001
014
015 package com.liferay.portal.security.jaas.ext;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.security.jaas.PortalPrincipal;
020 import com.liferay.portal.kernel.util.GetterUtil;
021 import com.liferay.portal.kernel.util.StringPool;
022 import com.liferay.portal.service.UserLocalServiceUtil;
023
024 import java.io.IOException;
025
026 import java.security.Principal;
027
028 import java.util.Map;
029 import java.util.Set;
030
031 import javax.security.auth.Subject;
032 import javax.security.auth.callback.Callback;
033 import javax.security.auth.callback.CallbackHandler;
034 import javax.security.auth.callback.NameCallback;
035 import javax.security.auth.callback.PasswordCallback;
036 import javax.security.auth.callback.UnsupportedCallbackException;
037 import javax.security.auth.login.LoginException;
038 import javax.security.auth.spi.LoginModule;
039
040
043 public class BasicLoginModule implements LoginModule {
044
045 public boolean abort() {
046 return true;
047 }
048
049
052 public boolean commit() throws LoginException {
053 Principal principal = getPrincipal();
054
055 if (principal != null) {
056 Subject subject = getSubject();
057
058 Set<Principal> principals = subject.getPrincipals();
059
060 principals.add(getPrincipal());
061
062 return true;
063 }
064 else {
065 return false;
066 }
067 }
068
069 public void initialize(
070 Subject subject, CallbackHandler callbackHandler,
071 Map<String, ?> sharedState, Map<String, ?> options) {
072
073 _subject = subject;
074 _callbackHandler = callbackHandler;
075 }
076
077 public boolean login() throws LoginException {
078 String[] credentials = null;
079
080 try {
081 credentials = authenticate();
082 }
083 catch (Exception e) {
084 _log.error(e.getMessage());
085
086 throw new LoginException();
087 }
088
089 if ((credentials != null) && (credentials.length == 2)) {
090 setPrincipal(getPortalPrincipal(credentials[0]));
091 setPassword(credentials[1]);
092
093 return true;
094 }
095 else {
096 throw new LoginException();
097 }
098 }
099
100 public boolean logout() {
101 Subject subject = getSubject();
102
103 Set<Principal> principals = subject.getPrincipals();
104
105 principals.clear();
106
107 return true;
108 }
109
110 protected String[] authenticate()
111 throws IOException, UnsupportedCallbackException {
112
113 NameCallback nameCallback = new NameCallback("name: ");
114 PasswordCallback passwordCallback = new PasswordCallback(
115 "password: ", false);
116
117 _callbackHandler.handle(
118 new Callback[] {nameCallback, passwordCallback});
119
120 String name = nameCallback.getName();
121
122 String password = null;
123 char[] passwordChar = passwordCallback.getPassword();
124
125 if (passwordChar != null) {
126 password = new String(passwordChar);
127 }
128
129 if (name == null) {
130 return new String[] {StringPool.BLANK, StringPool.BLANK};
131 }
132
133 try {
134 long userId = GetterUtil.getLong(name);
135
136 if (UserLocalServiceUtil.authenticateForJAAS(userId, password)) {
137 return new String[] {name, password};
138 }
139 }
140 catch (Exception e) {
141 _log.error(e, e);
142 }
143
144 return null;
145 }
146
147 protected String getPassword() {
148 return _password;
149 }
150
151
154 protected Principal getPortalPrincipal(String name) throws LoginException {
155 return new PortalPrincipal(name);
156 }
157
158 protected Principal getPrincipal() {
159 return _principal;
160 }
161
162 protected Subject getSubject() {
163 return _subject;
164 }
165
166 protected void setPassword(String password) {
167 _password = password;
168 }
169
170 protected void setPrincipal(Principal principal) {
171 _principal = principal;
172 }
173
174 private static Log _log = LogFactoryUtil.getLog(BasicLoginModule.class);
175
176 private CallbackHandler _callbackHandler;
177 private String _password;
178 private Principal _principal;
179 private Subject _subject;
180
181 }