IBM FileNet P8, Version 5.2.1            

CELoginModule Class

This class implements the Java™ Authentication and Authorization Service (JAAS) authentication module (LoginModule) for use by the CEOperations component. The CEOperations component makes calls from the workflow system to the Content Engine Java API for operations on Document and Folder objects.

package filenet.contentops.ceoperations.util;

import java.util.Map;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

import com.filenet.wcm.api.ObjectFactory;
import com.filenet.wcm.api.Session;

import filenet.vw.base.VWString;

/**
 * 
 *
 */
public class CELoginModule implements LoginModule
{
    public static final String UNDEFINED_APP = "undefinedApp";

    public static final String PARAM_DEBUG    = "debug";
    public static final String PARAM_APP_ID   = "appId";
    public static final String PARAM_DOMAIN   = "domain";
    public static final String PARAM_CRED_TAG = "credTag";

    private Subject         m_subject;
    private CallbackHandler m_callbackHandler;
    private Map             m_sharedState;
    private Map             m_options;
    private CEPrincipal     m_principal = null;
    private Session         m_session   = null;
    private String          m_username  = null;
    private String          m_appId     = null;
    private String          m_domain    = null;
    private String          m_credTag   = null;


    /**
     * 
     * @param subject
     * @param callbackHandler
     * @param sharedState
     * @param options
     */
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
    {
        this.m_subject          = subject;
        this.m_callbackHandler  = callbackHandler;
        this.m_sharedState      = sharedState;
        this.m_options          = options;
    }

    /**
     * 
     * @return true if successful
     * @throws LoginException
     */
    public boolean login() throws LoginException
    {

        m_appId   = (String) m_options.get(PARAM_APP_ID);
        m_domain  = (String) m_options.get(PARAM_DOMAIN);
        m_credTag = (String) m_options.get(PARAM_CRED_TAG);

        if (m_appId == null)
            m_appId = UNDEFINED_APP;

        if (m_credTag == null)
            m_credTag = com.filenet.wcm.api.Session.CLEAR;

        if (m_callbackHandler == null)
        {
            throw new LoginException((new VWString("ceoperations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information")).toString());
        }

        String password = null;

        m_username = (String)m_sharedState.get("javax.security.auth.login.name");
        password   = (String)m_sharedState.get("javax.security.auth.login.password");

        if (m_username == null)
        {
            Callback[] callbacks = null;

            callbacks = new Callback[3];
            callbacks[0] = new TextOutputCallback(TextOutputCallback.INFORMATION, (new VWString("ceoperations.CELoginModule.textInformation","FileNET Content Engine Authentication")).toString());
            callbacks[1] = new NameCallback((new VWString("ceoperations.CELoginModule.userLoginPrompt","user name:")).toString());
            callbacks[2] = new PasswordCallback((new VWString("ceoperations.CELoginModule.userPasswordPrompt","password:")).toString(), false);

            try
            {
                m_callbackHandler.handle(callbacks);
                m_username = ((NameCallback)callbacks[1]).getName();

                char[] tmpPassword = ((PasswordCallback)callbacks[2]).getPassword();

                if (tmpPassword != null)
                    password = new String(tmpPassword);
                else
                    password = null;

                ((PasswordCallback)callbacks[2]).clearPassword();

                m_sharedState.put(  "javax.security.auth.login.name",     m_username  );
                m_sharedState.put(  "javax.security.auth.login.password", password  );

            }
            catch (java.io.IOException ioe)
            {
                throw new LoginException(ioe.toString());
            }
            catch (UnsupportedCallbackException uce)
            {
                throw new LoginException((new VWString("ceoperations.CELoginModule.noCallBack","Error: no CallbackHandler available to get authentication information")).toString());
            }
        }

        try
        {
            m_session = ObjectFactory.getSession(  m_appId,
                    m_credTag,
                    m_username,
                    password );

            m_session.verify();

        }
        catch (Exception e)
        {
            m_session = null;
            throw new LoginException(e.toString());
        }

        return true;
    }

    /**
     * 
     * @return true if successful
     * @throws LoginException
     */
    public boolean commit() throws LoginException
    {
        if (m_session == null)
            return false;

        /*
         ** add a Principal (authenticated identity) to the Subject -
         ** assume the user we authenticated is the CEPrincipal
         */
        m_principal = new CEPrincipal(m_session, m_username);

        if (!m_subject.getPrivateCredentials().contains(m_principal))
            m_subject.getPrivateCredentials().add(m_principal);

        return true;
    }

    /**
     * 
     * @return true if successful
     * @throws LoginException
     */
    public boolean abort() throws LoginException
    {
        if (m_session == null)
            return false;

        // login succeeded but overall authentication failed
        m_username  = null;
        m_principal = null;
        m_session   = null;

        return true;
    }

    /**
     * 
     * @return true if successful
     * @throws LoginException
     */
    public boolean logout() throws LoginException
    {
        m_subject.getPrivateCredentials().remove(m_principal);

        m_username  = null;
        m_principal = null;
        m_session   = null;

        return true;
    }
}


Last updated: October 2015
ci_celoginmodule_class.htm

© Copyright IBM Corporation 2015.