AuthenticationUtils xref

View Javadoc

1   /*
2   jGuard is a security framework based on top of jaas (java authentication and authorization security).
3   it is written for web applications, to resolve simply, access control problems.
4   version $Name$
5   http://sourceforge.net/projects/jguard/
6   
7   Copyright (C) 2004  Charles GAY
8   
9   This library is free software; you can redistribute it and/or
10  modify it under the terms of the GNU Lesser General Public
11  License as published by the Free Software Foundation; either
12  version 2.1 of the License, or (at your option) any later version.
13  
14  This library is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  Lesser General Public License for more details.
18  
19  You should have received a copy of the GNU Lesser General Public
20  License along with this library; if not, write to the Free Software
21  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
22  
23  
24  jGuard project home page:
25  http://sourceforge.net/projects/jguard/
26  
27  */
28  package net.sf.jguard.core.authentication;
29  
30  import java.util.Locale;
31  
32  
33  import java.util.logging.Level;
34  import javax.security.auth.Subject;
35  import javax.security.auth.callback.CallbackHandler;
36  import javax.security.auth.login.Configuration;
37  import javax.security.auth.login.LoginContext;
38  import javax.security.auth.login.LoginException;
39  
40  import net.sf.jguard.core.principals.UserPrincipal;
41  import net.sf.jguard.core.util.ThrowableUtils;
42  import org.slf4j.Logger;
43  import org.slf4j.LoggerFactory;
44  
45  
46  /**
47   * Authentication wrapper around the {@link Subject}, which permits to infer
48   *  on the Subject's LifeCycle (login, logout). 
49   * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
50   */
51  public class AuthenticationUtils {
52  
53  	private LoginContext loginContext = null;
54  	private Subject subject = null;           
55      private AuthenticationStatus status;
56  	private boolean loggedOut = false;
57  	private boolean local = false;
58          private static final Logger logger = LoggerFactory.getLogger(AuthenticationUtils.class.getName());
59  	private Configuration configuration = null;
60  	
61  	public AuthenticationUtils(){
62  		super();
63  	}
64  	
65  	
66  	public AuthenticationUtils(Configuration config){
67  		super();
68  		configuration = config;
69  		local= true;
70  	}
71  	
72  	/**
73  	 * authenticate user against the application's configuration.
74  	 * @param applicationName
75  	 * @param cbh 
76  	 * @throws LoginException raised if authentication failed
77  	 */
78  	public void login( String applicationName, CallbackHandler cbh) throws LoginException {
79                  if(local){
80                      loginContext = new LoginContext(applicationName,new Subject(),cbh,configuration);
81                  }else{
82                      loginContext = new LoginContext(applicationName,cbh);
83                  }
84                  try{
85                      loginContext.login();
86                  }catch(LoginException le){
87                      Throwable localizedThrowable = ThrowableUtils.localizeThrowable(le,Locale.getDefault());
88                      throw (LoginException)localizedThrowable;
89                  }
90  
91                  subject = loginContext.getSubject();
92             
93                  if(subject != null){
94                          // used in ABAC permissions
95                          UserPrincipal userPrincipal = new UserPrincipal(subject);
96                          subject.getPrincipals().add(userPrincipal);
97                  }
98  	}
99  
100 
101 	
102 	
103 	 /**
104      * retrieve the subject from the loginContext.
105      * @return authenticated Subject, otherwise <strong>null</strong>.
106      */
107     public Subject getSubject(){
108     	return subject;
109     }
110     
111     /**
112      * logout the user with the related LoginContext.
113      */
114     public  void logout() {
115       if(loggedOut==false){
116     	 try {
117     		
118                 if(loginContext!=null){
119                 loginContext.logout();
120                 loggedOut = true;
121                 }else{
122                         logger.debug(" user is not logged, so we don't logout him ");
123                 }
124     		
125          } catch (LoginException e) {
126              logger.debug(" error raised when the user logout "+e.getMessage(),e);
127          }
128       }
129     }
130 
131 	public boolean isLocal() {
132 		return local;
133 	}
134 
135     /**
136      * @return the status
137      */
138     public AuthenticationStatus getStatus() {
139         return status;
140     }
141 
142     /**
143      * @param status the status to set
144      */
145     public void setStatus(AuthenticationStatus status) {
146         this.status = status;
147     }
148 	
149 	
150 }