security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/KeyringLoginModule.java

   1 package org.argeo.security.equinox;
   2
   3 import java.util.Map;
   4 import java.util.Set;
   5
   6 import javax.security.auth.Subject;
   7 import javax.security.auth.callback.Callback;
   8 import javax.security.auth.callback.CallbackHandler;
   9 import javax.security.auth.callback.PasswordCallback;
  10 import javax.security.auth.login.LoginException;
  11 import javax.security.auth.spi.LoginModule;
  12
  13 import org.apache.commons.logging.LogConfigurationException;
  14 import org.argeo.util.crypto.PasswordBasedEncryption;
  15
  16 public class KeyringLoginModule implements LoginModule {
  17         private Subject subject;
  18         private CallbackHandler callbackHandler;
  19         private PasswordBasedEncryption passwordBasedEncryption;
  20
  21         public void initialize(Subject subject, CallbackHandler callbackHandler,
  22                         Map<String, ?> sharedState, Map<String, ?> options) {
  23                 this.subject = subject;
  24                 this.callbackHandler = callbackHandler;
  25         }
  26
  27         public boolean login() throws LoginException {
  28                 Set<PasswordBasedEncryption> pbes = subject
  29                                 .getPrivateCredentials(PasswordBasedEncryption.class);
  30                 if (pbes.size() > 0)
  31                         return true;
  32                 PasswordCallback pc = new PasswordCallback("Master password", false);
  33                 Callback[] callbacks = { pc };
  34                 try {
  35                         callbackHandler.handle(callbacks);
  36                         passwordBasedEncryption = new PasswordBasedEncryption(
  37                                         pc.getPassword());
  38                 } catch (Exception e) {
  39                         throw new LogConfigurationException(e);
  40                 }
  41                 return true;
  42         }
  43
  44         public boolean commit() throws LoginException {
  45                 if (passwordBasedEncryption != null)
  46                         subject.getPrivateCredentials(PasswordBasedEncryption.class).add(
  47                                         passwordBasedEncryption);
  48                 return true;
  49         }
  50
  51         public boolean abort() throws LoginException {
  52                 return true;
  53         }
  54
  55         public boolean logout() throws LoginException {
  56                 Set<PasswordBasedEncryption> pbes = subject
  57                                 .getPrivateCredentials(PasswordBasedEncryption.class);
  58                 pbes.clear();
  59                 return true;
  60         }
  61
  62 }