IBM FileNet P8, バージョン 5.2.1            

CELoginModule クラス

このクラスは、CEOperations コンポーネントが使用する、Java™ 認証・承認サービス (JAAS) 認証モジュール (LoginModule) を実装します。CEOperations コンポーネントは、Document オブジェクトと Folder オブジェクトに対してオペレーションを実行するために、ワークフロー・システムから Content Engine Java API への呼び出しを行います。

package filenet.contentops.ceoperations.util;

import java.util.Map;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

import com.filenet.wcm.api.ObjectFactory;
import com.filenet.wcm.api.Session;

import filenet.vw.base.VWString;

/**
 * 
 *
 */
public class CELoginModule implements LoginModule
{
    public static final String UNDEFINED_APP = "undefinedApp";

    public static final String PARAM_DEBUG    = "debug";
    public static final String PARAM_APP_ID   = "appId";
    public static final String PARAM_DOMAIN   = "domain";
    public static final String PARAM_CRED_TAG = "credTag";

    private Subject         m_subject;
    private CallbackHandler m_callbackHandler;
    private Map             m_sharedState;
    private Map             m_options;
    private CEPrincipal     m_principal = null;
    private Session         m_session   = null;
    private String          m_username  = null;
    private String          m_appId     = null;
    private String          m_domain    = null;
    private String          m_credTag   = null;


    /**
     * 
     * @param subject
     * @param callbackHandler
     * @param sharedState
     * @param options
     */
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
    {
        this.m_subject          = subject;
        this.m_callbackHandler  = callbackHandler;
        this.m_sharedState      = sharedState;
        this.m_options          = options;
    }

    /**
     * 
     * @return true if successful
     * @throws LoginException
     */
    public boolean login() throws LoginException
    {

        m_appId   = (String) m_options.get(PARAM_APP_ID);
        m_domain  = (String) m_options.get(PARAM_DOMAIN);
        m_credTag = (String) m_options.get(PARAM_CRED_TAG);

        if (m_appId == null)
            m_appId = UNDEFINED_APP;

        if (m_credTag == null)
            m_credTag = com.filenet.wcm.api.Session.CLEAR;

        if (m_callbackHandler == null)
        {
            throw new LoginException((new VWString("ceoperations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information")).toString());
        }

        String password = null;

        m_username = (String)m_sharedState.get("javax.security.auth.login.name");
        password   = (String)m_sharedState.get("javax.security.auth.login.password");

        if (m_username == null)
        {
            Callback[] callbacks = null;

            callbacks = new Callback[3];
            callbacks[0] = new TextOutputCallback(TextOutputCallback.INFORMATION, (new VWString("ceoperations.CELoginModule.textInformation","FileNET Content Engine Authentication")).toString());
            callbacks[1] = new NameCallback((new VWString("ceoperations.CELoginModule.userLoginPrompt","user name:")).toString());
            callbacks[2] = new PasswordCallback((new VWString("ceoperations.CELoginModule.userPasswordPrompt","password:")).toString(), false);

            try
            {
                m_callbackHandler.handle(callbacks);
                m_username = ((NameCallback)callbacks[1]).getName();

                char[] tmpPassword = ((PasswordCallback)callbacks[2]).getPassword();

                if (tmpPassword != null)
                    password = new String(tmpPassword);
                else
                    password = null;

                ((PasswordCallback)callbacks[2]).clearPassword();

                m_sharedState.put(  "javax.security.auth.login.name",     m_username  );
                m_sharedState.put(  "javax.security.auth.login.password", password  );

            }
            catch (java.io.IOException ioe)
            {
                throw new LoginException(ioe.toString());
            }
            catch (UnsupportedCallbackException uce)
            {
                throw new LoginException((new VWString("ceoperations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information")).toString());
            }
        }

        try
        {
            m_session = ObjectFactory.getSession(  m_appId,
                    m_credTag,
                    m_username,
                    password );

            m_session.verify();

        }
        catch (Exception e)
        {
            m_session = null;
            throw new LoginException(e.toString());
        }

        return true;
    }

    /**
     * 
     * @return true if successful
     * @throws LoginException
     */
    public boolean commit() throws LoginException
    {
        if (m_session == null)
            return false;

        /*
         ** add a Principal (authenticated identity) to the Subject -
         ** assume the user we authenticated is the CEPrincipal
         */
        m_principal = new CEPrincipal(m_session, m_username);

        if (!m_subject.getPrivateCredentials().contains(m_principal))
            m_subject.getPrivateCredentials().add(m_principal);

        return true;
    }

    /**
     * 
     * @return true if successful
     * @throws LoginException
     */
    public boolean abort() throws LoginException
    {
        if (m_session == null)
            return false;

        // ログオン成功、ただし全体的な認証は失敗
        m_username  = null;
        m_principal = null;
        m_session   = null;

        return true;
    }

    /**
     * 
     * @return true if successful
     * @throws LoginException
     */
    public boolean logout() throws LoginException
    {
        m_subject.getPrivateCredentials().remove(m_principal);

        m_username  = null;
        m_principal = null;
        m_session   = null;

        return true;
    }
}


最終更新日: 2016 年 3 月
ci_celoginmodule_class.htm

© Copyright IBM Corp. 2016.