1 package org
.argeo
.security
.equinox
;
5 import javax
.security
.auth
.Subject
;
6 import javax
.security
.auth
.callback
.Callback
;
7 import javax
.security
.auth
.callback
.CallbackHandler
;
8 import javax
.security
.auth
.callback
.NameCallback
;
9 import javax
.security
.auth
.callback
.PasswordCallback
;
10 import javax
.security
.auth
.callback
.TextOutputCallback
;
11 import javax
.security
.auth
.login
.LoginException
;
13 import org
.apache
.commons
.logging
.Log
;
14 import org
.apache
.commons
.logging
.LogFactory
;
15 import org
.springframework
.security
.Authentication
;
16 import org
.springframework
.security
.AuthenticationManager
;
17 import org
.springframework
.security
.context
.SecurityContextHolder
;
18 import org
.springframework
.security
.providers
.UsernamePasswordAuthenticationToken
;
19 import org
.springframework
.security
.providers
.jaas
.SecurityContextLoginModule
;
21 public class SpringLoginModule
extends SecurityContextLoginModule
{
22 private final static Log log
= LogFactory
.getLog(SpringLoginModule
.class);
24 private AuthenticationManager authenticationManager
;
25 private Subject subject
;
27 private CallbackHandler callbackHandler
;
29 public SpringLoginModule() {
33 @SuppressWarnings("rawtypes")
34 public void initialize(Subject subject
, CallbackHandler callbackHandler
,
35 Map sharedState
, Map options
) {
36 super.initialize(subject
, callbackHandler
, sharedState
, options
);
37 this.subject
= subject
;
38 this.callbackHandler
= callbackHandler
;
41 public boolean login() throws LoginException
{
42 // thread already logged in
43 if (SecurityContextHolder
.getContext().getAuthentication() != null)
46 if (subject
.getPrincipals(Authentication
.class).size() == 1) {
47 registerAuthentication(subject
.getPrincipals(Authentication
.class)
50 } else if (subject
.getPrincipals(Authentication
.class).size() > 1) {
51 throw new LoginException(
52 "Multiple Authentication principals not supported: "
53 + subject
.getPrincipals(Authentication
.class));
55 // ask for username and password
56 Callback label
= new TextOutputCallback(
57 TextOutputCallback
.INFORMATION
, "Required login");
58 NameCallback nameCallback
= new NameCallback("User");
59 PasswordCallback passwordCallback
= new PasswordCallback(
62 if (callbackHandler
== null) {
63 throw new LoginException("No call back handler available");
67 callbackHandler
.handle(new Callback
[] { label
, nameCallback
,
69 } catch (Exception e
) {
70 LoginException le
= new LoginException(
71 "Callback handling failed");
76 // Set user name and password
77 String username
= nameCallback
.getName();
79 if (passwordCallback
.getPassword() != null) {
80 password
= String
.valueOf(passwordCallback
.getPassword());
82 UsernamePasswordAuthenticationToken credentials
= new UsernamePasswordAuthenticationToken(
86 Authentication authentication
= authenticationManager
87 .authenticate(credentials
);
88 registerAuthentication(authentication
);
90 } catch (Exception e
) {
91 LoginException loginException
= new LoginException(
93 loginException
.initCause(e
);
100 public boolean logout() throws LoginException
{
101 if (log
.isDebugEnabled())
103 + subject
.getPrincipals().iterator().next().getName());
104 return super.logout();
108 * Register an {@link Authentication} in the security context.
110 * @param authentication
111 * has to implement {@link Authentication}.
113 protected void registerAuthentication(Object authentication
) {
114 SecurityContextHolder
.getContext().setAuthentication(
115 (Authentication
) authentication
);
118 public void setAuthenticationManager(
119 AuthenticationManager authenticationManager
) {
120 this.authenticationManager
= authenticationManager
;
projects / lgpl / argeo-commons.git / blob