LocalShajAuthMethod.java example

Explorer
rj-core-master
/*=============================================================================#
 # Copyright (c) 2009-2016 Stephan Wahlbrink (WalWare.de) and others.
 # All rights reserved. This program and the accompanying materials
 # are made available under the terms of either (per the licensee's choosing)
 #   - the Eclipse Public License v1.0
 #     which accompanies this distribution, and is available at
 #     http://www.eclipse.org/legal/epl-v10.html, or
 #   - the GNU Lesser General Public License v2.1 or newer
 #     which accompanies this distribution, and is available at
 #     http://www.gnu.org/licenses/lgpl.html
 # 
 # Contributors:
 #     Stephan Wahlbrink - initial API and implementation
 #=============================================================================*/

package de.walware.rj.server.authShaj;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;

import com.cenqua.shaj.Shaj;

import de.walware.rj.RjException;
import de.walware.rj.server.srvext.ServerAuthMethod;


/**
 * Authentication method 'local-shaj'
 * to authenticate against local user account.
 */
public class LocalShajAuthMethod extends ServerAuthMethod {
	
	
	private String[] users;
	
	
	public LocalShajAuthMethod() {
		super("local-shaj", true);
	}
	
	
	@Override
	public void doInit(final String arg) throws RjException {
		if (!Shaj.init()) {
			throw new RjException("Initializing authentication failed:\n" +
					"Initializing 'shaj'-library failed");
		}
		this.users = new String[] { System.getProperty("user.name") };
	}
	
	@Override
	protected Callback[] doCreateLogin() throws RjException {
		return new Callback[] {
				new NameCallback("Username"),
				new PasswordCallback("Password", false),
		};
	}
	
	@Override
	protected String doPerformLogin(final Callback[] callbacks) throws LoginException, RjException {
		final String loginName = ((NameCallback) callbacks[0]).getName();
		if (isValidUser(loginName)) {
			final char[] loginPassword = ((PasswordCallback) callbacks[1]).getPassword();
			if (Shaj.checkPassword(null, loginName, new String(loginPassword))) {
				return loginName;
			}
		}
		throw new FailedLoginException("Invalid username or password");
	}
	
	private boolean isValidUser(final String user) {
		for (final String s : this.users) {
			if (s.equals(user)) {
				return true;
			}
		}
		return false;
	}
	
}