Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //-- auth.config --
- "Index" {
- lc.MyLoginModule required;
- };
- //-- security.policy --
- grant {
- permission java.util.PropertyPermission "idea.launcher.*", "read";
- permission java.lang.RuntimePermission "loadLibrary.*";
- permission javax.security.auth.AuthPermission "doAsPrivileged";
- permission javax.security.auth.AuthPermission "createLoginContext";
- permission javax.security.auth.AuthPermission "modifyPrincipals";
- };
- grant principal lc.UserPrincipal "alice" {
- permission java.io.FilePermission "/tmp/tempfile", "read,write";
- };
- grant principal lc.UserPrincipal "bob" {
- permission java.io.FilePermission "/tmp/tempfile", "read";
- };
- //------------- App.java ---------------------------
- package lc;
- import javax.security.auth.Subject;
- import javax.security.auth.callback.Callback;
- import javax.security.auth.callback.CallbackHandler;
- import javax.security.auth.callback.NameCallback;
- import javax.security.auth.callback.PasswordCallback;
- import javax.security.auth.callback.UnsupportedCallbackException;
- import javax.security.auth.login.LoginContext;
- import javax.security.auth.login.LoginException;
- import java.io.*;
- import java.security.PrivilegedAction;
- import java.util.logging.Level;
- import java.util.logging.Logger;
- public class App {
- private static final Logger logger = Logger.getLogger(App.class.getName());
- public static void main(String[] args) throws LoginException {
- LoginContext context = new LoginContext("Index", new CallbackHandler() {
- public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
- for (Callback callback : callbacks) {
- if (callback instanceof NameCallback) {
- NameCallback nc = (NameCallback) callback;
- System.err.print(nc.getPrompt());
- System.err.flush();
- nc.setName((new BufferedReader(new InputStreamReader(System.in))).readLine());
- } else if (callback instanceof PasswordCallback) {
- PasswordCallback pc = ((PasswordCallback) callback);
- System.err.print(pc.getPrompt());
- System.err.flush();
- pc.setPassword((new BufferedReader(new InputStreamReader(System.in))).readLine().toCharArray());
- }
- }
- }
- });
- context.login();
- Subject.doAsPrivileged(context.getSubject(), new PrivilegedAction<Object>() {
- public Object run() {
- try {
- read();
- } catch (Exception e) {
- logger.log(Level.SEVERE, "Cannot read file", e);
- }
- try {
- write();
- } catch (Exception e) {
- logger.log(Level.SEVERE, "Cannot write file", e);
- }
- return new Object();
- }
- private void read() {
- File file = new File("/tmp/tempfile");
- Reader reader = null;
- try {
- reader = new BufferedReader(new FileReader(file));
- StringBuffer buffer = new StringBuffer();
- int c;
- while ((c = reader.read()) != -1) {
- buffer.appendCodePoint(c);
- }
- System.out.println(buffer);
- } catch (FileNotFoundException e) {
- logger.log(Level.SEVERE, null, e);
- } catch (IOException e) {
- logger.log(Level.SEVERE, null, e);
- } finally {
- if (reader != null) {
- try {
- reader.close();
- } catch (IOException e) {
- logger.log(Level.SEVERE, null, e);
- }
- }
- }
- }
- private void write() {
- File file = new File("/tmp/tempfile");
- Writer writer = null;
- try {
- writer = new BufferedWriter(new FileWriter(file));
- writer.write("Hello world");
- } catch (FileNotFoundException e) {
- logger.log(Level.SEVERE, null, e);
- } catch (IOException e) {
- logger.log(Level.SEVERE, null, e);
- } finally {
- if (writer != null) {
- try {
- writer.close();
- } catch (IOException e) {
- logger.log(Level.SEVERE, null, e);
- }
- }
- }
- }
- }, null);
- context.logout();
- }
- }
- //-------------- MyLoginModule.java -------------------------
- package lc;
- import javax.security.auth.Subject;
- import javax.security.auth.callback.Callback;
- import javax.security.auth.callback.CallbackHandler;
- import javax.security.auth.callback.NameCallback;
- import javax.security.auth.callback.PasswordCallback;
- import javax.security.auth.callback.UnsupportedCallbackException;
- import javax.security.auth.login.LoginException;
- import javax.security.auth.spi.LoginModule;
- import java.io.IOException;
- import java.util.Arrays;
- import java.util.HashMap;
- import java.util.Map;
- import java.util.logging.Level;
- import java.util.logging.Logger;
- public class MyLoginModule implements LoginModule {
- private static final Logger logger = Logger.getLogger(LoginModule.class.getName());
- private Subject subject;
- private CallbackHandler callbackHandler;
- private Map<String, ?> sharedState;
- private Map<String, ?> options;
- private Map<String,char[]> users = new HashMap<String,char[]>();
- private String login = null;
- private char[] password = null;
- {
- users.put("alice", "admin".toCharArray());
- users.put("bob", "nimda".toCharArray());
- }
- public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) {
- this.subject = subject;
- this.callbackHandler = callbackHandler;
- this.sharedState = sharedState;
- this.options = options;
- }
- public boolean login() throws LoginException {
- String namePrompt = "Enter your name: ";
- String passwordPrompt = "Enter your password: ";
- Callback[] callbacks = new Callback[]{new NameCallback(namePrompt), new PasswordCallback(passwordPrompt, true)};
- try {
- callbackHandler.handle(callbacks);
- for (Callback callback : callbacks) {
- if (callback instanceof NameCallback) {
- NameCallback nc = (NameCallback) callback;
- login = nc.getName();
- } else if (callback instanceof PasswordCallback) {
- PasswordCallback pc = ((PasswordCallback) callback);
- password = pc.getPassword();
- }
- }
- return true;
- } catch (IOException e) {
- logger.log(Level.SEVERE, null, e);
- } catch (UnsupportedCallbackException e) {
- logger.log(Level.SEVERE, null, e);
- }
- return false;
- }
- public boolean commit() throws LoginException {
- if (users.containsKey(login) && Arrays.equals(users.get(login), password)) {
- subject.getPrincipals().clear();
- subject.getPrincipals().add(new UserPrincipal(login));
- this.login = null;
- this.password = null;
- return true;
- }
- return false;
- }
- public boolean abort() throws LoginException {
- return false;
- }
- public boolean logout() throws LoginException {
- if (subject.getPrincipals().isEmpty() == false) {
- subject.getPrincipals().clear();
- this.login = null;
- this.password = null;
- return true;
- }
- return false;
- }
- }
- //------------- UserPrincipal.java -----------------------
- package lc;
- import java.security.Principal;
- import java.util.logging.Logger;
- public class UserPrincipal implements Principal {
- private static final Logger logger = Logger.getLogger(UserPrincipal.class.getName());
- private String username;
- public UserPrincipal(String username) {
- this.username = username;
- }
- public String getName() {
- return username;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement