1
/*
2
 * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23
package login;
24

25
import java.io.IOException;
26
import java.util.Map;
27
import javax.security.auth.Subject;
28
import javax.security.auth.callback.Callback;
29
import javax.security.auth.callback.CallbackHandler;
30
import javax.security.auth.callback.NameCallback;
31
import javax.security.auth.callback.PasswordCallback;
32
import javax.security.auth.callback.UnsupportedCallbackException;
33
import javax.security.auth.login.LoginException;
34
import javax.security.auth.spi.LoginModule;
35
import com.sun.security.auth.UserPrincipal;
36

37
/**
38
 * Custom JAAS login module which will be loaded through Java LoginContext when
39
 * it is bundled by Strict/Auto/Unnamed modules.
40
 */
41
public class TestLoginModule implements LoginModule {
42

43
    private static final String USER_NAME = "testUser";
44
    private static final String PASSWORD = "testPassword";
45
    private Subject subject;
46
    private CallbackHandler callbackHandler;
47
    private UserPrincipal userPrincipal;
48
    private String username;
49
    private String password;
50
    private boolean succeeded = false;
51
    private boolean commitSucceeded = false;
52

53
    @Override
54
    public void initialize(Subject subject, CallbackHandler callbackHandler,
55
            Map<String, ?> sharedState, Map<String, ?> options) {
56

57
        this.subject = subject;
58
        this.callbackHandler = callbackHandler;
59
        System.out.println(String.format(
60
                "'%s' login module initialized", this.getClass()));
61
    }
62

63
    /*
64
     * Authenticate the user by prompting for a username and password.
65
     */
66
    @Override
67
    public boolean login() throws LoginException {
68
        if (callbackHandler == null) {
69
            throw new LoginException("No CallbackHandler available");
70
        }
71

72
        Callback[] callbacks = new Callback[2];
73
        callbacks[0] = new NameCallback("Username: ");
74
        callbacks[1] = new PasswordCallback("Password: ", false);
75

76
        try {
77
            callbackHandler.handle(callbacks);
78
            username = ((NameCallback) callbacks[0]).getName();
79
            password = new String(((PasswordCallback) callbacks[1])
80
                    .getPassword());
81
            System.out.println(String.format("'%s' login module found username"
82
                    + " as '%s' and password as '%s'", this.getClass(),
83
                    username, password));
84
            if (username.equals(USER_NAME)
85
                    && password.equals(PASSWORD)) {
86
                System.out.println(String.format("'%s' login module "
87
                        + "authentication done successfully", this.getClass()));
88
                succeeded = true;
89
                return true;
90
            }
91
            throw new IllegalArgumentException("Incorrect username/password!");
92
        } catch (IOException | UnsupportedCallbackException e) {
93
            throw new LoginException("Login failed: " + e.getMessage());
94
        }
95
    }
96

97
    @Override
98
    public boolean commit() throws LoginException {
99
        if (succeeded == false) {
100
            return false;
101
        }
102
        userPrincipal = new UserPrincipal(username);
103
        if (!subject.getPrincipals().contains(userPrincipal)) {
104
            subject.getPrincipals().add(userPrincipal);
105
        }
106
        System.out.println(String.format("'%s' login module authentication "
107
                + "committed", this.getClass()));
108
        password = null;
109
        commitSucceeded = true;
110
        return true;
111
    }
112

113
    @Override
114
    public boolean abort() throws LoginException {
115
        if (succeeded == false) {
116
            return false;
117
        }
118
        System.out.println(String.format(
119
                "'%s' login module aborted", this.getClass()));
120
        clearState();
121
        return true;
122
    }
123

124
    @Override
125
    public boolean logout() throws LoginException {
126
        clearState();
127
        System.out.println(String.format(
128
                "'%s' login module logout completed", this.getClass()));
129
        return true;
130
    }
131

132
    private void clearState() {
133
        if (commitSucceeded) {
134
            subject.getPrincipals().remove(userPrincipal);
135
        }
136
        username = null;
137
        password = null;
138
        userPrincipal = null;
139
    }
140
}
141

142