00001
00027 package org.objectweb.jonas.security.auth.spi;
00028
00029 import java.security.Principal;
00030 import java.security.acl.Group;
00031 import java.util.ArrayList;
00032 import java.util.Enumeration;
00033 import java.util.Iterator;
00034 import java.util.Map;
00035 import java.util.Set;
00036
00037 import javax.security.auth.Subject;
00038 import javax.security.auth.callback.CallbackHandler;
00039 import javax.security.auth.login.LoginException;
00040 import javax.security.auth.spi.LoginModule;
00041
00042 import org.objectweb.security.context.SecurityContext;
00043 import org.objectweb.security.context.SecurityCurrent;
00044
00045
00051 public class ClientLoginModule implements LoginModule {
00052
00056 private Subject subject = null;
00057
00061 private CallbackHandler callbackHandler = null;
00062
00066 private Map sharedState = null;
00067
00071 private Map options = null;
00072
00076 private String principalName = null;
00077
00081 private ArrayList principalRoles = null;
00082
00086 private boolean globalContext = false;
00087
00096 public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
00097 this.subject = subject;
00098 this.callbackHandler = callbackHandler;
00099 this.sharedState = sharedState;
00100 this.options = options;
00101 principalRoles = new ArrayList();
00102 }
00103
00104
00111 public boolean login() throws LoginException {
00112
00113 String useGlobalCtx = (String) options.get("globalCtx");
00114 if ((useGlobalCtx != null) && (Boolean.valueOf(useGlobalCtx).booleanValue())) {
00115 globalContext = true;
00116 }
00117 return true;
00118 }
00119
00120
00128 public boolean commit() throws LoginException {
00129
00130
00131 Set principals = subject.getPrincipals(Principal.class);
00132 Iterator iterator = principals.iterator();
00133 while (iterator.hasNext()) {
00134 Principal principal = (Principal) iterator.next();
00135 if (!(principal instanceof Group)) {
00136 principalName = principal.getName();
00137 }
00138 }
00139
00140
00141 if (principalName == null) {
00142 throw new LoginException("There was no previous login module. This login module can only be used in addition to another module which perform the authentication.");
00143 }
00144
00145
00146 principals = subject.getPrincipals(Group.class);
00147 iterator = principals.iterator();
00148 while (iterator.hasNext()) {
00149 Group group = (Group) iterator.next();
00150 Enumeration e = group.members();
00151 while (e.hasMoreElements()) {
00152 Principal p = (Principal) e.nextElement();
00153 principalRoles.add(p.getName());
00154 }
00155 }
00156
00157
00158 SecurityContext ctx = new SecurityContext(principalName, principalRoles);
00159 SecurityCurrent current = SecurityCurrent.getCurrent();
00160 if (globalContext) {
00161 current.setGlobalSecurityContext(ctx);
00162 } else {
00163 current.setSecurityContext(ctx);
00164 }
00165
00166 return true;
00167 }
00168
00169
00177 public boolean abort() throws LoginException {
00178
00179
00180 return true;
00181 }
00182
00189 public boolean logout() throws LoginException {
00190
00191
00192 SecurityContext ctx = new SecurityContext();
00193 SecurityCurrent current = SecurityCurrent.getCurrent();
00194 current.setSecurityContext(ctx);
00195
00196 return true;
00197
00198 }
00199
00200 }