View Javadoc
1   package org.argeo.cms.auth;
2   
3   import java.io.IOException;
4   import java.util.Map;
5   
6   import javax.security.auth.Subject;
7   import javax.security.auth.callback.Callback;
8   import javax.security.auth.callback.CallbackHandler;
9   import javax.security.auth.callback.UnsupportedCallbackException;
10  import javax.security.auth.login.LoginException;
11  import javax.security.auth.spi.LoginModule;
12  import javax.servlet.http.HttpServletRequest;
13  
14  import org.apache.commons.logging.Log;
15  import org.apache.commons.logging.LogFactory;
16  import org.argeo.cms.internal.kernel.Activator;
17  import org.argeo.ident.IdentClient;
18  
19  /** Use an ident service to identify. */
20  public class IdentLoginModule implements LoginModule {
21  	private final static Log log = LogFactory.getLog(IdentLoginModule.class);
22  
23  	private CallbackHandler callbackHandler = null;
24  	private Map<String, Object> sharedState = null;
25  
26  	@SuppressWarnings("unchecked")
27  	@Override
28  	public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
29  			Map<String, ?> options) {
30  		this.callbackHandler = callbackHandler;
31  		this.sharedState = (Map<String, Object>) sharedState;
32  	}
33  
34  	@Override
35  	public boolean login() throws LoginException {
36  		if (callbackHandler == null)
37  			return false;
38  		HttpRequestCallback httpCallback = new HttpRequestCallback();
39  		try {
40  			callbackHandler.handle(new Callback[] { httpCallback });
41  		} catch (IOException e) {
42  			throw new LoginException("Cannot handle http callback: " + e.getMessage());
43  		} catch (UnsupportedCallbackException e) {
44  			return false;
45  		}
46  		HttpServletRequest request = httpCallback.getRequest();
47  		if (request == null)
48  			return false;
49  		IdentClient identClient = Activator.getIdentClient(request.getRemoteAddr());
50  		if (identClient == null)
51  			return false;
52  		String identUsername;
53  		try {
54  			identUsername = identClient.getUsername(request.getLocalPort(), request.getRemotePort());
55  		} catch (Exception e) {
56  			e.printStackTrace();
57  			return false;
58  		}
59  		if (identUsername != null) {
60  			if (log.isDebugEnabled())
61  				log.debug("Ident username: " + identUsername + " (local port: " + request.getLocalPort()
62  						+ ", remote port: " + request.getRemotePort() + ")");
63  			sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, identUsername);
64  			sharedState.put(CmsAuthUtils.SHARED_STATE_REMOTE_ADDR, request.getRemoteAddr());
65  			sharedState.put(CmsAuthUtils.SHARED_STATE_REMOTE_PORT, request.getRemotePort());
66  			return true;
67  		} else {
68  			return false;
69  		}
70  	}
71  
72  	@Override
73  	public boolean commit() throws LoginException {
74  		return true;
75  	}
76  
77  	@Override
78  	public boolean abort() throws LoginException {
79  		return true;
80  	}
81  
82  	@Override
83  	public boolean logout() throws LoginException {
84  		return true;
85  	}
86  
87  }