Java -->
<extension id="unixLoginModule" name="UNIX" point="org.eclipse.equinox.security.loginModule">
<loginModule class="com.sun.security.auth.module.UnixLoginModule" description="UNIX Login Module"/>
--- /dev/null
+package org.argeo.security.equinox;
+
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.apache.commons.logging.LogConfigurationException;
+import org.argeo.util.crypto.PasswordBasedEncryption;
+
+public class KeyringLoginModule implements LoginModule {
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private PasswordBasedEncryption passwordBasedEncryption;
+
+ public void initialize(Subject subject, CallbackHandler callbackHandler,
+ Map<String, ?> sharedState, Map<String, ?> options) {
+ this.subject = subject;
+ this.callbackHandler = callbackHandler;
+ }
+
+ public boolean login() throws LoginException {
+ Set<PasswordBasedEncryption> pbes = subject
+ .getPrivateCredentials(PasswordBasedEncryption.class);
+ if (pbes.size() > 0)
+ return true;
+ PasswordCallback pc = new PasswordCallback("Master password", false);
+ Callback[] callbacks = { pc };
+ try {
+ callbackHandler.handle(callbacks);
+ passwordBasedEncryption = new PasswordBasedEncryption(
+ pc.getPassword());
+ } catch (Exception e) {
+ throw new LogConfigurationException(e);
+ }
+ return true;
+ }
+
+ public boolean commit() throws LoginException {
+ if (passwordBasedEncryption != null)
+ subject.getPrivateCredentials(PasswordBasedEncryption.class).add(
+ passwordBasedEncryption);
+ return true;
+ }
+
+ public boolean abort() throws LoginException {
+ return true;
+ }
+
+ public boolean logout() throws LoginException {
+ Set<PasswordBasedEncryption> pbes = subject
+ .getPrivateCredentials(PasswordBasedEncryption.class);
+ pbes.clear();
+ return true;
+ }
+
+}