package org.splat.kernel;
+
/**
*
* @author Daniel Brunier-Coulin
- * @copyright OPEN CASCADE 2012
+ * @copyright OPEN CASCADE 2012-2014
*/
import java.util.Calendar;
import java.util.Date;
import java.util.Map;
-import javax.security.auth.*;
-import javax.security.auth.callback.*;
-import javax.security.auth.login.*;
-import javax.security.auth.spi.*;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
import org.apache.log4j.Logger;
import org.splat.dal.bo.kernel.User;
-import org.splat.dal.dao.kernel.Database;
-
+import org.splat.service.ServiceLocatorImpl;
+/**
+ * Implementation of login module for SIMAN.
+ */
public class RealmLoginModule implements LoginModule {
-
-// Initial state
- private Subject subject;
- private CallbackHandler callbackHandler;
-// private Map sharedState;
-// private Map options;
-
-// Authentication status
- private boolean succeeded = false;
- private boolean commit = false;
-
-// Principal
- private User identity = null;
-
- private Logger logger = null;
-
-// ==============================================================================================================================
-// Constructor
-// ==============================================================================================================================
-
- public void initialize(Subject user, CallbackHandler handler, Map<String, ?> state, Map<String, ?> opts) {
-// --------------------------------------------------------------------------------------------------------
- subject = user;
- callbackHandler = handler;
-// sharedState = state;
-// options = opts;
-// debug = "true".equalsIgnoreCase((String)options.get("debug"));
- logger = Logger.getLogger(Database.class);
- }
-
-// ==============================================================================================================================
-// Public services
-// ==============================================================================================================================
+ /**
+ * The logger.
+ */
+ private static final Logger LOG = Logger.getLogger(RealmLoginModule.class);
+
+ /**
+ * Initial state.
+ */
+ private transient Subject _subject;
+ private transient CallbackHandler _callbackHandler;
+ // private Map sharedState;
+ // private Map options;
+
+ /**
+ * Authentication status.
+ */
+ private transient boolean _succeeded = false;
+ private transient boolean _commit = false;
+
+ /**
+ * Principal.
+ */
+ private transient User _identity = null;
+
+ // ==============================================================================================================================
+ // Constructor
+ // ==============================================================================================================================
+
+ /**
+ * {@inheritDoc}
+ *
+ * @see javax.security.auth.spi.LoginModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler,
+ * java.util.Map, java.util.Map)
+ */
+ public void initialize(final Subject user, final CallbackHandler handler,
+ final Map<String, ?> state, final Map<String, ?> opts) {
+ _subject = user;
+ _callbackHandler = handler;
+ // sharedState = state;
+ // options = opts;
+ // debug = "true".equalsIgnoreCase((String)options.get("debug"));
+ // _logger = Logger.getLogger(RealmLoginModule.class);
+ }
+
+ // ==============================================================================================================================
+ // Public services
+ // ==============================================================================================================================
+
+ /**
+ * {@inheritDoc}
+ *
+ * @see javax.security.auth.spi.LoginModule#login()
+ */
public boolean login() throws LoginException {
-// ----------------------
- try {
-// Ask for username password
- Callback[] callbacks = new Callback[2];
- callbacks[0] = new NameCallback("username");
- callbacks[1] = new PasswordCallback("password", false);
-
- callbackHandler.handle(callbacks);
-
- String username = ((NameCallback)callbacks[0]).getName();
- String password = null;
- char[] entered = ((PasswordCallback)callbacks[1]).getPassword();
- if (entered != null) {
- password = new String(entered);
- ((PasswordCallback)callbacks[1]).clearPassword();
- }
-
-// Authentication
- User found = UserDirectory.selectUser(username, password);
- if (found != null) {
- identity = found;
- succeeded = true;
- Calendar today = java.util.Calendar.getInstance();
- Date datime = today.getTime();
- logger.info("RKV:Connection of " + identity.toString() + " " + datime.toString() + ".");
- return true;
- } else {
- identity = null;
- succeeded = false;
- found = UserDirectory.selectUser(username);
- String reason = "password";
- if (found == null) reason = "username";
- logger.info("Connection attempt as " + username + ".");
- throw new FailedLoginException(reason);
- }
- }
- catch (java.io.IOException ioe) {
- throw new LoginException(ioe.toString());
- }
- catch (UnsupportedCallbackException uce) {
- throw new LoginException("Error: " + uce.getCallback().toString() +
- " not available to garner authentication information" +
- " from the user");
- }
+ boolean res = false;
+ try {
+ // Ask for username password
+ Callback[] callbacks = new Callback[2];
+ callbacks[0] = new NameCallback("username");
+ callbacks[1] = new PasswordCallback("password", false);
+
+ _callbackHandler.handle(callbacks);
+
+ String username = ((NameCallback) callbacks[0]).getName();
+ String password = null;
+ char[] entered = ((PasswordCallback) callbacks[1]).getPassword();
+ if (entered != null) {
+ password = new String(entered);
+ ((PasswordCallback) callbacks[1]).clearPassword();
+ }
+
+ // Authentication
+ User found = ServiceLocatorImpl.getInstance().getUserService()
+ .selectUser(username, password);
+ _identity = found;
+ _succeeded = (found != null);
+ if (_succeeded) {
+ Calendar today = java.util.Calendar.getInstance();
+ Date datime = today.getTime();
+ LOG.info("Connection of " + _identity.toString() + " "
+ + datime.toString() + ".");
+ res = true;
+ } else {
+ found = ServiceLocatorImpl.getInstance().getUserService()
+ .selectUser(username);
+ String reason = "password";
+ if (found == null) {
+ reason = "username";
+ }
+ LOG.info("Connection attempt as " + username + ".");
+ throw new FailedLoginException(reason);
+ }
+ } catch (java.io.IOException ioe) {
+ throw new LoginException(ioe.getMessage()); // RKV: NOPMD: The message is sent into the constructor
+ } catch (UnsupportedCallbackException uce) {
+ throw new LoginException("Error: " // RKV: NOPMD: Stacktrace is printed
+ + uce.getCallback().toString()
+ + " not available to garner authentication information"
+ + " from the user");
+ }
+ return res;
}
+ /**
+ * {@inheritDoc}
+ *
+ * @see javax.security.auth.spi.LoginModule#commit()
+ */
public boolean commit() throws LoginException {
-// -----------------------
- if (!succeeded) return false;
-
- if (!subject.getPrincipals().contains(identity)) subject.getPrincipals().add(identity);
- identity = null;
- commit = true;
- return true;
+ boolean res = _succeeded;
+ if (res) {
+ if (!_subject.getPrincipals().contains(_identity)) {
+ _subject.getPrincipals().add(_identity);
+ }
+ _identity = null;
+ _commit = true;
+ }
+ return res;
}
+ /**
+ * {@inheritDoc}
+ *
+ * @see javax.security.auth.spi.LoginModule#abort()
+ */
public boolean abort() throws LoginException {
-// ----------------------
- if (!succeeded) {
- return false;
- } else
- if (succeeded && !commit) {
- identity = null;
- succeeded = false;
- } else {
- logout();
- }
- return true;
+ boolean res = _succeeded;
+ if (res) {
+ if (_commit) {
+ logout();
+ } else {
+ _identity = null;
+ _succeeded = false;
+ }
+ }
+ return res;
}
+ /**
+ * {@inheritDoc}
+ *
+ * @see javax.security.auth.spi.LoginModule#logout()
+ */
public boolean logout() throws LoginException {
-// -----------------------
- subject.getPrincipals().remove(identity);
- identity = null;
- succeeded = false;
- commit = false; // To be validated
- return true;
+ _subject.getPrincipals().remove(_identity);
+ _identity = null;
+ _succeeded = false;
+ _commit = false; // To be validated
+ return true;
}
}
\ No newline at end of file
