|
@@ -12,7 +12,6 @@
|
|
|
* See the License for the specific language governing permissions and
|
|
* See the License for the specific language governing permissions and
|
|
|
* limitations under the License.
|
|
* limitations under the License.
|
|
|
*/
|
|
*/
|
|
|
-
|
|
|
|
|
package net.sf.acegisecurity.adapters.jboss;
|
|
package net.sf.acegisecurity.adapters.jboss;
|
|
|
|
|
|
|
|
import net.sf.acegisecurity.AccountExpiredException;
|
|
import net.sf.acegisecurity.AccountExpiredException;
|
|
@@ -50,7 +49,7 @@ import javax.security.auth.login.LoginException;
|
|
|
/**
|
|
/**
|
|
|
* Adapter to enable JBoss to authenticate via the Acegi Security System for
|
|
* Adapter to enable JBoss to authenticate via the Acegi Security System for
|
|
|
* Spring.
|
|
* Spring.
|
|
|
- *
|
|
|
|
|
|
|
+ *
|
|
|
* <p>
|
|
* <p>
|
|
|
* Returns a {@link PrincipalAcegiUserToken} to JBoss' authentication system,
|
|
* Returns a {@link PrincipalAcegiUserToken} to JBoss' authentication system,
|
|
|
* which is subsequently available from
|
|
* which is subsequently available from
|
|
@@ -62,15 +61,11 @@ import javax.security.auth.login.LoginException;
|
|
|
* @version $Id$
|
|
* @version $Id$
|
|
|
*/
|
|
*/
|
|
|
public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
- //~ Instance fields ========================================================
|
|
|
|
|
-
|
|
|
|
|
private AuthenticationManager authenticationManager;
|
|
private AuthenticationManager authenticationManager;
|
|
|
private Principal identity;
|
|
private Principal identity;
|
|
|
private String key;
|
|
private String key;
|
|
|
private char[] credential;
|
|
private char[] credential;
|
|
|
|
|
|
|
|
- //~ Methods ================================================================
|
|
|
|
|
-
|
|
|
|
|
public void initialize(Subject subject, CallbackHandler callbackHandler,
|
|
public void initialize(Subject subject, CallbackHandler callbackHandler,
|
|
|
Map sharedState, Map options) {
|
|
Map sharedState, Map options) {
|
|
|
super.initialize(subject, callbackHandler, sharedState, options);
|
|
super.initialize(subject, callbackHandler, sharedState, options);
|
|
@@ -89,21 +84,24 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
|
|
|
|
|
String appContextLocation = (String) options.get("appContextLocation");
|
|
String appContextLocation = (String) options.get("appContextLocation");
|
|
|
|
|
|
|
|
- if ((((singletonId == null) || "".equals(singletonId))
|
|
|
|
|
- && (appContextLocation == null)) || "".equals(appContextLocation)) {
|
|
|
|
|
|
|
+ if ((((singletonId == null) || "".equals(singletonId)) &&
|
|
|
|
|
+ (appContextLocation == null)) || "".equals(appContextLocation)) {
|
|
|
throw new IllegalArgumentException(
|
|
throw new IllegalArgumentException(
|
|
|
"appContextLocation must be defined");
|
|
"appContextLocation must be defined");
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
String beanName = (String) options.get("authenticationManager");
|
|
String beanName = (String) options.get("authenticationManager");
|
|
|
|
|
|
|
|
- if (Thread.currentThread().getContextClassLoader().getResource(appContextLocation) == null) {
|
|
|
|
|
- if (super.log.isInfoEnabled()) {
|
|
|
|
|
- super.log.info("cannot locate " + appContextLocation);
|
|
|
|
|
- }
|
|
|
|
|
|
|
+ // Attempt to find the appContextLocation only if no singletonId was defined
|
|
|
|
|
+ if ((singletonId == null) || "".equals(singletonId)) {
|
|
|
|
|
+ if (Thread.currentThread().getContextClassLoader().getResource(appContextLocation) == null) {
|
|
|
|
|
+ if (super.log.isInfoEnabled()) {
|
|
|
|
|
+ super.log.info("cannot locate " + appContextLocation);
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
- throw new IllegalArgumentException("Cannot locate "
|
|
|
|
|
- + appContextLocation);
|
|
|
|
|
|
|
+ throw new IllegalArgumentException("Cannot locate " +
|
|
|
|
|
+ appContextLocation);
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
ClassPathXmlApplicationContext ctx = null;
|
|
ClassPathXmlApplicationContext ctx = null;
|
|
@@ -113,13 +111,13 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
ctx = new ClassPathXmlApplicationContext(appContextLocation);
|
|
ctx = new ClassPathXmlApplicationContext(appContextLocation);
|
|
|
} catch (Exception e) {
|
|
} catch (Exception e) {
|
|
|
if (super.log.isInfoEnabled()) {
|
|
if (super.log.isInfoEnabled()) {
|
|
|
- super.log.info("error loading spring context "
|
|
|
|
|
- + appContextLocation + " " + e);
|
|
|
|
|
|
|
+ super.log.info("error loading spring context " +
|
|
|
|
|
+ appContextLocation + " " + e);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
throw new IllegalArgumentException(
|
|
throw new IllegalArgumentException(
|
|
|
- "error loading spring context " + appContextLocation + " "
|
|
|
|
|
- + e);
|
|
|
|
|
|
|
+ "error loading spring context " + appContextLocation + " " +
|
|
|
|
|
+ e);
|
|
|
}
|
|
}
|
|
|
} else {
|
|
} else {
|
|
|
if (super.log.isInfoEnabled()) {
|
|
if (super.log.isInfoEnabled()) {
|
|
@@ -132,11 +130,12 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
|
|
|
|
|
if (ctx == null) {
|
|
if (ctx == null) {
|
|
|
if (super.log.isInfoEnabled()) {
|
|
if (super.log.isInfoEnabled()) {
|
|
|
- super.log.info("singleton " + beanName + " does not exists");
|
|
|
|
|
|
|
+ super.log.info("singleton " + beanName +
|
|
|
|
|
+ " does not exists");
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- throw new IllegalArgumentException("singleton " + singletonId
|
|
|
|
|
- + " does not exists");
|
|
|
|
|
|
|
+ throw new IllegalArgumentException("singleton " + singletonId +
|
|
|
|
|
+ " does not exists");
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -179,8 +178,8 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
|
|
|
|
|
if ((username == null) && (password == null)) {
|
|
if ((username == null) && (password == null)) {
|
|
|
identity = null;
|
|
identity = null;
|
|
|
- super.log.trace("Authenticating as unauthenticatedIdentity="
|
|
|
|
|
- + identity);
|
|
|
|
|
|
|
+ super.log.trace("Authenticating as unauthenticatedIdentity=" +
|
|
|
|
|
+ identity);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
if (username == null) {
|
|
if (username == null) {
|
|
@@ -239,8 +238,7 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
super.log.debug("user is logged. redirecting to jaas classes");
|
|
super.log.debug("user is logged. redirecting to jaas classes");
|
|
|
|
|
|
|
|
identity = new PrincipalAcegiUserToken(this.key,
|
|
identity = new PrincipalAcegiUserToken(this.key,
|
|
|
- response.getName(),
|
|
|
|
|
- response.getCredentials().toString(),
|
|
|
|
|
|
|
+ response.getName(), response.getCredentials().toString(),
|
|
|
response.getAuthorities());
|
|
response.getAuthorities());
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -251,8 +249,8 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
super.loginOk = true;
|
|
super.loginOk = true;
|
|
|
- super.log.trace("User '" + identity + "' authenticated, loginOk="
|
|
|
|
|
- + loginOk);
|
|
|
|
|
|
|
+ super.log.trace("User '" + identity + "' authenticated, loginOk=" +
|
|
|
|
|
+ loginOk);
|
|
|
|
|
|
|
|
return true;
|
|
return true;
|
|
|
}
|
|
}
|
|
@@ -263,7 +261,7 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
|
|
|
|
|
protected Group[] getRoleSets() throws LoginException {
|
|
protected Group[] getRoleSets() throws LoginException {
|
|
|
SimpleGroup roles = new SimpleGroup("Roles");
|
|
SimpleGroup roles = new SimpleGroup("Roles");
|
|
|
- Group[] roleSets = {roles};
|
|
|
|
|
|
|
+ Group[] roleSets = { roles };
|
|
|
|
|
|
|
|
if (this.identity instanceof Authentication) {
|
|
if (this.identity instanceof Authentication) {
|
|
|
Authentication user = (Authentication) this.identity;
|
|
Authentication user = (Authentication) this.identity;
|
|
@@ -278,17 +276,17 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
protected String[] getUsernameAndPassword() throws LoginException {
|
|
protected String[] getUsernameAndPassword() throws LoginException {
|
|
|
- String[] info = {null, null};
|
|
|
|
|
|
|
+ String[] info = { null, null };
|
|
|
|
|
|
|
|
// prompt for a username and password
|
|
// prompt for a username and password
|
|
|
if (callbackHandler == null) {
|
|
if (callbackHandler == null) {
|
|
|
- throw new LoginException("Error: no CallbackHandler available "
|
|
|
|
|
- + "to collect authentication information");
|
|
|
|
|
|
|
+ throw new LoginException("Error: no CallbackHandler available " +
|
|
|
|
|
+ "to collect authentication information");
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
NameCallback nc = new NameCallback("User name: ", "guest");
|
|
NameCallback nc = new NameCallback("User name: ", "guest");
|
|
|
PasswordCallback pc = new PasswordCallback("Password: ", false);
|
|
PasswordCallback pc = new PasswordCallback("Password: ", false);
|
|
|
- Callback[] callbacks = {nc, pc};
|
|
|
|
|
|
|
+ Callback[] callbacks = { nc, pc };
|
|
|
String username = null;
|
|
String username = null;
|
|
|
String password = null;
|
|
String password = null;
|
|
|
|
|
|
|
@@ -308,8 +306,8 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
|
|
|
} catch (java.io.IOException ioe) {
|
|
} catch (java.io.IOException ioe) {
|
|
|
throw new LoginException(ioe.toString());
|
|
throw new LoginException(ioe.toString());
|
|
|
} catch (UnsupportedCallbackException uce) {
|
|
} catch (UnsupportedCallbackException uce) {
|
|
|
- throw new LoginException("CallbackHandler does not support: "
|
|
|
|
|
- + uce.getCallback());
|
|
|
|
|
|
|
+ throw new LoginException("CallbackHandler does not support: " +
|
|
|
|
|
+ uce.getCallback());
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
info[0] = username;
|
|
info[0] = username;
|
Ben Alex