CELoginModule クラス
このクラスは、CEOperations コンポーネントが使用する、Java™ 認証・承認サービス (JAAS) 認証モジュール (LoginModule) を実装します。CEOperations コンポーネントは、Document オブジェクトと Folder オブジェクトに対してオペレーションを実行するために、ワークフロー・システムから Content Engine Java API への呼び出しを行います。
package filenet.contentops.ceoperations.util;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import com.filenet.wcm.api.ObjectFactory;
import com.filenet.wcm.api.Session;
import filenet.vw.base.VWString;
/**
*
*
*/
public class CELoginModule implements LoginModule
{
public static final String UNDEFINED_APP = "undefinedApp";
public static final String PARAM_DEBUG = "debug";
public static final String PARAM_APP_ID = "appId";
public static final String PARAM_DOMAIN = "domain";
public static final String PARAM_CRED_TAG = "credTag";
private Subject m_subject;
private CallbackHandler m_callbackHandler;
private Map m_sharedState;
private Map m_options;
private CEPrincipal m_principal = null;
private Session m_session = null;
private String m_username = null;
private String m_appId = null;
private String m_domain = null;
private String m_credTag = null;
/**
*
* @param subject
* @param callbackHandler
* @param sharedState
* @param options
*/
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
{
this.m_subject = subject;
this.m_callbackHandler = callbackHandler;
this.m_sharedState = sharedState;
this.m_options = options;
}
/**
*
* @return true if successful
* @throws LoginException
*/
public boolean login() throws LoginException
{
m_appId = (String) m_options.get(PARAM_APP_ID);
m_domain = (String) m_options.get(PARAM_DOMAIN);
m_credTag = (String) m_options.get(PARAM_CRED_TAG);
if (m_appId == null)
m_appId = UNDEFINED_APP;
if (m_credTag == null)
m_credTag = com.filenet.wcm.api.Session.CLEAR;
if (m_callbackHandler == null)
{
throw new LoginException((new VWString("ceoperations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information")).toString());
}
String password = null;
m_username = (String)m_sharedState.get("javax.security.auth.login.name");
password = (String)m_sharedState.get("javax.security.auth.login.password");
if (m_username == null)
{
Callback[] callbacks = null;
callbacks = new Callback[3];
callbacks[0] = new TextOutputCallback(TextOutputCallback.INFORMATION, (new VWString("ceoperations.CELoginModule.textInformation","FileNET Content Engine Authentication")).toString());
callbacks[1] = new NameCallback((new VWString("ceoperations.CELoginModule.userLoginPrompt","user name:")).toString());
callbacks[2] = new PasswordCallback((new VWString("ceoperations.CELoginModule.userPasswordPrompt","password:")).toString(), false);
try
{
m_callbackHandler.handle(callbacks);
m_username = ((NameCallback)callbacks[1]).getName();
char[] tmpPassword = ((PasswordCallback)callbacks[2]).getPassword();
if (tmpPassword != null)
password = new String(tmpPassword);
else
password = null;
((PasswordCallback)callbacks[2]).clearPassword();
m_sharedState.put( "javax.security.auth.login.name", m_username );
m_sharedState.put( "javax.security.auth.login.password", password );
}
catch (java.io.IOException ioe)
{
throw new LoginException(ioe.toString());
}
catch (UnsupportedCallbackException uce)
{
throw new LoginException((new VWString("ceoperations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information")).toString());
}
}
try
{
m_session = ObjectFactory.getSession( m_appId,
m_credTag,
m_username,
password );
m_session.verify();
}
catch (Exception e)
{
m_session = null;
throw new LoginException(e.toString());
}
return true;
}
/**
*
* @return true if successful
* @throws LoginException
*/
public boolean commit() throws LoginException
{
if (m_session == null)
return false;
/*
** add a Principal (authenticated identity) to the Subject -
** assume the user we authenticated is the CEPrincipal
*/
m_principal = new CEPrincipal(m_session, m_username);
if (!m_subject.getPrivateCredentials().contains(m_principal))
m_subject.getPrivateCredentials().add(m_principal);
return true;
}
/**
*
* @return true if successful
* @throws LoginException
*/
public boolean abort() throws LoginException
{
if (m_session == null)
return false;
// ログオン成功、ただし全体的な認証は失敗
m_username = null;
m_principal = null;
m_session = null;
return true;
}
/**
*
* @return true if successful
* @throws LoginException
*/
public boolean logout() throws LoginException
{
m_subject.getPrivateCredentials().remove(m_principal);
m_username = null;
m_principal = null;
m_session = null;
return true;
}
}