From f9cc721289bfc8de1bf4d9ce13d51615dcde9111 Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Tue, 27 Sep 2011 20:53:32 +0000 Subject: [PATCH 1/1] Keyring login module git-svn-id: https://svn.argeo.org/commons/trunk@4761 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../META-INF/spring/loginModules.xml | 4 ++ .../org.argeo.security.equinox/plugin.xml | 6 +- .../security/equinox/KeyringLoginModule.java | 62 +++++++++++++++++++ 3 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/KeyringLoginModule.java diff --git a/security/plugins/org.argeo.security.equinox/META-INF/spring/loginModules.xml b/security/plugins/org.argeo.security.equinox/META-INF/spring/loginModules.xml index 5714e0e19..d661b5f56 100644 --- a/security/plugins/org.argeo.security.equinox/META-INF/spring/loginModules.xml +++ b/security/plugins/org.argeo.security.equinox/META-INF/spring/loginModules.xml @@ -13,4 +13,8 @@ scope="prototype"> + + + diff --git a/security/plugins/org.argeo.security.equinox/plugin.xml b/security/plugins/org.argeo.security.equinox/plugin.xml index 2e63e17a4..82da571f7 100644 --- a/security/plugins/org.argeo.security.equinox/plugin.xml +++ b/security/plugins/org.argeo.security.equinox/plugin.xml @@ -9,7 +9,11 @@ - + + + + + diff --git a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/KeyringLoginModule.java b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/KeyringLoginModule.java new file mode 100644 index 000000000..3de56cc4a --- /dev/null +++ b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/KeyringLoginModule.java @@ -0,0 +1,62 @@ +package org.argeo.security.equinox; + +import java.util.Map; +import java.util.Set; + +import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.login.LoginException; +import javax.security.auth.spi.LoginModule; + +import org.apache.commons.logging.LogConfigurationException; +import org.argeo.util.crypto.PasswordBasedEncryption; + +public class KeyringLoginModule implements LoginModule { + private Subject subject; + private CallbackHandler callbackHandler; + private PasswordBasedEncryption passwordBasedEncryption; + + public void initialize(Subject subject, CallbackHandler callbackHandler, + Map sharedState, Map options) { + this.subject = subject; + this.callbackHandler = callbackHandler; + } + + public boolean login() throws LoginException { + Set pbes = subject + .getPrivateCredentials(PasswordBasedEncryption.class); + if (pbes.size() > 0) + return true; + PasswordCallback pc = new PasswordCallback("Master password", false); + Callback[] callbacks = { pc }; + try { + callbackHandler.handle(callbacks); + passwordBasedEncryption = new PasswordBasedEncryption( + pc.getPassword()); + } catch (Exception e) { + throw new LogConfigurationException(e); + } + return true; + } + + public boolean commit() throws LoginException { + if (passwordBasedEncryption != null) + subject.getPrivateCredentials(PasswordBasedEncryption.class).add( + passwordBasedEncryption); + return true; + } + + public boolean abort() throws LoginException { + return true; + } + + public boolean logout() throws LoginException { + Set pbes = subject + .getPrivateCredentials(PasswordBasedEncryption.class); + pbes.clear(); + return true; + } + +} -- 2.39.2