security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/keyring/KeyringLoginModule.java

   1 package org.argeo.security.ui.keyring;
   2
   3 import java.security.AccessController;
   4 import java.util.Map;
   5 import java.util.Set;
   6
   7 import javax.security.auth.Subject;
   8 import javax.security.auth.callback.Callback;
   9 import javax.security.auth.callback.CallbackHandler;
  10 import javax.security.auth.callback.PasswordCallback;
  11 import javax.security.auth.login.LoginException;
  12 import javax.security.auth.spi.LoginModule;
  13
  14 import org.apache.commons.logging.LogConfigurationException;
  15 import org.argeo.util.crypto.PasswordBasedEncryption;
  16
  17 public class KeyringLoginModule implements LoginModule {
  18         private Subject subject;
  19         private CallbackHandler callbackHandler;
  20         private PasswordBasedEncryption passwordBasedEncryption;
  21
  22         public void initialize(Subject subject, CallbackHandler callbackHandler,
  23                         Map<String, ?> sharedState, Map<String, ?> options) {
  24                 this.subject = subject;
  25                 if (subject == null) {
  26                         subject = Subject.getSubject(AccessController.getContext());
  27                 }
  28                 this.callbackHandler = callbackHandler;
  29         }
  30
  31         public boolean login() throws LoginException {
  32                 Set<PasswordBasedEncryption> pbes = subject
  33                                 .getPrivateCredentials(PasswordBasedEncryption.class);
  34                 if (pbes.size() > 0)
  35                         return true;
  36                 PasswordCallback pc = new PasswordCallback("Master password", false);
  37                 Callback[] callbacks = { pc };
  38                 try {
  39                         callbackHandler.handle(callbacks);
  40                         passwordBasedEncryption = new PasswordBasedEncryption(
  41                                         pc.getPassword());
  42                 } catch (Exception e) {
  43                         throw new LogConfigurationException(e);
  44                 }
  45                 return true;
  46         }
  47
  48         public boolean commit() throws LoginException {
  49                 if (passwordBasedEncryption != null)
  50                         subject.getPrivateCredentials(PasswordBasedEncryption.class).add(
  51                                         passwordBasedEncryption);
  52                 return true;
  53         }
  54
  55         public boolean abort() throws LoginException {
  56                 return true;
  57         }
  58
  59         public boolean logout() throws LoginException {
  60                 Set<PasswordBasedEncryption> pbes = subject
  61                                 .getPrivateCredentials(PasswordBasedEncryption.class);
  62                 pbes.clear();
  63                 return true;
  64         }
  65
  66 }