BasicLoginModule.java

/**
 * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
 *
 * This library is free software; you can redistribute it and/or modify it under
 * the terms of the GNU Lesser General Public License as published by the Free
 * Software Foundation; either version 2.1 of the License, or (at your option)
 * any later version.
 *
 * This library is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
 * details.
 */

package com.liferay.portal.security.jaas.ext;

import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.Company;
import com.liferay.portal.kernel.security.jaas.PortalPrincipal;
import com.liferay.portal.kernel.service.CompanyLocalServiceUtil;
import com.liferay.portal.kernel.service.UserLocalServiceUtil;
import com.liferay.portal.kernel.util.StringPool;
import com.liferay.portal.security.jaas.JAASHelper;

import java.io.IOException;

import java.security.Principal;

import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/**
 * @author Brian Wing Shun Chan
 */
public class BasicLoginModule implements LoginModule {

	@Override
	public boolean abort() {
		return true;
	}

	@Override
	@SuppressWarnings("unused")
	public boolean commit() throws LoginException {
		Principal principal = getPrincipal();

		if (principal != null) {
			Subject subject = getSubject();

			Set<Principal> principals = subject.getPrincipals();

			principals.add(getPrincipal());

			return true;
		}
		else {
			return false;
		}
	}

	@Override
	public void initialize(
		Subject subject, CallbackHandler callbackHandler,
		Map<String, ?> sharedState, Map<String, ?> options) {

		_subject = subject;
		_callbackHandler = callbackHandler;
	}

	@Override
	public boolean login() throws LoginException {
		String[] credentials = null;

		try {
			credentials = authenticate();
		}
		catch (Exception e) {
			_log.error(e.getMessage());

			throw new LoginException();
		}

		if ((credentials != null) && (credentials.length == 2)) {
			setPrincipal(getPortalPrincipal(credentials[0]));
			setPassword(credentials[1]);

			return true;
		}
		else {
			throw new LoginException();
		}
	}

	@Override
	public boolean logout() {
		Subject subject = getSubject();

		Set<Principal> principals = subject.getPrincipals();

		principals.clear();

		return true;
	}

	protected String[] authenticate()
		throws IOException, UnsupportedCallbackException {

		NameCallback nameCallback = new NameCallback("name: ");
		PasswordCallback passwordCallback = new PasswordCallback(
			"password: ", false);

		_callbackHandler.handle(
			new Callback[] {nameCallback, passwordCallback});

		String name = nameCallback.getName();

		String password = null;
		char[] passwordChar = passwordCallback.getPassword();

		if (passwordChar != null) {
			password = new String(passwordChar);
		}

		if (name == null) {
			return new String[] {StringPool.BLANK, StringPool.BLANK};
		}

		try {
			List<Company> companies = CompanyLocalServiceUtil.getCompanies();

			for (Company company : companies) {
				long userId = JAASHelper.getJaasUserId(
					company.getCompanyId(), name);

				if (userId == 0) {
					continue;
				}

				if (UserLocalServiceUtil.authenticateForJAAS(
						userId, password)) {

					return new String[] {name, password};
				}
			}
		}
		catch (Exception e) {
			_log.error(e, e);
		}

		return null;
	}

	protected String getPassword() {
		return _password;
	}

	@SuppressWarnings("unused")
	protected Principal getPortalPrincipal(String name) throws LoginException {
		return new PortalPrincipal(name);
	}

	protected Principal getPrincipal() {
		return _principal;
	}

	protected Subject getSubject() {
		return _subject;
	}

	protected void setPassword(String password) {
		_password = password;
	}

	protected void setPrincipal(Principal principal) {
		_principal = principal;
	}

	private static final Log _log = LogFactoryUtil.getLog(
		BasicLoginModule.class);

	private CallbackHandler _callbackHandler;
	private String _password;
	private Principal _principal;
	private Subject _subject;

}