[jboss-cvs] JBossAS SVN: r64297 - projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules.

[jboss-cvs-commits at lists.jboss.org]

Author: anil.saldhana at jboss.com
Date: 2007-07-26 02:30:01 -0400 (Thu, 26 Jul 2007)
New Revision: 64297

Modified:
   projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/AbstractServerAuthModule.java
   projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/SimpleClientAuthModule.java
   projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/SimpleServerAuthModule.java
Log:
server auth module

Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/AbstractServerAuthModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/AbstractServerAuthModule.java	2007-07-26 06:29:43 UTC (rev 64296)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/AbstractServerAuthModule.java	2007-07-26 06:30:01 UTC (rev 64297)
@@ -23,11 +23,8 @@
 
 import java.util.Map;
 
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler; 
-import javax.security.auth.message.AuthException; 
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
 import javax.security.auth.message.MessagePolicy;
 import javax.security.auth.message.module.ServerAuthModule;
 
@@ -51,13 +48,7 @@
    
    protected MessagePolicy responsePolicy = null;
    
-   protected Map options = null;  
- 
-   /**
-    * @see ServerAuth#cleanSubject(Subject, Map)
-    */
-   public abstract void cleanSubject(Subject subject, Map sharedState)
-   throws AuthException;
+   protected Map options = null;   
 
    /**
     * @see ServerAuthModule#initialize(MessagePolicy, MessagePolicy, CallbackHandler, Map, boolean)
@@ -70,18 +61,8 @@
      this.responsePolicy = responsePolicy;
      this.callbackHandler = handler;
      this.options = options; 
-   }
-
-   /**
-    * @see ServerAuthModule#secureResponse(AuthParam, Subject, Map)
-    */
-   public abstract AuthStatus secureResponse(MessageInfo param, Subject source, Map sharedState) throws AuthException; 
-   
-   /**
-    * @see ServerAuthModule#validateRequest(AuthParam, Subject, Subject, Map)
-    */
-   public abstract AuthStatus validateRequest(MessageInfo param, Subject source, Subject recipient, Map sharedState) throws AuthException;
-  
+   } 
+    
    //Value Added Methods 
    public CallbackHandler getCallbackHandler()
    {

Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/SimpleClientAuthModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/SimpleClientAuthModule.java	2007-07-26 06:29:43 UTC (rev 64296)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/SimpleClientAuthModule.java	2007-07-26 06:30:01 UTC (rev 64297)
@@ -77,7 +77,7 @@
    { 
       source.getPrincipals().add(this.principal);
       source.getPublicCredentials().add(this.credential);
-      return AuthStatus.PROCEED;
+      return AuthStatus.SUCCESS;
    }
 
    /**
@@ -93,7 +93,7 @@
          throw new AuthException("Principals are null");
       if(sourceSet.size() != recipientSet.size())
          throw new AuthException("Principals size are different");
-      return AuthStatus.PROCEED;
+      return AuthStatus.SUCCESS;
    } 
    
    /**

Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/SimpleServerAuthModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/SimpleServerAuthModule.java	2007-07-26 06:29:43 UTC (rev 64296)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/SimpleServerAuthModule.java	2007-07-26 06:30:01 UTC (rev 64297)
@@ -21,31 +21,40 @@
   */
 package org.jboss.security.auth.container.modules;
 
+import java.io.IOException;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
 import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.message.AuthException; 
 import javax.security.auth.message.AuthStatus;
 import javax.security.auth.message.MessageInfo;
 import javax.security.auth.message.MessagePolicy;
 import javax.security.auth.message.module.ServerAuthModule;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import org.jboss.security.SimplePrincipal;
 
 /**
  *  A simple implementation of an username/password based 
- *  server auth module
+ *  server auth module. The principal name and password are
+ *  passed as options to the module.
  *  @author <mailto:Anil.Saldhana at jboss.org>Anil Saldhana
  *  @since  Dec 6, 2005
  */
 public class SimpleServerAuthModule implements ServerAuthModule
 {  
-   private Class[] supportedTypes = null;
+   private ArrayList<Class> supportedTypes = new ArrayList<Class>();
    private List principals = new ArrayList();
    private Object credential = null;
    
@@ -54,9 +63,16 @@
    private CallbackHandler handler = null;
    private Map options = null;
    
-   public SimpleServerAuthModule(Class[] supportedTypes)
+   public SimpleServerAuthModule()
+   {   
+      supportedTypes.add(HttpServletRequest.class);
+      supportedTypes.add(HttpServletResponse.class);
+   }
+   
+   public SimpleServerAuthModule(Class[] supTypes)
    { 
-       this.supportedTypes = supportedTypes;
+      super();
+      this.supportedTypes.addAll(Arrays.asList(supTypes));
    }
 
    /**
@@ -95,15 +111,16 @@
          throw new AuthException("Public Credentials is null");
       source.getPrincipals().addAll(this.principals);
       source.getPublicCredentials().add(this.credential); 
-      return AuthStatus.PROCEED;
+      return AuthStatus.SUCCESS;
    }
 
    /**
     * @see ServerAuthModule#validateRequest(AuthParam, Subject, Subject, Map)
     */
-   public AuthStatus validateRequest(MessageInfo param, Subject source, Subject recipient) throws AuthException
+   public AuthStatus validateRequest(MessageInfo param, Subject source, Subject recipient) 
+   throws AuthException
    { 
-      //Custom check: Check that the source of the response and the recipient
+      /*//Custom check: Check that the source of the response and the recipient
       // of the response have identical credentials
       Set sourceSet = source.getPrincipals(SimplePrincipal.class);
       Set recipientSet = recipient.getPrincipals(SimplePrincipal.class);
@@ -116,8 +133,30 @@
       Set publicPrincipals = recipient.getPublicCredentials(SimplePrincipal.class);
       Iterator iter = publicPrincipals.iterator();
       while(iter.hasNext())
-         principals.add((SimplePrincipal)iter.next()); 
-      return AuthStatus.PROCEED;
+         principals.add((SimplePrincipal)iter.next()); */
+      
+      //Construct Callbacks
+      NameCallback nc = new NameCallback("Dummy");
+      PasswordCallback pc = new PasswordCallback("B" , true);
+      try
+      {
+         handler.handle(new Callback[]{nc,pc});
+         String userName = nc.getName();
+         String pwd = new String(pc.getPassword());
+         
+         //Check the options
+         if(!(userName.equals(options.get("principal"))
+               && (pwd.equals(options.get("pass")))))
+         {
+            return AuthStatus.FAILURE;
+         }
+               
+      }
+      catch (Exception e)
+      {
+         throw new AuthException(e.getLocalizedMessage());
+      } 
+      return AuthStatus.SUCCESS;
    }
 
    /**
@@ -125,6 +164,8 @@
     */
    public Class[] getSupportedMessageTypes()
    { 
-      return this.supportedTypes;
+      Class[] clsarr = new Class[this.supportedTypes.size()];
+      supportedTypes.toArray(clsarr);
+      return clsarr;
    } 
 }