/* * Copyright (c) 2004, 2015, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ import java.security.Principal; import java.util.Arrays; import java.util.Map; import javax.security.auth.Subject; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.FailedLoginException; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; /** * This code was based on JAAS demo code, small modification is made for testing * purpose. */ public class SmartLoginModule implements LoginModule { // initial state private Subject subject; private CallbackHandler callbackHandler; // the authentication status private boolean succeeded = false; private boolean commitSucceeded = false; // username and password private String username; private char[] password; // Default values for this login module. In real world, // don't do it in this way! private String myUsername; private char[] myPassword; private String header; // testUser's SamplePrincipal private SamplePrincipal userPrincipal; public SmartLoginModule() { this("testUser", new char[]{'t', 'e', 's', 't', 'P', 'a', 's', 's', 'w', 'o', 'r', 'd', '1'}, "SmartLoginModule1: "); } public SmartLoginModule(String userName, char[] password, String header) { myUsername = userName; myPassword = password; this.header = header; } @Override public boolean abort() throws LoginException { if (!succeeded) { return false; } else if (succeeded && !commitSucceeded) { // login succeeded but overall authentication failed succeeded = false; username = null; password = null; userPrincipal = null; } else { // overall authentication succeeded and commit succeeded, // but someone else's commit failed logout(); } return true; } @Override public boolean commit() throws LoginException { if (!succeeded) { return false; } else { // add a Principal (authenticated identity) to the Subject // assume the user we authenticated is the SamplePrincipal userPrincipal = new SamplePrincipal(username); if (!subject.getPrincipals().contains(userPrincipal)) { subject.getPrincipals().add(userPrincipal); } // in any case, clean out state username = null; password = null; commitSucceeded = true; return true; } } @Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { this.subject = subject; this.callbackHandler = callbackHandler; } @Override public boolean login() throws LoginException { if (callbackHandler == null) { throw new LoginException("Error: no CallbackHandler available to " + "garner authentication information from the user"); } Callback[] callbacks = new Callback[2]; callbacks[0] = new NameCallback(header + "user name: "); callbacks[1] = new PasswordCallback(header + "password: ", false); try { callbackHandler.handle(callbacks); username = ((NameCallback) callbacks[0]).getName(); char[] tmpPassword = ((PasswordCallback) callbacks[1]).getPassword(); if (tmpPassword == null) { tmpPassword = new char[0]; } password = new char[tmpPassword.length]; System.arraycopy(tmpPassword, 0, password, 0, tmpPassword.length); ((PasswordCallback) callbacks[1]).clearPassword(); } catch (java.io.IOException ioe) { throw (LoginException) new LoginException().initCause(ioe); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + header + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } // verify the username/password if (username.equals(myUsername) && Arrays.equals(password, myPassword)) { System.out.println("\t\t" + header + " authentication succeeded"); succeeded = true; return true; } else { // authentication failed -- clean out state System.out.println("\t\t" + header + " authentication failed"); printDebugInfo(); succeeded = false; username = null; password = null; throw new FailedLoginException("User Name or Password Incorrect"); } } @Override public boolean logout() throws LoginException { subject.getPrincipals().remove(userPrincipal); succeeded = false; succeeded = commitSucceeded; username = null; password = null; userPrincipal = null; return true; } // print debugging information private void printDebugInfo() { System.out.println("\t\t" + header + " correct user name: " + myUsername); System.out.println("\t\t" + header + " user entered user name: " + username); System.out.print("\t\t" + header + " correct password: "); for (char c : myPassword) { System.out.print(c); } System.out.println(); System.out.print("\t\t" + header + " user entered password: "); for (char c : password) { System.out.print(c); } System.out.println(); } } class SamplePrincipal implements Principal, java.io.Serializable { /** * @serial */ private String name; /** * Create a SamplePrincipal with a Sample username. * * @param name the Sample username for this user. * @exception NullPointerException if the name is * null. */ public SamplePrincipal(String name) { if (name == null) { throw new NullPointerException("illegal null input"); } this.name = name; } @Override public String getName() { return name; } @Override public String toString() { return "SamplePrincipal: " + name; } @Override public boolean equals(Object o) { if (o == null) { return false; } if (this == o) { return true; } if (!(o instanceof SamplePrincipal)) { return false; } SamplePrincipal that = (SamplePrincipal) o; return this.getName().equals(that.getName()); } @Override public int hashCode() { return name.hashCode(); } }