1 package org
.argeo
.security
.equinox
;
5 import javax
.security
.auth
.Subject
;
6 import javax
.security
.auth
.callback
.Callback
;
7 import javax
.security
.auth
.callback
.CallbackHandler
;
8 import javax
.security
.auth
.callback
.NameCallback
;
9 import javax
.security
.auth
.callback
.PasswordCallback
;
10 import javax
.security
.auth
.callback
.TextOutputCallback
;
11 import javax
.security
.auth
.login
.LoginException
;
13 import org
.argeo
.security
.SiteAuthenticationToken
;
14 import org
.springframework
.security
.Authentication
;
15 import org
.springframework
.security
.AuthenticationManager
;
16 import org
.springframework
.security
.BadCredentialsException
;
17 import org
.springframework
.security
.context
.SecurityContextHolder
;
18 import org
.springframework
.security
.providers
.jaas
.SecurityContextLoginModule
;
20 /** Login module which caches one subject per thread. */
21 public class SpringLoginModule
extends SecurityContextLoginModule
{
22 private AuthenticationManager authenticationManager
;
24 private CallbackHandler callbackHandler
;
26 public SpringLoginModule() {
30 @SuppressWarnings("rawtypes")
31 public void initialize(Subject subject
, CallbackHandler callbackHandler
,
32 Map sharedState
, Map options
) {
33 super.initialize(subject
, callbackHandler
, sharedState
, options
);
34 // this.subject.set(subject);
35 this.callbackHandler
= callbackHandler
;
38 public boolean login() throws LoginException
{
39 // thread already logged in
40 if (SecurityContextHolder
.getContext().getAuthentication() != null)
43 // if (getSubject().getPrincipals(Authentication.class).size() == 1) {
44 // registerAuthentication(getSubject()
45 // .getPrincipals(Authentication.class).iterator().next());
46 // return super.login();
47 // } else if (getSubject().getPrincipals(Authentication.class).size() >
49 // throw new LoginException(
50 // "Multiple Authentication principals not supported: "
51 // + getSubject().getPrincipals(Authentication.class));
53 // ask for username and password
54 Callback label
= new TextOutputCallback(TextOutputCallback
.INFORMATION
,
56 NameCallback nameCallback
= new NameCallback("User");
57 PasswordCallback passwordCallback
= new PasswordCallback("Password",
59 NameCallback urlCallback
= new NameCallback("Site URL");
61 if (callbackHandler
== null) {
62 throw new LoginException("No call back handler available");
66 callbackHandler
.handle(new Callback
[] { label
, nameCallback
,
67 passwordCallback
, urlCallback
});
68 } catch (Exception e
) {
69 LoginException le
= new LoginException("Callback handling failed");
74 // Set user name and password
75 String username
= nameCallback
.getName();
77 if (passwordCallback
.getPassword() != null) {
78 password
= String
.valueOf(passwordCallback
.getPassword());
80 String url
= urlCallback
.getName();
81 // TODO: set it via system properties
82 String workspace
= null;
84 // UsernamePasswordAuthenticationToken credentials = new
85 // UsernamePasswordAuthenticationToken(
86 // username, password);
87 SiteAuthenticationToken credentials
= new SiteAuthenticationToken(
88 username
, password
, url
, workspace
);
91 Authentication authentication
= authenticationManager
92 .authenticate(credentials
);
93 registerAuthentication(authentication
);
94 boolean res
= super.login();
95 // if (log.isDebugEnabled())
96 // log.debug("User " + username + " logged in");
98 } catch (BadCredentialsException bce
) {
100 } catch (Exception e
) {
101 LoginException loginException
= new LoginException(
103 loginException
.initCause(e
);
104 throw loginException
;
110 public boolean logout() throws LoginException
{
111 return super.logout();
115 * Register an {@link Authentication} in the security context.
117 * @param authentication
118 * has to implement {@link Authentication}.
120 protected void registerAuthentication(Object authentication
) {
121 SecurityContextHolder
.getContext().setAuthentication(
122 (Authentication
) authentication
);
125 public void setAuthenticationManager(
126 AuthenticationManager authenticationManager
) {
127 this.authenticationManager
= authenticationManager
;
130 // protected Subject getSubject() {
131 // return subject.get();