/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.io.IOException;
import java.security.Principal;
import java.util.Arrays;
import java.util.Locale;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.ChoiceCallback;
import javax.security.auth.callback.ConfirmationCallback;
import javax.security.auth.callback.LanguageCallback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextInputCallback;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
public class CustomLoginModule implements LoginModule {
static final String HELLO = "Hello";
private Subject subject;
private CallbackHandler callbackHandler;
private boolean loginSucceeded = false;
private String username;
private char[] password;
/*
* Initialize this LoginModule.
*/
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String, ?> sharedState, Map<String, ?> options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
// check if custom parameter is passed from comfiguration
if (options == null) {
throw new RuntimeException("options is null");
}
// read username/password from configuration
Object o = options.get("username");
if (o == null) {
throw new RuntimeException("Custom parameter not passed");
}
if (!(o instanceof String)) {
throw new RuntimeException("Password is not a string");
}
username = (String) o;
o = options.get("password");
if (o == null) {
throw new RuntimeException("Custom parameter not passed");
}
if (!(o instanceof String)) {
throw new RuntimeException("Password is not a string");
}
password = ((String) o).toCharArray();
}
/*
* Authenticate the user.
*/
@Override
public boolean login() throws LoginException {
// prompt for a user name and password
if (callbackHandler == null) {
throw new LoginException("No CallbackHandler available");
}
// standard callbacks
NameCallback name = new NameCallback("username: ", "default");
PasswordCallback passwd = new PasswordCallback("password: ", false);
LanguageCallback language = new LanguageCallback();
TextOutputCallback error = new TextOutputCallback(
TextOutputCallback.ERROR, "This is an error");
TextOutputCallback warning = new TextOutputCallback(
TextOutputCallback.WARNING, "This is a warning");
TextOutputCallback info = new TextOutputCallback(
TextOutputCallback.INFORMATION, "This is a FYI");
TextInputCallback text = new TextInputCallback("Please type " + HELLO,
"Bye");
ChoiceCallback choice = new ChoiceCallback("Choice: ",
new String[] { "pass", "fail" }, 1, true);
ConfirmationCallback confirmation = new ConfirmationCallback(
"confirmation: ", ConfirmationCallback.INFORMATION,
ConfirmationCallback.YES_NO_OPTION, ConfirmationCallback.NO);
CustomCallback custom = new CustomCallback();
Callback[] callbacks = new Callback[] {
choice, info, warning, error, name, passwd, text, language,
confirmation, custom
};
boolean uce = false;
try {
callbackHandler.handle(callbacks);
} catch (UnsupportedCallbackException e) {
Callback callback = e.getCallback();
if (custom.equals(callback)) {
uce = true;
System.out.println("CustomLoginModule: "
+ "custom callback not supported as expected");
} else {
throw new LoginException("Unsupported callback: " + callback);
}
} catch (IOException ioe) {
throw new LoginException(ioe.toString());
}
if (!uce) {
throw new RuntimeException("UnsupportedCallbackException "
+ "not thrown");
}
if (!HELLO.equals(text.getText())) {
System.out.println("Text: " + text.getText());
throw new FailedLoginException("No hello");
}
if (!Locale.GERMANY.equals(language.getLocale())) {
System.out.println("Selected locale: " + language.getLocale());
throw new FailedLoginException("Achtung bitte");
}
String readUsername = name.getName();
char[] readPassword = passwd.getPassword();
if (readPassword == null) {
// treat a NULL password as an empty password
readPassword = new char[0];
}
passwd.clearPassword();
// verify the username/password
if (!username.equals(readUsername)
|| !Arrays.equals(password, readPassword)) {
loginSucceeded = false;
throw new FailedLoginException("Username/password is not correct");
}
// check chosen option
int[] selected = choice.getSelectedIndexes();
if (selected == null || selected.length == 0) {
throw new FailedLoginException("Nothing selected");
}
if (selected[0] != 0) {
throw new FailedLoginException("Wrong choice: " + selected[0]);
}
// check confirmation
if (confirmation.getSelectedIndex() != ConfirmationCallback.YES) {
throw new FailedLoginException("Not confirmed: "
+ confirmation.getSelectedIndex());
}
loginSucceeded = true;
System.out.println("CustomLoginModule: authentication succeeded");
return true;
}
/*
* This method is called if the LoginContext's overall authentication
* succeeded.
*/
@Override
public boolean commit() throws LoginException {
if (loginSucceeded) {
// add a Principal to the Subject
Principal principal = new TestPrincipal(username);
if (!subject.getPrincipals().contains(principal)) {
subject.getPrincipals().add(principal);
}
return true;
}
return false;
}
/*
* This method is called if the LoginContext's overall authentication
* failed.
*/
@Override
public boolean abort() throws LoginException {
loginSucceeded = false;
return true;
}
/*
* Logout the user.
*/
@Override
public boolean logout() throws LoginException {
loginSucceeded = false;
boolean removed = subject.getPrincipals().remove(
new TestPrincipal(username));
if (!removed) {
throw new LoginException("Coundn't remove a principal: "
+ username);
}
return true;
}
static class TestPrincipal implements Principal {
private final String name;
public TestPrincipal(String name) {
this.name = name;
}
@Override
public String getName() {
return name;
}
@Override
public String toString() {
return("TestPrincipal [name =" + name + "]");
}
@Override
public int hashCode() {
return name.hashCode();
}
@Override
public boolean equals(Object o) {
if (o == null) {
return false;
}
if (!(o instanceof TestPrincipal)) {
return false;
}
TestPrincipal other = (TestPrincipal) o;
return name != null ? name.equals(other.name) : other.name == null;
}
}
static class CustomCallback implements Callback {}
}