From: Julien V. <ju...@jb...> - 2005-09-13 19:41:24
|
User: julien Date: 05/09/13 15:40:50 Added: core/src/main/org/jboss/portal/core/security/jaas ModelLoginModule.java Log: - added the model login module replacing the hibernate login module - added NoSuchUserException inheriting ModuleException Revision Changes Path 1.1 date: 2005/09/13 19:40:50; author: julien; state: Exp;jboss-portal/core/src/main/org/jboss/portal/core/security/jaas/ModelLoginModule.java Index: ModelLoginModule.java =================================================================== /***************************************** * * * JBoss Portal: The OpenSource Portal * * * * Distributable under LGPL license. * * See terms of license at gnu.org. * * * *****************************************/ package org.jboss.portal.core.security.jaas; import java.security.Principal; import java.security.acl.Group; import java.util.Iterator; import java.util.Map; import java.util.Set; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.LoginException; import javax.transaction.TransactionManager; import org.jboss.portal.common.transaction.Transactions; import org.jboss.portal.core.modules.UserModule; import org.jboss.portal.core.model.User; import org.jboss.portal.core.model.NoSuchUserException; import org.jboss.security.SimpleGroup; import org.jboss.security.auth.spi.UsernamePasswordLoginModule; /** * A login module that uses the user module. * * @author <a href="mailto:ju...@jb...">Julien Viet</a> * @version $Revision: 1.1 $ */ public class ModelLoginModule extends UsernamePasswordLoginModule { protected String userModuleJNDIName; protected String additionalRole; protected String havingRole; public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { super.initialize(subject, callbackHandler, sharedState, options); // Get data userModuleJNDIName = (String)options.get("userModuleJNDIName"); additionalRole = (String)options.get("additionalRole"); havingRole = (String)options.get("havingRole"); // Some info log.trace("userModuleJNDIName = " + userModuleJNDIName); log.trace("additionalRole = " + additionalRole); log.trace("havingRole = " + havingRole); } private UserModule userModule; protected UserModule getUserModule() throws NamingException { if (userModule == null) { userModule = (UserModule)new InitialContext().lookup(userModuleJNDIName); } return userModule; } protected String getUsersPassword() throws LoginException { try { TransactionManager tm = (TransactionManager)new InitialContext().lookup("java:/TransactionManager"); String password = (String)Transactions.required(tm, new Transactions.Runnable() { public Object run() throws Exception { try { UserModule module = getUserModule(); User user = module.findUserByUserName(getUsername()); if (havingRole == null || user.getRoleNames().contains(havingRole)) { return user.getPassword(); } else { return null; } } catch (NoSuchUserException e) { return null; } catch (Exception e) { throw new LoginException(e.toString()); } } }); // Returning null as password is enough to veto the login return password; } catch (Exception e) { Throwable cause = e.getCause(); throw new LoginException(cause.toString()); } } protected Group[] getRoleSets() throws LoginException { try { TransactionManager tm = (TransactionManager)new InitialContext().lookup("java:/TransactionManager"); return (Group[])Transactions.required(tm, new Transactions.Runnable() { public Object run() throws Exception { try { UserModule module = getUserModule(); User user = module.findUserByUserName(getUsername()); Set roles = user.getRoleNames(); // Group rolesGroup = new SimpleGroup("Roles"); // if (additionalRole != null) { rolesGroup.addMember(createIdentity(additionalRole)); } // for (Iterator iterator = roles.iterator(); iterator.hasNext();) { String roleName = (String)iterator.next(); try { Principal p = createIdentity(roleName); rolesGroup.addMember(p); } catch (Exception e) { log.debug("Failed to create principal " + roleName, e); } } // return new Group[]{rolesGroup}; } catch (Exception e) { throw new LoginException(e.toString()); } } }); } catch (Exception e) { Throwable cause = e.getCause(); throw new LoginException(cause.toString()); } } } |