Data hosted with ♥ by Pastebin.com - Download Raw - See Original
  1.  
  2. import java.security.acl.Group;
  3. import java.util.Map;
  4.  
  5. import javax.naming.InitialContext;
  6. import javax.naming.NamingException;
  7. import javax.security.auth.Subject;
  8. import javax.security.auth.callback.CallbackHandler;
  9. import javax.security.auth.login.LoginException;
  10.  
  11. import org.jboss.security.SimpleGroup;
  12. import org.jboss.security.SimplePrincipal;
  13. import org.jboss.security.auth.spi.UsernamePasswordLoginModule;
  14.  
  15. /**
  16.  *
  17.  * An example custom login module that obtains passwords and roles
  18.  *
  19.  * for a user from a JNDI lookup.
  20.  *
  21.  *
  22.  *
  23.  * @author Scott.Stark@jboss.org
  24.  *
  25.  * @version $Revision: 1.4 $
  26.  */
  27.  
  28. public class FoLoginModule extends UsernamePasswordLoginModule {
  29.  
  30.     /** The JNDI name to the context that handles the password/username lookup */
  31.     private String userPathPrefix;
  32.  
  33.     /** The JNDI name to the context that handles the roles/ username lookup */
  34.     private String rolesPathPrefix;
  35.  
  36.     private String defaultUser;
  37.  
  38.     private String defaultPassword;
  39.  
  40.     private String[] defaultRoles;
  41.  
  42.     private String[] roles;
  43.  
  44.     /**
  45.      *
  46.      * Override to obtain the userPathPrefix and rolesPathPrefix options.
  47.      */
  48.     @SuppressWarnings({ "rawtypes", "unchecked" })
  49.     @Override
  50.     public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
  51.  
  52.         super.initialize(subject, callbackHandler, sharedState, options);
  53.         userPathPrefix = (String) options.get("userPathPrefix");
  54.         rolesPathPrefix = (String) options.get("rolesPathPrefix");
  55.         try {
  56.             defaultUser = (String) options.get("defaultUser");
  57.             defaultPassword = (String) options.get("defaultPassword");
  58.             String defaultRoles = (String) options.get("defaultRoles");
  59.             this.defaultRoles = defaultRoles != null ? defaultRoles.split(",") : new String[0];
  60.             String roles = (String) options.get("roles");
  61.             this.roles = roles != null ? roles.split(",") : new String[0];
  62.         } catch (Throwable th) {
  63.         }
  64.         log.info("default user: " + defaultUser + ", default pass: " + defaultPassword);
  65.         if (defaultUser != null && defaultPassword != null && defaultRoles != null) {
  66.             try {
  67.                 InitialContext ctx = new InitialContext();
  68.                 String userPath = userPathPrefix + '/' + defaultUser;
  69.  
  70.                 Object result = null;
  71.                 try {
  72.                     result = ctx.lookup(userPath);
  73.                 } catch (NamingException ex) {
  74.                 }
  75.                 if (result == null) {
  76.                     ctx.bind(userPath, defaultPassword);
  77.                 }
  78.  
  79.                 String rolesPath = rolesPathPrefix + '/' + defaultUser;
  80.  
  81.                 result = null;
  82.                 try {
  83.                     result = ctx.lookup(rolesPath);
  84.                 } catch (NamingException ex) {
  85.                 }
  86.                 if (result == null) {
  87.                     ctx.bind(rolesPath, defaultRoles);
  88.                 }
  89.                 ctx.close();
  90.             } catch (Exception e) {
  91.                 log.error("Failed to create roles and default user", e);
  92.             }
  93.         }
  94.     }
  95.  
  96.     /**
  97.      *
  98.      * Get the roles the current user belongs to by querying the
  99.      *
  100.      * rolesPathPrefix + '/' + super.getUsername() JNDI location.
  101.      */
  102.     protected Group[] getRoleSets() throws LoginException {
  103.         try {
  104.             InitialContext ctx = new InitialContext();
  105.             String rolesPath = rolesPathPrefix + '/' + super.getUsername();
  106.             String[] roles = (String[]) ctx.lookup(rolesPath);
  107.             for (String role : roles) {
  108.                 boolean isSupported = false;
  109.                 for (String r : this.roles) {
  110.                     if (r.equals(role)) {
  111.                         isSupported = true;
  112.                     }
  113.                 }
  114.                 if (isSupported == false) {
  115.                     throw new NamingException("role '" + role + "' is not supported");
  116.                 }
  117.             }
  118.             Group[] groups = { new SimpleGroup("Roles") };
  119.             log.info("Getting roles for user=" + super.getUsername());
  120.             for (int r = 0; r < roles.length; r++) {
  121.                 SimplePrincipal role = new SimplePrincipal(roles[r]);
  122.                 log.info("Found role=" + roles[r]);
  123.                 groups[0].addMember(role);
  124.             }
  125.             return groups;
  126.         } catch (NamingException e) {
  127.             log.error("Failed to obtain role groups for user=" + super.getUsername(), e);
  128.             throw new LoginException(e.toString(true));
  129.         }
  130.     }
  131.  
  132.     /**
  133.      *
  134.      * Get the password of the current user by querying the
  135.      *
  136.      * userPathPrefix + '/' + super.getUsername() JNDI location.
  137.      */
  138.     @Override
  139.     protected String getUsersPassword() {
  140.         try {
  141.             InitialContext ctx = new InitialContext();
  142.             String userPath = userPathPrefix + '/' + super.getUsername();
  143.             log.info("Getting password for user=" + super.getUsername());
  144.             String passwd = (String) ctx.lookup(userPath);
  145.             log.info("Found password=" + passwd);
  146.             return passwd;
  147.         } catch (Exception e) {
  148.             log.error("Failed to obtain password for user=" + super.getUsername(), e);
  149.             // throw new LoginException("!!!!" + e.getLocalizedMessage());
  150.         }
  151.         return null;
  152.     }