1 package org
.argeo
.cms
.auth
;
3 import java
.net
.InetAddress
;
4 import java
.net
.UnknownHostException
;
5 import java
.util
.Locale
;
8 import javax
.naming
.ldap
.LdapName
;
9 import javax
.security
.auth
.Subject
;
10 import javax
.security
.auth
.callback
.CallbackHandler
;
11 import javax
.security
.auth
.kerberos
.KerberosPrincipal
;
12 import javax
.security
.auth
.login
.LoginException
;
13 import javax
.security
.auth
.spi
.LoginModule
;
14 import javax
.security
.auth
.x500
.X500Principal
;
15 import javax
.servlet
.http
.HttpServletRequest
;
17 import org
.apache
.commons
.logging
.Log
;
18 import org
.apache
.commons
.logging
.LogFactory
;
19 import org
.argeo
.naming
.LdapAttrs
;
20 import org
.argeo
.osgi
.useradmin
.IpaUtils
;
21 import org
.argeo
.osgi
.useradmin
.OsUserUtils
;
22 import org
.osgi
.service
.useradmin
.Authorization
;
24 /** Login module for when the system is owned by a single user. */
25 public class SingleUserLoginModule
implements LoginModule
{
26 private final static Log log
= LogFactory
.getLog(SingleUserLoginModule
.class);
28 private Subject subject
;
29 private Map
<String
, Object
> sharedState
= null;
31 @SuppressWarnings("unchecked")
33 public void initialize(Subject subject
, CallbackHandler callbackHandler
, Map
<String
, ?
> sharedState
,
34 Map
<String
, ?
> options
) {
35 this.subject
= subject
;
36 this.sharedState
= (Map
<String
, Object
>) sharedState
;
40 public boolean login() throws LoginException
{
41 String username
= System
.getProperty("user.name");
42 if (!sharedState
.containsKey(CmsAuthUtils
.SHARED_STATE_NAME
))
43 sharedState
.put(CmsAuthUtils
.SHARED_STATE_NAME
, username
);
48 public boolean commit() throws LoginException
{
49 String authorizationName
;
50 KerberosPrincipal kerberosPrincipal
= CmsAuthUtils
.getSinglePrincipal(subject
, KerberosPrincipal
.class);
51 if (kerberosPrincipal
!= null) {
52 LdapName userDn
= IpaUtils
.kerberosToDn(kerberosPrincipal
.getName());
53 X500Principal principal
= new X500Principal(userDn
.toString());
54 authorizationName
= principal
.getName();
56 Object username
= sharedState
.get(CmsAuthUtils
.SHARED_STATE_NAME
);
58 throw new LoginException("No username available");
61 hostname
= InetAddress
.getLocalHost().getHostName();
62 } catch (UnknownHostException e
) {
63 log
.warn("Using localhost as hostname", e
);
64 hostname
= "localhost";
66 String baseDn
= ("." + hostname
).replaceAll("\\.", ",dc=");
67 X500Principal principal
= new X500Principal(LdapAttrs
.uid
+ "=" + username
+ baseDn
);
68 authorizationName
= principal
.getName();
71 HttpServletRequest request
= (HttpServletRequest
) sharedState
.get(CmsAuthUtils
.SHARED_STATE_HTTP_REQUEST
);
72 Locale locale
= Locale
.getDefault();
74 locale
= request
.getLocale();
76 locale
= Locale
.getDefault();
77 Authorization authorization
= new SingleUserAuthorization(authorizationName
);
78 CmsAuthUtils
.addAuthorization(subject
, authorization
);
80 // Add standard Java OS login
81 OsUserUtils
.loginAsSystemUser(subject
);
83 // additional principals (must be after Authorization registration)
84 // Set<Principal> principals = subject.getPrincipals();
85 // principals.add(principal);
86 // principals.add(new ImpliedByPrincipal(NodeConstants.ROLE_ADMIN, principal));
87 // principals.add(new DataAdminPrincipal());
89 CmsAuthUtils
.registerSessionAuthorization(request
, subject
, authorization
, locale
);
95 public boolean abort() throws LoginException
{
100 public boolean logout() throws LoginException
{
101 CmsAuthUtils
.cleanUp(subject
);