[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security/jaas ...

Mon Dec 10 00:57:21 EST 2007

  User: sbryzak2
  Date: 07/12/10 00:57:21

  Modified:    src/main/org/jboss/seam/security/jaas  SeamLoginModule.java
  Log:
  identity manager-based authentication
  
  Revision  Changes    Path
  1.8       +41 -8     jboss-seam/src/main/org/jboss/seam/security/jaas/SeamLoginModule.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: SeamLoginModule.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/jaas/SeamLoginModule.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -b -r1.7 -r1.8
  --- SeamLoginModule.java	26 Jun 2007 21:13:09 -0000	1.7
  +++ SeamLoginModule.java	10 Dec 2007 05:57:21 -0000	1.8
  @@ -15,12 +15,14 @@
   import javax.security.auth.login.LoginException;
   import javax.security.auth.spi.LoginModule;
   
  +import org.jboss.seam.contexts.Contexts;
   import org.jboss.seam.core.Expressions.MethodExpression;
   import org.jboss.seam.log.LogProvider;
   import org.jboss.seam.log.Logging;
   import org.jboss.seam.security.Identity;
   import org.jboss.seam.security.SimpleGroup;
   import org.jboss.seam.security.SimplePrincipal;
  +import org.jboss.seam.security.management.IdentityManager;
   
   /**
    * Performs authentication using a Seam component
  @@ -97,15 +99,39 @@
            throw new LoginException(ex.getMessage());
         }
         
  +      // If an authentication method has been specified, use that to authenticate
         MethodExpression mb = Identity.instance().getAuthenticateMethod();
  -      if (mb==null)
  +      if (mb != null)
         {
  -         throw new IllegalStateException("No authentication method defined - please define <security:authenticate-method/> for <security:identity/> in components.xml");
  +         try
  +         {
  +           return (Boolean) mb.invoke();      
         }
  +         catch (Exception ex)
  +         {
  +            log.error("Error invoking login method", ex);
  +            throw new LoginException(ex.getMessage());
  +         }
  +      }
  +      
  +      // Otherwise if identity management is enabled, use it.
  +      IdentityManager identityManager = IdentityManager.instance();
  +      if (identityManager != null && identityManager.getIdentityStore() != null)
  +      {
  +         Identity identity = Identity.instance();
         
         try
         {
  -        return (Boolean) mb.invoke();      
  +            boolean success = identityManager.authenticate(username, identity.getPassword());
  +            
  +            for (String role : identityManager.getImpliedRoles(username))
  +            {
  +               identity.addRole(role);
  +            }         
  +            
  +            Contexts.getSessionContext().
  +            
  +            return success;
         }
         catch (Exception ex)
         {
  @@ -113,6 +139,13 @@
            throw new LoginException(ex.getMessage());
         }
      }
  +      else
  +      {
  +         throw new IllegalStateException("No authentication method defined - " +
  +               "please define <security:authenticate-method/> for <security:identity/> in components.xml");
  +      }
  +
  +   }
   
      public boolean logout() throws LoginException
      {