org.argeo.cms/src/org/argeo/cms/auth/IdentLoginModule.java

   1 package org.argeo.cms.auth;
   2
   3 import java.io.IOException;
   4 import java.util.Map;
   5
   6 import javax.security.auth.Subject;
   7 import javax.security.auth.callback.Callback;
   8 import javax.security.auth.callback.CallbackHandler;
   9 import javax.security.auth.callback.UnsupportedCallbackException;
  10 import javax.security.auth.login.LoginException;
  11 import javax.security.auth.spi.LoginModule;
  12
  13 import org.apache.commons.logging.Log;
  14 import org.apache.commons.logging.LogFactory;
  15 import org.argeo.cms.internal.kernel.Activator;
  16 import org.argeo.ident.IdentClient;
  17
  18 /** Use an ident service to identify. */
  19 public class IdentLoginModule implements LoginModule {
  20         private final static Log log = LogFactory.getLog(IdentLoginModule.class);
  21
  22         private CallbackHandler callbackHandler = null;
  23         private Map<String, Object> sharedState = null;
  24
  25         @SuppressWarnings("unchecked")
  26         @Override
  27         public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
  28                         Map<String, ?> options) {
  29                 this.callbackHandler = callbackHandler;
  30                 this.sharedState = (Map<String, Object>) sharedState;
  31         }
  32
  33         @Override
  34         public boolean login() throws LoginException {
  35                 if (callbackHandler == null)
  36                         return false;
  37                 HttpRequestCallback httpCallback = new HttpRequestCallback();
  38                 try {
  39                         callbackHandler.handle(new Callback[] { httpCallback });
  40                 } catch (IOException e) {
  41                         throw new LoginException("Cannot handle http callback: " + e.getMessage());
  42                 } catch (UnsupportedCallbackException e) {
  43                         return false;
  44                 }
  45                 HttpRequest request = httpCallback.getRequest();
  46                 if (request == null)
  47                         return false;
  48                 IdentClient identClient = Activator.getIdentClient(request.getRemoteAddr());
  49                 if (identClient == null)
  50                         return false;
  51                 String identUsername;
  52                 try {
  53                         identUsername = identClient.getUsername(request.getLocalPort(), request.getRemotePort());
  54                 } catch (Exception e) {
  55                         e.printStackTrace();
  56                         return false;
  57                 }
  58                 if (identUsername != null) {
  59                         if (log.isDebugEnabled())
  60                                 log.debug("Ident username: " + identUsername + " (local port: " + request.getLocalPort()
  61                                                 + ", remote port: " + request.getRemotePort() + ")");
  62                         sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, identUsername);
  63                         sharedState.put(CmsAuthUtils.SHARED_STATE_REMOTE_ADDR, request.getRemoteAddr());
  64                         sharedState.put(CmsAuthUtils.SHARED_STATE_REMOTE_PORT, request.getRemotePort());
  65                         return true;
  66                 } else {
  67                         return false;
  68                 }
  69         }
  70
  71         @Override
  72         public boolean commit() throws LoginException {
  73                 return true;
  74         }
  75
  76         @Override
  77         public boolean abort() throws LoginException {
  78                 return true;
  79         }
  80
  81         @Override
  82         public boolean logout() throws LoginException {
  83                 return true;
  84         }
  85
  86 }