API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 14th, 2017
71
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.99 KB | None | 0 0
raw download clone embed print report
  1. package sample.module;
  2.  
  3. import java.util.Map;
  4.  
  5. import javax.security.auth.Subject;
  6. import javax.security.auth.callback.Callback;
  7. import javax.security.auth.callback.CallbackHandler;
  8. import javax.security.auth.callback.NameCallback;
  9. import javax.security.auth.callback.PasswordCallback;
  10. import javax.security.auth.callback.UnsupportedCallbackException;
  11. import javax.security.auth.login.FailedLoginException;
  12. import javax.security.auth.login.LoginException;
  13. import javax.security.auth.spi.LoginModule;
  14.  
  15. import sample.principal.SamplePrincipal;
  16.  
  17. public class SampleLoginModule implements LoginModule
  18. {
  19.  
  20. // initial state
  21. private Subject subject;
  22. private CallbackHandler callbackHandler;
  23. private Map sharedState;
  24. private Map options;
  25.  
  26. // configurable option
  27. private boolean debug = false;
  28.  
  29. // the authentication status
  30. private boolean succeeded = false;
  31. private boolean commitSucceeded = false;
  32.  
  33. // username and password
  34. private String username;
  35. private char[] password;
  36.  
  37. // testUser's SamplePrincipal
  38. private SamplePrincipal userPrincipal;
  39.  
  40. public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
  41. {
  42. this.subject = subject;
  43. this.callbackHandler = callbackHandler;
  44. this.sharedState = sharedState;
  45. this.options = options;
  46.  
  47. // initialize any configured options
  48. debug = "true".equalsIgnoreCase((String)options.get("debug"));
  49. }
  50.  
  51. public boolean login() throws LoginException
  52. {
  53.  
  54. // prompt for a user name and password
  55. if (callbackHandler == null)
  56. throw new LoginException("Error: no CallbackHandler available " +
  57. "to garner authentication information from the user");
  58.  
  59. Callback[] callbacks = new Callback[2];
  60. callbacks[0] = new NameCallback("user name: ");
  61. callbacks[1] = new PasswordCallback("password: ", false);
  62.  
  63. try {
  64. callbackHandler.handle(callbacks);
  65. username = ((NameCallback)callbacks[0]).getName();
  66. char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword();
  67. if (tmpPassword == null) {
  68. // treat a NULL password as an empty password
  69. tmpPassword = new char[0];
  70. }
  71. password = new char[tmpPassword.length];
  72. System.arraycopy(tmpPassword, 0,
  73. password, 0, tmpPassword.length);
  74. ((PasswordCallback)callbacks[1]).clearPassword();
  75.  
  76. } catch (java.io.IOException ioe) {
  77. throw new LoginException(ioe.toString());
  78. } catch (UnsupportedCallbackException uce) {
  79. throw new LoginException("Error: " + uce.getCallback().toString() +
  80. " not available to garner authentication information " +
  81. "from the user");
  82. }
  83.  
  84. // print debugging information
  85. if (debug) {
  86. System.out.println("\t\t[SampleLoginModule] " +
  87. "user entered user name: " +
  88. username);
  89. System.out.print("\t\t[SampleLoginModule] " +
  90. "user entered password: ");
  91. for (int i = 0; i < password.length; i++)
  92. System.out.print(password[i]);
  93. System.out.println();
  94. }
  95.  
  96. // verify the username/password
  97. boolean usernameCorrect = false;
  98. boolean passwordCorrect = false;
  99. if (username.equals("testUser"))
  100. usernameCorrect = true;
  101. if (usernameCorrect &&
  102. password.length == 12 &&
  103. password[0] == 't' &&
  104. password[1] == 'e' &&
  105. password[2] == 's' &&
  106. password[3] == 't' &&
  107. password[4] == 'P' &&
  108. password[5] == 'a' &&
  109. password[6] == 's' &&
  110. password[7] == 's' &&
  111. password[8] == 'w' &&
  112. password[9] == 'o' &&
  113. password[10] == 'r' &&
  114. password[11] == 'd') {
  115.  
  116. // authentication succeeded!!!
  117. passwordCorrect = true;
  118. if (debug)
  119. System.out.println("\t\t[SampleLoginModule] " +
  120. "authentication succeeded");
  121. succeeded = true;
  122. return true;
  123. } else {
  124.  
  125. // authentication failed -- clean out state
  126. if (debug)
  127. System.out.println("\t\t[SampleLoginModule] " +
  128. "authentication failed");
  129. succeeded = false;
  130. username = null;
  131. for (int i = 0; i < password.length; i++)
  132. password[i] = ' ';
  133. password = null;
  134. if (!usernameCorrect) {
  135. throw new FailedLoginException("User Name Incorrect");
  136. } else {
  137. throw new FailedLoginException("Password Incorrect");
  138. }
  139. }
  140. }
  141.  
  142. /**
  143. * <p> This method is called if the LoginContext's
  144. * overall authentication succeeded
  145. * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
  146. * succeeded).
  147. *
  148. * <p> If this LoginModule's own authentication attempt
  149. * succeeded (checked by retrieving the private state saved by the
  150. * <code>login</code> method), then this method associates a
  151. * <code>SamplePrincipal</code>
  152. * with the <code>Subject</code> located in the
  153. * <code>LoginModule</code>. If this LoginModule's own
  154. * authentication attempted failed, then this method removes
  155. * any state that was originally saved.
  156. *
  157. * <p>
  158. *
  159. * @exception LoginException if the commit fails.
  160. *
  161. * @return true if this LoginModule's own login and commit
  162. * attempts succeeded, or false otherwise.
  163. */
  164. public boolean commit() throws LoginException {
  165. if (succeeded == false) {
  166. return false;
  167. } else {
  168. // add a Principal (authenticated identity)
  169. // to the Subject
  170.  
  171. // assume the user we authenticated is the SamplePrincipal
  172. userPrincipal = new SamplePrincipal(username);
  173. if (!subject.getPrincipals().contains(userPrincipal))
  174. subject.getPrincipals().add(userPrincipal);
  175.  
  176. if (debug) {
  177. System.out.println("\t\t[SampleLoginModule] " +
  178. "added SamplePrincipal to Subject");
  179. }
  180.  
  181. // in any case, clean out state
  182. username = null;
  183. for (int i = 0; i < password.length; i++)
  184. password[i] = ' ';
  185. password = null;
  186.  
  187. commitSucceeded = true;
  188. return true;
  189. }
  190. }
  191.  
  192. /**
  193. * <p> This method is called if the LoginContext's
  194. * overall authentication failed.
  195. * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
  196. * did not succeed).
  197. *
  198. * <p> If this LoginModule's own authentication attempt
  199. * succeeded (checked by retrieving the private state saved by the
  200. * <code>login</code> and <code>commit</code> methods),
  201. * then this method cleans up any state that was originally saved.
  202. *
  203. * <p>
  204. *
  205. * @exception LoginException if the abort fails.
  206. *
  207. * @return false if this LoginModule's own login and/or commit attempts
  208. * failed, and true otherwise.
  209. */
  210. public boolean abort() throws LoginException {
  211. if (succeeded == false) {
  212. return false;
  213. } else if (succeeded == true && commitSucceeded == false) {
  214. // login succeeded but overall authentication failed
  215. succeeded = false;
  216. username = null;
  217. if (password != null) {
  218. for (int i = 0; i < password.length; i++)
  219. password[i] = ' ';
  220. password = null;
  221. }
  222. userPrincipal = null;
  223. } else {
  224. // overall authentication succeeded and commit succeeded,
  225. // but someone else's commit failed
  226. logout();
  227. }
  228. return true;
  229. }
  230.  
  231. /**
  232. * Logout the user.
  233. *
  234. * <p> This method removes the <code>SamplePrincipal</code>
  235. * that was added by the <code>commit</code> method.
  236. *
  237. * <p>
  238. *
  239. * @exception LoginException if the logout fails.
  240. *
  241. * @return true in all cases since this <code>LoginModule</code>
  242. * should not be ignored.
  243. */
  244. public boolean logout() throws LoginException {
  245.  
  246. subject.getPrincipals().remove(userPrincipal);
  247. succeeded = false;
  248. succeeded = commitSucceeded;
  249. username = null;
  250. if (password != null) {
  251. for (int i = 0; i < password.length; i++)
  252. password[i] = ' ';
  253. password = null;
  254. }
  255. userPrincipal = null;
  256. return true;
  257. }
  258. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!