X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FKeyringLoginModule.java;h=09fece03aa560fb9e6e350b2ae811b3e47b40e1e;hb=6d206b9052689ffa880cd4593bfefa704dc0dd46;hp=2c495825456fa5c231e18bf0210a08d81aef81c6;hpb=909294f80d35ad0b3095741872b6c54be8f7f561;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/KeyringLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/KeyringLoginModule.java index 2c4958254..09fece03a 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/KeyringLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/KeyringLoginModule.java @@ -30,8 +30,8 @@ import javax.security.auth.callback.PasswordCallback; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; -import org.argeo.cms.security.PasswordBasedEncryption; import org.argeo.node.security.PBEKeySpecCallback; +import org.argeo.util.PasswordEncryption; /** Adds a secret key to the private credentials */ public class KeyringLoginModule implements LoginModule { @@ -39,8 +39,8 @@ public class KeyringLoginModule implements LoginModule { private CallbackHandler callbackHandler; private SecretKey secretKey; - public void initialize(Subject subject, CallbackHandler callbackHandler, - Map sharedState, Map options) { + public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, + Map options) { this.subject = subject; if (subject == null) { subject = Subject.getSubject(AccessController.getContext()); @@ -49,9 +49,9 @@ public class KeyringLoginModule implements LoginModule { } public boolean login() throws LoginException { - Set pbes = subject.getPrivateCredentials(SecretKey.class); - if (pbes.size() > 0) - return true; +// Set pbes = subject.getPrivateCredentials(SecretKey.class); +// if (pbes.size() > 0) +// return true; PasswordCallback pc = new PasswordCallback("Master password", false); PBEKeySpecCallback pbeCb = new PBEKeySpecCallback(); Callback[] callbacks = { pc, pbeCb }; @@ -59,21 +59,17 @@ public class KeyringLoginModule implements LoginModule { callbackHandler.handle(callbacks); char[] password = pc.getPassword(); - SecretKeyFactory keyFac = SecretKeyFactory.getInstance(pbeCb - .getSecretKeyFactory()); + SecretKeyFactory keyFac = SecretKeyFactory.getInstance(pbeCb.getSecretKeyFactory()); PBEKeySpec keySpec; if (pbeCb.getKeyLength() != null) - keySpec = new PBEKeySpec(password, pbeCb.getSalt(), - pbeCb.getIterationCount(), pbeCb.getKeyLength()); + keySpec = new PBEKeySpec(password, pbeCb.getSalt(), pbeCb.getIterationCount(), pbeCb.getKeyLength()); else - keySpec = new PBEKeySpec(password, pbeCb.getSalt(), - pbeCb.getIterationCount()); + keySpec = new PBEKeySpec(password, pbeCb.getSalt(), pbeCb.getIterationCount()); String secKeyEncryption = pbeCb.getSecretKeyEncryption(); if (secKeyEncryption != null) { SecretKey tmp = keyFac.generateSecret(keySpec); - secretKey = new SecretKeySpec(tmp.getEncoded(), - secKeyEncryption); + secretKey = new SecretKeySpec(tmp.getEncoded(), secKeyEncryption); } else { secretKey = keyFac.generateSecret(keySpec); } @@ -86,8 +82,10 @@ public class KeyringLoginModule implements LoginModule { } public boolean commit() throws LoginException { - if (secretKey != null) + if (secretKey != null) { + subject.getPrivateCredentials().removeAll(subject.getPrivateCredentials(SecretKey.class)); subject.getPrivateCredentials().add(secretKey); + } return true; } @@ -96,8 +94,7 @@ public class KeyringLoginModule implements LoginModule { } public boolean logout() throws LoginException { - Set pbes = subject - .getPrivateCredentials(PasswordBasedEncryption.class); + Set pbes = subject.getPrivateCredentials(PasswordEncryption.class); pbes.clear(); return true; }