package com.filenet.wcm.toolkit.server.operations.util;
import java.util.*;
import javax.security.auth.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.*;
import com.filenet.wcm.api.ObjectFactory;
import com.filenet.wcm.api.Session;
import com.filenet.wcm.toolkit.util.WcmString;
public class CELoginModule implements LoginModule
{
public static final String UNDEFINED_APP = "undefinedApp";
public static final String PARAM_DEBUG = "debug";
public static final String PARAM_APP_ID = "appId";
public static final String PARAM_DOMAIN = "domain";
public static final String PARAM_CRED_TAG = "credTag";
private Subject m_subject;
private CallbackHandler m_callbackHandler;
private Map m_sharedState;
private Map m_options;
private CEPrincipal m_principal = null;
private Session m_session = null;
private String m_username = null;
private String m_appId = null;
private String m_domain = null;
private String m_credTag = null;
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
{
this.m_subject = subject;
this.m_callbackHandler = callbackHandler;
this.m_sharedState = sharedState;
this.m_options = options;
}
public boolean login() throws LoginException
{
m_appId = (String) m_options.get(PARAM_APP_ID);
m_domain = (String) m_options.get(PARAM_DOMAIN);
m_credTag = (String) m_options.get(PARAM_CRED_TAG);
if (m_appId == null)
m_appId = UNDEFINED_APP;
if (m_credTag == null)
m_credTag = com.filenet.wcm.api.Session.CLEAR;
if (m_callbackHandler == null)
{
throw new LoginException(WcmString.localize("operations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information"));
}
String password = null;
m_username = (String)m_sharedState.get("javax.security.auth.login.name");
password = (String)m_sharedState.get("javax.security.auth.login.password");
if (m_username == null)
{
Callback[] callbacks = null;
callbacks = new Callback[3];
callbacks[0] = new TextOutputCallback(TextOutputCallback.INFORMATION, WcmString.localize("operations.CELoginModule.textInformation","FileNET Content Engine Authentication"));
callbacks[1] = new NameCallback(WcmString.localize("operations.CELoginModule.userLoginPrompt","user name:"));
callbacks[2] = new PasswordCallback(WcmString.localize("operations.CELoginModule.userPasswordPrompt","password:"), false);
try
{
m_callbackHandler.handle(callbacks);
m_username = ((NameCallback)callbacks[1]).getName();
char[] tmpPassword = ((PasswordCallback)callbacks[2]).getPassword();
if (tmpPassword != null)
password = new String(tmpPassword);
else
password = null;
((PasswordCallback)callbacks[2]).clearPassword();
m_sharedState.put( "javax.security.auth.login.name", m_username );
m_sharedState.put( "javax.security.auth.login.password", password );
}
catch (java.io.IOException ioe)
{
throw new LoginException(ioe.toString());
}
catch (UnsupportedCallbackException uce)
{
throw new LoginException(WcmString.localize("operations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information"));
}
}
try
{
m_session = ObjectFactory.getSession( m_appId,
m_credTag,
m_username,
password );
m_session.verify();
}
catch (Exception e)
{
m_session = null;
throw new LoginException(e.toString());
}
return (m_session == null ? false : true);
}
public boolean commit() throws LoginException
{
if (m_session == null)
return false;
/*
** add a Principal (authenticated identity) to the Subject -
** assume the user we authenticated is the CEPrincipal
*/
m_principal = new CEPrincipal(m_session, m_username);
if (!m_subject.getPrivateCredentials().contains(m_principal))
m_subject.getPrivateCredentials().add(m_principal);
return true;
}
public boolean abort() throws LoginException
{
if (m_session == null)
return false;
// login succeeded but overall authentication failed
m_username = null;
m_principal = null;
m_session = null;
return true;
}
public boolean logout() throws LoginException
{
m_subject.getPrivateCredentials().remove(m_principal);
m_username = null;
m_principal = null;
m_session = null;
return true;
}
}
|