1 /*
   2  * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 package login;
  24 
  25 import java.io.IOException;
  26 import java.util.Map;
  27 import javax.security.auth.Subject;
  28 import javax.security.auth.callback.Callback;
  29 import javax.security.auth.callback.CallbackHandler;
  30 import javax.security.auth.callback.NameCallback;
  31 import javax.security.auth.callback.PasswordCallback;
  32 import javax.security.auth.callback.UnsupportedCallbackException;
  33 import javax.security.auth.login.LoginException;
  34 import javax.security.auth.spi.LoginModule;
  35 import com.sun.security.auth.UnixPrincipal;
  36 
  37 /**
  38  * Custom JAAS login module which will be loaded through Java LoginContext when
  39  * it is bundled by Strict/Auto/Unnamed modules.
  40  */
  41 public class TestLoginModule implements LoginModule {
  42 
  43     private static final String USER_NAME = "testUser";
  44     private static final String PASSWORD = "testPassword";
  45     private Subject subject;
  46     private CallbackHandler callbackHandler;
  47     private UnixPrincipal userPrincipal;
  48     private String username;
  49     private String password;
  50     private boolean succeeded = false;
  51     private boolean commitSucceeded = false;
  52 
  53     @Override
  54     public void initialize(Subject subject, CallbackHandler callbackHandler,
  55             Map<String, ?> sharedState, Map<String, ?> options) {
  56 
  57         this.subject = subject;
  58         this.callbackHandler = callbackHandler;
  59         System.out.println(String.format(
  60                 "'%s' login module initialized", this.getClass()));
  61     }
  62 
  63     /*
  64      * Authenticate the user by prompting for a username and password.
  65      */
  66     @Override
  67     public boolean login() throws LoginException {
  68         if (callbackHandler == null) {
  69             throw new LoginException("No CallbackHandler available");
  70         }
  71 
  72         Callback[] callbacks = new Callback[2];
  73         callbacks[0] = new NameCallback("Username: ");
  74         callbacks[1] = new PasswordCallback("Password: ", false);
  75 
  76         try {
  77             callbackHandler.handle(callbacks);
  78             username = ((NameCallback) callbacks[0]).getName();
  79             password = new String(((PasswordCallback) callbacks[1])
  80                     .getPassword());
  81             System.out.println(String.format("'%s' login module found username"
  82                     + " as '%s' and password as '%s'", this.getClass(),
  83                     username, password));
  84             if (username.equals(USER_NAME)
  85                     && password.equals(PASSWORD)) {
  86                 System.out.println(String.format("'%s' login module "
  87                         + "authentication done successfully", this.getClass()));
  88                 succeeded = true;
  89                 return true;
  90             }
  91             throw new IllegalArgumentException("Incorrect username/password!");
  92         } catch (IOException | UnsupportedCallbackException e) {
  93             throw new LoginException("Login failed: " + e.getMessage());
  94         }
  95     }
  96 
  97     @Override
  98     public boolean commit() throws LoginException {
  99         if (succeeded == false) {
 100             return false;
 101         }
 102         userPrincipal = new UnixPrincipal(username);
 103         if (!subject.getPrincipals().contains(userPrincipal)) {
 104             subject.getPrincipals().add(userPrincipal);
 105         }
 106         System.out.println(String.format("'%s' login module authentication "
 107                 + "committed", this.getClass()));
 108         password = null;
 109         commitSucceeded = true;
 110         return true;
 111     }
 112 
 113     @Override
 114     public boolean abort() throws LoginException {
 115         if (succeeded == false) {
 116             return false;
 117         }
 118         System.out.println(String.format(
 119                 "'%s' login module aborted", this.getClass()));
 120         clearState();
 121         return true;
 122     }
 123 
 124     @Override
 125     public boolean logout() throws LoginException {
 126         clearState();
 127         System.out.println(String.format(
 128                 "'%s' login module logout completed", this.getClass()));
 129         return true;
 130     }
 131 
 132     private void clearState() {
 133         if (commitSucceeded) {
 134             subject.getPrincipals().remove(userPrincipal);
 135         }
 136         username = null;
 137         password = null;
 138         userPrincipal = null;
 139     }
 140 }