[jboss-cvs] JBossAS SVN: r64382 - projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Jul 31 14:08:50 EDT 2007


Author: anil.saldhana at jboss.com
Date: 2007-07-31 14:08:50 -0400 (Tue, 31 Jul 2007)
New Revision: 64382

Added:
   projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/HttpServletServerAuthModule.java
Log:
auth module for http

Added: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/HttpServletServerAuthModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/HttpServletServerAuthModule.java	                        (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/auth/container/modules/HttpServletServerAuthModule.java	2007-07-31 18:08:50 UTC (rev 64382)
@@ -0,0 +1,88 @@
+/*
+  * JBoss, Home of Professional Open Source
+  * Copyright 2007, JBoss Inc., and individual contributors as indicated
+  * by the @authors tag. See the copyright.txt in the distribution for a
+  * full listing of individual contributors.
+  *
+  * This is free software; you can redistribute it and/or modify it
+  * under the terms of the GNU Lesser General Public License as
+  * published by the Free Software Foundation; either version 2.1 of
+  * the License, or (at your option) any later version.
+  *
+  * This software is distributed in the hope that it will be useful,
+  * but WITHOUT ANY WARRANTY; without even the implied warranty of
+  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  * Lesser General Public License for more details.
+  *
+  * You should have received a copy of the GNU Lesser General Public
+  * License along with this software; if not, write to the Free
+  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+  */
+package org.jboss.security.auth.container.modules;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.auth.callback.SecurityAssociationHandler;
+
+//$Id$
+
+/**
+ *  Server Auth Module capable of handling Http Servlet Authentication
+ *  @author Anil.Saldhana at redhat.com
+ *  @since  Jul 30, 2007 
+ *  @version $Revision$
+ */
+public class HttpServletServerAuthModule extends DelegatingServerAuthModule
+{
+   public HttpServletServerAuthModule()
+   {
+      this("");
+   }
+   
+   public HttpServletServerAuthModule(String lmshName)
+   {
+      super(lmshName);
+      this.supportedTypes.add(HttpServletRequest.class);
+      this.supportedTypes.add(HttpServletResponse.class);
+   }
+
+   @Override
+   protected boolean validate(Subject clientSubject) throws AuthException
+   {  
+      callbackHandler = new SecurityAssociationHandler(getUserName(),getCredential()); 
+      return super.validate(clientSubject);
+   }
+
+   public AuthStatus secureResponse(MessageInfo arg0, Subject arg1) throws AuthException
+   { 
+      return null;
+   }
+   
+   private Principal getUserName()
+   {
+      String userNameParam = (String) options.get("userNameParam");
+      if(this.requestInfo instanceof HttpServletRequest == false)
+         throw new IllegalStateException("Wrong Form of request:"+this.requestInfo);
+      HttpServletRequest hsr = (HttpServletRequest)requestInfo;
+      return new SimplePrincipal(hsr.getParameter(userNameParam));
+   }
+   
+   private Object getCredential()
+   {
+      String passwordParam = (String) options.get("passwordParam");
+      if(this.requestInfo instanceof HttpServletRequest == false)
+         throw new IllegalStateException("Wrong Form of request:"+this.requestInfo);
+      HttpServletRequest hsr = (HttpServletRequest)requestInfo;
+      return  hsr.getParameter(passwordParam);
+   }
+
+}




More information about the jboss-cvs-commits mailing list