CELoginModule Class

This class implements the Java™ Authentication and Authorization Service (JAAS) authentication module (LoginModule) for use by the CEOperations component. The CEOperations component makes calls from Process Engine workflows to the Content Engine Java API for operations on Content Engine Document and Folder objects.

package com.filenet.wcm.toolkit.server.operations.util;

import java.util.*;
import javax.security.auth.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.*;

import com.filenet.wcm.api.ObjectFactory;
import com.filenet.wcm.api.Session;

import com.filenet.wcm.toolkit.util.WcmString;

public class CELoginModule implements LoginModule
{
    public static final String UNDEFINED_APP = "undefinedApp";

    public static final String PARAM_DEBUG    = "debug";
    public static final String PARAM_APP_ID   = "appId";
    public static final String PARAM_DOMAIN   = "domain";
    public static final String PARAM_CRED_TAG = "credTag";

    private Subject         m_subject;
    private CallbackHandler m_callbackHandler;
    private Map             m_sharedState;
    private Map             m_options;
    private CEPrincipal     m_principal = null;
    private Session         m_session   = null;
    private String          m_username  = null;
    private String          m_appId     = null;
    private String          m_domain    = null;
    private String          m_credTag   = null;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
    {
        this.m_subject          = subject;
        this.m_callbackHandler  = callbackHandler;
        this.m_sharedState      = sharedState;
        this.m_options          = options;
    }

    public boolean login() throws LoginException
    {

        m_appId   = (Stringm_options.get(PARAM_APP_ID);
        m_domain  = (Stringm_options.get(PARAM_DOMAIN);
        m_credTag = (Stringm_options.get(PARAM_CRED_TAG);

        if (m_appId == null)
            m_appId = UNDEFINED_APP;

        if (m_credTag == null)
            m_credTag = com.filenet.wcm.api.Session.CLEAR;

        if (m_callbackHandler == null)
        {
            throw new LoginException(WcmString.localize("operations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information"));
        }

  String password = null;

  m_username = (String)m_sharedState.get("javax.security.auth.login.name");
  password   = (String)m_sharedState.get("javax.security.auth.login.password");

        if (m_username == null)
        {
                Callback[] callbacks = null;

                callbacks = new Callback[3];
                callbacks[0new TextOutputCallback(TextOutputCallback.INFORMATION, WcmString.localize("operations.CELoginModule.textInformation","FileNET Content Engine Authentication"));
                callbacks[1new NameCallback(WcmString.localize("operations.CELoginModule.userLoginPrompt","user name:"));
                callbacks[2new PasswordCallback(WcmString.localize("operations.CELoginModule.userPasswordPrompt","password:")false);

                try
                {
                    m_callbackHandler.handle(callbacks);
                    m_username = ((NameCallback)callbacks[1]).getName();

                    char[] tmpPassword = ((PasswordCallback)callbacks[2]).getPassword();

                    if (tmpPassword != null)
                        password = new String(tmpPassword);
                    else
                        password = null;

                    ((PasswordCallback)callbacks[2]).clearPassword();

                    m_sharedState.put(  "javax.security.auth.login.name",     m_username  );
                    m_sharedState.put(  "javax.security.auth.login.password", password  );

                }
                catch (java.io.IOException ioe)
                {
                    throw new LoginException(ioe.toString());
                }
                catch (UnsupportedCallbackException uce)
                {
                    throw new LoginException(WcmString.localize("operations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information"));
                }
        }

        try
        {
            m_session = ObjectFactory.getSession(  m_appId,
                                                   m_credTag,
                                                   m_username,
                                                   password );

            m_session.verify();

        }
        catch (Exception e)
        {
            m_session = null;
            throw new LoginException(e.toString());
        }

        return (m_session == null false true);
    }

    public boolean commit() throws LoginException
    {
        if (m_session == null)
            return false;

        /*
        ** add a Principal (authenticated identity) to the Subject -
        ** assume the user we authenticated is the CEPrincipal
        */
        m_principal = new CEPrincipal(m_session, m_username);

        if (!m_subject.getPrivateCredentials().contains(m_principal))
            m_subject.getPrivateCredentials().add(m_principal);

        return true;
    }

    public boolean abort() throws LoginException
    {
        if (m_session == null)
            return false;

        // login succeeded but overall authentication failed
        m_username  = null;
        m_principal = null;
        m_session   = null;

  return true;
    }

    public boolean logout() throws LoginException
    {
        m_subject.getPrivateCredentials().remove(m_principal);

        m_username  = null;
        m_principal = null;
        m_session   = null;

        return true;
    }
}