1 17 18 19 package org.apache.catalina.realm; 20 21 22 import java.io.File ; 23 import java.io.IOException ; 24 import java.security.Principal ; 25 import java.util.ArrayList ; 26 import java.util.HashMap ; 27 import java.util.Map ; 28 29 import javax.security.auth.Subject ; 30 import javax.security.auth.callback.Callback ; 31 import javax.security.auth.callback.CallbackHandler ; 32 import javax.security.auth.callback.NameCallback ; 33 import javax.security.auth.callback.PasswordCallback ; 34 import javax.security.auth.callback.UnsupportedCallbackException ; 35 import javax.security.auth.login.FailedLoginException ; 36 import javax.security.auth.login.LoginException ; 37 import javax.security.auth.spi.LoginModule ; 38 39 import org.apache.catalina.Context; 40 import org.apache.catalina.Realm; 41 import org.apache.catalina.connector.Request; 42 import org.apache.catalina.deploy.SecurityConstraint; 43 import org.apache.catalina.util.RequestUtil; 44 import org.apache.catalina.util.StringManager; 45 import org.apache.commons.logging.Log; 46 import org.apache.commons.logging.LogFactory; 47 import org.apache.tomcat.util.digester.Digester; 48 49 50 78 79 public class JAASMemoryLoginModule extends MemoryRealm implements LoginModule , Realm { 80 82 private static Log log = LogFactory.getLog(JAASMemoryLoginModule.class); 83 84 86 87 90 protected CallbackHandler callbackHandler = null; 91 92 93 96 protected boolean committed = false; 97 98 99 102 protected Map options = null; 103 104 105 108 protected String pathname = "conf/tomcat-users.xml"; 109 110 111 115 protected Principal principal = null; 116 117 118 121 protected HashMap principals = new HashMap (); 122 123 126 protected static StringManager sm = 127 StringManager.getManager(Constants.Package); 128 129 133 protected Map sharedState = null; 134 135 136 139 protected Subject subject = null; 140 141 142 144 public JAASMemoryLoginModule() { 145 log.debug("MEMORY LOGIN MODULE"); 146 } 147 148 159 public boolean abort() throws LoginException { 160 161 if (principal == null) 163 return (false); 164 165 if (committed) 167 logout(); 168 else { 169 committed = false; 170 principal = null; 171 } 172 log.debug("Abort"); 173 return (true); 174 175 } 176 177 178 189 public boolean commit() throws LoginException { 190 log.debug("commit " + principal); 191 192 if (principal == null) 194 return (false); 195 196 if (!subject.getPrincipals().contains(principal)) 198 subject.getPrincipals().add(principal); 199 200 committed = true; 201 return (true); 202 203 } 204 205 206 213 public SecurityConstraint [] findSecurityConstraints(Request request, 214 Context context) { 215 ArrayList results = null; 216 SecurityConstraint constraints[] = context.findConstraints(); 218 if ((constraints == null) || (constraints.length == 0)) { 219 if (context.getLogger().isDebugEnabled()) 220 context.getLogger().debug(" No applicable constraints defined"); 221 return (null); 222 } 223 224 String uri = request.getDecodedRequestURI(); 226 String contextPath = request.getContextPath(); 227 if (contextPath.length() > 0) 228 uri = uri.substring(contextPath.length()); 229 uri = RequestUtil.URLDecode(uri); String method = request.getMethod(); 231 for (int i = 0; i < constraints.length; i++) { 232 if (context.getLogger().isDebugEnabled()) 233 context.getLogger().debug(" Checking constraint '" + constraints[i] + 234 "' against " + method + " " + uri + " --> " + 235 constraints[i].included(uri, method)); 236 if (constraints[i].included(uri, method)) { 237 if(results == null) { 238 results = new ArrayList (); 239 } 240 results.add(constraints[i]); 241 } 242 } 243 244 if (context.getLogger().isDebugEnabled()) 246 context.getLogger().debug(" No applicable constraint located"); 247 if(results == null) 248 return null; 249 SecurityConstraint [] array = new SecurityConstraint[results.size()]; 250 System.arraycopy(results.toArray(), 0, array, 0, array.length); 251 return array; 252 } 253 254 255 267 public void initialize(Subject subject, CallbackHandler callbackHandler, 268 Map sharedState, Map options) { 269 log.debug("Init"); 270 271 this.subject = subject; 273 this.callbackHandler = callbackHandler; 274 this.sharedState = sharedState; 275 this.options = options; 276 277 if (options.get("pathname") != null) 279 this.pathname = (String ) options.get("pathname"); 280 281 load(); 283 284 } 285 286 287 296 public boolean login() throws LoginException { 297 298 if (callbackHandler == null) 300 throw new LoginException ("No CallbackHandler specified"); 301 Callback callbacks[] = new Callback [2]; 302 callbacks[0] = new NameCallback ("Username: "); 303 callbacks[1] = new PasswordCallback ("Password: ", false); 304 305 String username = null; 307 String password = null; 308 try { 309 callbackHandler.handle(callbacks); 310 username = ((NameCallback ) callbacks[0]).getName(); 311 password = 312 new String (((PasswordCallback ) callbacks[1]).getPassword()); 313 } catch (IOException e) { 314 throw new LoginException (e.toString()); 315 } catch (UnsupportedCallbackException e) { 316 throw new LoginException (e.toString()); 317 } 318 319 principal = super.authenticate(username, password); 321 322 log.debug("login " + username + " " + principal); 323 324 if (principal != null) { 326 return (true); 327 } else { 328 throw new 329 FailedLoginException ("Username or password is incorrect"); 330 } 331 332 } 333 334 335 343 public boolean logout() throws LoginException { 344 345 subject.getPrincipals().remove(principal); 346 committed = false; 347 principal = null; 348 return (true); 349 350 } 351 352 353 356 357 360 protected void load() { 361 362 File file = new File (pathname); 364 if (!file.isAbsolute()) 365 file = new File (System.getProperty("catalina.base"), pathname); 366 if (!file.exists() || !file.canRead()) { 367 log.warn("Cannot load configuration file " + file.getAbsolutePath()); 368 return; 369 } 370 371 Digester digester = new Digester(); 373 digester.setValidating(false); 374 digester.addRuleSet(new MemoryRuleSet()); 375 try { 376 digester.push(this); 377 digester.parse(file); 378 } catch (Exception e) { 379 log.warn("Error processing configuration file " + 380 file.getAbsolutePath(), e); 381 return; 382 } finally { 383 digester.reset(); 384 } 385 386 } 387 } 388 | Popular Tags |