1 package org
.argeo
.cms
.auth
;
3 import java
.io
.IOException
;
4 import java
.util
.Iterator
;
8 import javax
.security
.auth
.Subject
;
9 import javax
.security
.auth
.callback
.Callback
;
10 import javax
.security
.auth
.callback
.CallbackHandler
;
11 import javax
.security
.auth
.callback
.NameCallback
;
12 import javax
.security
.auth
.callback
.PasswordCallback
;
13 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
14 import javax
.security
.auth
.login
.CredentialNotFoundException
;
15 import javax
.security
.auth
.login
.LoginException
;
16 import javax
.security
.auth
.spi
.LoginModule
;
17 import javax
.servlet
.http
.HttpServletRequest
;
18 import javax
.servlet
.http
.HttpSession
;
20 import org
.argeo
.ArgeoException
;
21 import org
.argeo
.cms
.internal
.kernel
.Activator
;
22 import org
.osgi
.framework
.BundleContext
;
23 import org
.osgi
.service
.http
.HttpContext
;
24 import org
.osgi
.service
.useradmin
.Authorization
;
25 import org
.osgi
.service
.useradmin
.User
;
26 import org
.osgi
.service
.useradmin
.UserAdmin
;
28 public class UserAdminLoginModule
implements LoginModule
, AuthConstants
{
29 private Subject subject
;
30 private CallbackHandler callbackHandler
;
31 private boolean isAnonymous
= false;
33 private HttpServletRequest request
= null;
36 public void initialize(Subject subject
, CallbackHandler callbackHandler
,
37 Map
<String
, ?
> sharedState
, Map
<String
, ?
> options
) {
39 this.subject
= subject
;
40 this.callbackHandler
= callbackHandler
;
41 if (options
.containsKey("anonymous"))
42 isAnonymous
= Boolean
.parseBoolean(options
.get("anonymous")
44 } catch (Exception e
) {
45 throw new ArgeoException("Cannot initialize login module", e
);
50 public boolean login() throws LoginException
{
51 BundleContext bc
= Activator
.getBundleContext();
52 UserAdmin userAdmin
= bc
.getService(bc
53 .getServiceReference(UserAdmin
.class));
54 Authorization authorization
= null;
56 authorization
= userAdmin
.getAuthorization(null);
58 HttpRequestCallback httpCallback
= new HttpRequestCallback();
59 // ask for username and password
60 NameCallback nameCallback
= new NameCallback("User");
61 PasswordCallback passwordCallback
= new PasswordCallback(
64 callbackHandler
.handle(new Callback
[] { httpCallback
,
65 nameCallback
, passwordCallback
});
66 } catch (IOException e
) {
67 throw new LoginException("Cannot handle http callback: "
69 } catch (UnsupportedCallbackException e
) {
72 request
= httpCallback
.getRequest();
73 if (request
!= null) {
74 authorization
= (Authorization
) request
75 .getAttribute(HttpContext
.AUTHORIZATION
);
76 if (authorization
== null)
77 authorization
= (Authorization
) request
.getSession()
78 .getAttribute(HttpContext
.AUTHORIZATION
);
80 // if (authorization == null || authorization.getName() == null)
81 // if (!isAnonymous) {
82 // // ask for username and password
83 // NameCallback nameCallback = new NameCallback("User");
84 // PasswordCallback passwordCallback = new PasswordCallback(
85 // "Password", false);
87 // // handle callbacks
89 // callbackHandler.handle(new Callback[] { nameCallback,
90 // passwordCallback });
91 // } catch (Exception e) {
92 // throw new ArgeoException("Cannot handle callbacks", e);
95 if (authorization
== null) {
97 final String username
= nameCallback
.getName();
98 if (username
== null || username
.trim().equals("")) {
99 // authorization = userAdmin.getAuthorization(null);
100 throw new CredentialNotFoundException(
101 "No credentials provided");
103 char[] password
= {};
104 if (passwordCallback
.getPassword() != null)
105 password
= passwordCallback
.getPassword();
107 throw new CredentialNotFoundException(
108 "No credentials provided");
110 User user
= userAdmin
.getUser(null, username
);
113 if (!user
.hasCredential(null, password
))
115 authorization
= userAdmin
.getAuthorization(user
);
119 // authorization = userAdmin.getAuthorization(null);
122 subject
.getPrivateCredentials().add(authorization
);
127 public boolean commit() throws LoginException
{
128 Authorization authorization
= subject
129 .getPrivateCredentials(Authorization
.class).iterator().next();
130 if (request
!= null) {
131 request
.setAttribute(HttpContext
.REMOTE_USER
,
132 authorization
.getName());
133 request
.setAttribute(HttpContext
.AUTHORIZATION
, authorization
);
134 request
.getSession().setAttribute(HttpContext
.AUTHORIZATION
,
136 subject
.getPrivateCredentials().add(request
.getSession());
142 public boolean abort() throws LoginException
{
148 public boolean logout() throws LoginException
{
149 Set
<HttpSession
> httpSession
= subject
150 .getPrivateCredentials(HttpSession
.class);
151 Iterator
<HttpSession
> it
= httpSession
.iterator();
152 while (it
.hasNext()) {
153 HttpSession sess
= it
.next();
154 sess
.setAttribute(HttpContext
.AUTHORIZATION
, null);
155 // sess.setMaxInactiveInterval(1);// invalidate session
157 subject
.getPrivateCredentials().removeAll(httpSession
);
162 private void cleanUp() {
163 subject
.getPrivateCredentials().removeAll(
164 subject
.getPrivateCredentials(Authorization
.class));