[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security/realm ...
Shane Bryzak
Shane_Bryzak at symantec.com
Tue Jul 25 02:50:19 EDT 2006
User: sbryzak2
Date: 06/07/25 02:50:19
Modified: src/main/org/jboss/seam/security/realm JaasRealm.java
Added: src/main/org/jboss/seam/security/realm
JaasCallbackHandler.java SeamPrincipal.java
Log:
Some more security stuff... still work in progress
Revision Changes Path
1.2 +33 -1 jboss-seam/src/main/org/jboss/seam/security/realm/JaasRealm.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: JaasRealm.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/realm/JaasRealm.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- JaasRealm.java 24 Jul 2006 09:59:08 -0000 1.1
+++ JaasRealm.java 25 Jul 2006 06:50:19 -0000 1.2
@@ -1,6 +1,11 @@
package org.jboss.seam.security.realm;
import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
/**
* JAAS realm implementation
@@ -11,12 +16,39 @@
{
public Principal authenticate(String username, String credentials)
{
+ try
+ {
+ /** @todo get the JAAS configuration name from the config file? */
+ LoginContext loginContext = new LoginContext("securityexample",
+ new JaasCallbackHandler(username, credentials));
+
+ loginContext.login();
+
+ return createPrincipal(username, loginContext.getSubject());
+ }
+ catch (LoginException ex)
+ {
return null;
}
+ }
public Principal authenticate(String username, byte[] credentials)
{
return null;
}
+ protected Principal createPrincipal(String username, Subject subject)
+ {
+ List<String> roles = new ArrayList<String>();
+ Principal userPrincipal = null;
+
+ for (Principal principal : subject.getPrincipals())
+ {
+ /** @todo since JAAS doesn't tell us which principals are the user and
+ * which are roles, we need to work it out ourselves */
+ }
+
+ // Return the resulting Principal for our authenticated user
+ return new SeamPrincipal(this, username, roles, userPrincipal);
+ }
}
1.1 date: 2006/07/25 06:50:19; author: sbryzak2; state: Exp;jboss-seam/src/main/org/jboss/seam/security/realm/JaasCallbackHandler.java
Index: JaasCallbackHandler.java
===================================================================
package org.jboss.seam.security.realm;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
/**
* Handles JAAS authentication callbacks.
*
* @author Shane Bryzak
*/
public class JaasCallbackHandler implements CallbackHandler
{
private String username;
private String password;
public JaasCallbackHandler(String username, String password)
{
this.username = username;
this.password = password;
}
public void handle(Callback[] callback)
{
for (Callback cb : callback)
{
if (cb instanceof NameCallback)
{
((NameCallback) cb).setName(username);
}
else if (cb instanceof PasswordCallback)
{
((PasswordCallback) cb).setPassword(password.toCharArray());
}
else
/** @todo */
System.out.println("Unknown callback: " + cb);
}
}
}
1.1 date: 2006/07/25 06:50:19; author: sbryzak2; state: Exp;jboss-seam/src/main/org/jboss/seam/security/realm/SeamPrincipal.java
Index: SeamPrincipal.java
===================================================================
package org.jboss.seam.security.realm;
import java.security.Principal;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
* A simple Principal implementation
*
* @author Shane Bryzak
*/
public class SeamPrincipal implements Principal
{
private String name = null;
private Principal userPrincipal = null;
private Realm realm = null;
private Set<String> roles;
public SeamPrincipal(Realm realm, String name, List roles, Principal userPrincipal)
{
this.realm = realm;
this.name = name;
this.userPrincipal = userPrincipal;
if (roles != null)
this.roles = new HashSet<String>(roles);
}
public String getName()
{
return name;
}
public Realm getRealm()
{
return realm;
}
void setRealm(Realm realm)
{
this.realm = realm;
}
public Set<String> getRoles()
{
return roles;
}
public Principal getUserPrincipal()
{
if (userPrincipal != null)
{
return userPrincipal;
}
else
{
return this;
}
}
public boolean hasRole(String role)
{
if (role == null)
return false;
else if ("*".equals(role))
return true;
return (roles.contains(role));
}
}
More information about the jboss-cvs-commits
mailing list