1
14
15 package com.liferay.portal.security.jaas.ext;
16
17 import com.liferay.portal.kernel.log.Log;
18 import com.liferay.portal.kernel.log.LogFactoryUtil;
19 import com.liferay.portal.kernel.security.jaas.PortalPrincipal;
20 import com.liferay.portal.kernel.util.GetterUtil;
21 import com.liferay.portal.kernel.util.StringPool;
22 import com.liferay.portal.service.UserLocalServiceUtil;
23
24 import java.io.IOException;
25
26 import java.security.Principal;
27
28 import java.util.Map;
29
30 import javax.security.auth.Subject;
31 import javax.security.auth.callback.Callback;
32 import javax.security.auth.callback.CallbackHandler;
33 import javax.security.auth.callback.NameCallback;
34 import javax.security.auth.callback.PasswordCallback;
35 import javax.security.auth.callback.UnsupportedCallbackException;
36 import javax.security.auth.login.LoginException;
37 import javax.security.auth.spi.LoginModule;
38
39
44 public class BasicLoginModule implements LoginModule {
45
46 public boolean abort() {
47 return true;
48 }
49
50 public boolean commit() {
51 if (getPrincipal() != null) {
52 getSubject().getPrincipals().add(getPrincipal());
53
54 return true;
55 }
56 else {
57 return false;
58 }
59 }
60
61 public void initialize(
62 Subject subject, CallbackHandler callbackHandler,
63 Map<String, ?> sharedState, Map<String, ?> options) {
64
65 _subject = subject;
66 _callbackHandler = callbackHandler;
67 }
68
69 public boolean login() throws LoginException {
70 String[] credentials = null;
71
72 try {
73 credentials = authenticate();
74 }
75 catch (Exception e) {
76 _log.error(e.getMessage());
77
78 throw new LoginException();
79 }
80
81 if ((credentials != null) && (credentials.length == 2)) {
82 setPrincipal(getPortalPrincipal(credentials[0]));
83 setPassword(credentials[1]);
84
85 return true;
86 }
87 else {
88 throw new LoginException();
89 }
90 }
91
92 public boolean logout() {
93 getSubject().getPrincipals().clear();
94
95 return true;
96 }
97
98 protected Subject getSubject() {
99 return _subject;
100 }
101
102 protected Principal getPrincipal() {
103 return _principal;
104 }
105
106 protected void setPrincipal(Principal principal) {
107 _principal = principal;
108 }
109
110 protected Principal getPortalPrincipal(String name) {
111 return new PortalPrincipal(name);
112 }
113
114 protected String getPassword() {
115 return _password;
116 }
117
118 protected void setPassword(String password) {
119 _password = password;
120 }
121
122 protected String[] authenticate()
123 throws IOException, UnsupportedCallbackException {
124
125 NameCallback nameCallback = new NameCallback("name: ");
126 PasswordCallback passwordCallback =
127 new PasswordCallback("password: ", false);
128
129 _callbackHandler.handle(
130 new Callback[] {
131 nameCallback, passwordCallback
132 });
133
134 String name = nameCallback.getName();
135
136 String password = null;
137 char[] passwordChar = passwordCallback.getPassword();
138
139 if (passwordChar != null) {
140 password = new String(passwordChar);
141 }
142
143 if (name == null) {
144 return new String[] {StringPool.BLANK, StringPool.BLANK};
145 }
146
147 try {
148 long userId = GetterUtil.getLong(name);
149
150 if (UserLocalServiceUtil.authenticateForJAAS(userId, password)) {
151 return new String[] {name, password};
152 }
153 }
154 catch (Exception e) {
155 _log.error(e, e);
156 }
157
158 return null;
159 }
160
161 private static Log _log = LogFactoryUtil.getLog(BasicLoginModule.class);
162
163 private Subject _subject;
164 private CallbackHandler _callbackHandler;
165 private Principal _principal;
166 private String _password;
167
168 }