Download as
Browse Code »

Commit 4daf7b463cd058622285200ebaeb618bad59ae7a

Authored by Cleverson Sacramento
1 parent ed8f2707
Exists in master

Agora o JAAS está funcionando, porém de forma dependente ao escopo 

de sessão.
Showing 7 changed files with 372 additions and 356 deletions   Show diff stats
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/LoginContextFactory.java 0 → 100644
  Diff comments   View file @4daf7b4
... ... @@ -0,0 +1,135 @@
  1 +///*
  2 +// * Demoiselle Framework
  3 +// * Copyright (C) 2010 SERPRO
  4 +// * ----------------------------------------------------------------------------
  5 +// * This file is part of Demoiselle Framework.
  6 +// *
  7 +// * Demoiselle Framework is free software; you can redistribute it and/or
  8 +// * modify it under the terms of the GNU Lesser General Public License version 3
  9 +// * as published by the Free Software Foundation.
  10 +// *
  11 +// * This program is distributed in the hope that it will be useful,
  12 +// * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 +// * GNU General Public License for more details.
  15 +// *
  16 +// * You should have received a copy of the GNU Lesser General Public License version 3
  17 +// * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 +// * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 +// * Fifth Floor, Boston, MA 02110-1301, USA.
  20 +// * ----------------------------------------------------------------------------
  21 +// * Este arquivo é parte do Framework Demoiselle.
  22 +// *
  23 +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 +// * do Software Livre (FSF).
  26 +// *
  27 +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 +// * para maiores detalhes.
  31 +// *
  32 +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 +// * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 +// * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 +// */
  37 +//package br.gov.frameworkdemoiselle.internal.implementation;
  38 +//
  39 +//import java.io.Serializable;
  40 +//
  41 +//import javax.enterprise.context.ContextNotActiveException;
  42 +//import javax.enterprise.context.SessionScoped;
  43 +//import javax.security.auth.Subject;
  44 +//import javax.security.auth.callback.CallbackHandler;
  45 +//import javax.security.auth.login.LoginContext;
  46 +//import javax.security.auth.login.LoginException;
  47 +//
  48 +//import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig;
  49 +//import br.gov.frameworkdemoiselle.security.SecurityException;
  50 +//import br.gov.frameworkdemoiselle.util.Beans;
  51 +//
  52 +//@SessionScoped
  53 +//public class LoginContextFactory implements Serializable {
  54 +//
  55 +// private static final long serialVersionUID = 1L;
  56 +//
  57 +// private transient LoginContext loginContext;
  58 +//
  59 +// private String name;
  60 +//
  61 +// private CallbackHandler callbackHandler;
  62 +//
  63 +// private LoginContext getLoginContext() throws LoginException {
  64 +// if (this.loginContext == null) {
  65 +// this.loginContext = new LoginContext(getName(), new Subject(), getCallbackHandler());
  66 +// }
  67 +//
  68 +// getName();
  69 +//
  70 +// return this.loginContext;
  71 +// }
  72 +//
  73 +// public static LoginContext createLoginContext() {
  74 +// LoginContext loginContext;
  75 +//
  76 +// try {
  77 +// loginContext = Beans.getReference(LoginContextFactory.class).getLoginContext();
  78 +//
  79 +// } catch (ContextNotActiveException cause) {
  80 +// loginContext = null;
  81 +//
  82 +// } catch (LoginException cause) {
  83 +// throw new SecurityException(cause);
  84 +// }
  85 +//
  86 +// if (loginContext == null) {
  87 +// try {
  88 +// loginContext = new LoginContextFactory().getLoginContext();
  89 +//
  90 +// } catch (LoginException cause) {
  91 +// throw new SecurityException(cause);
  92 +// }
  93 +// }
  94 +//
  95 +// return loginContext;
  96 +// }
  97 +//
  98 +// public static void destroyLoginContext() {
  99 +// try {
  100 +// LoginContextFactory factory = Beans.getReference(LoginContextFactory.class);
  101 +// factory.clean();
  102 +//
  103 +// } catch (ContextNotActiveException cause) {
  104 +// }
  105 +// }
  106 +//
  107 +// private void clean() {
  108 +// if (this.loginContext != null) {
  109 +//
  110 +// try {
  111 +// this.loginContext.logout();
  112 +//
  113 +// } catch (LoginException cause) {
  114 +// }
  115 +//
  116 +// this.loginContext = null;
  117 +// }
  118 +// }
  119 +//
  120 +// private String getName() {
  121 +// if (this.name == null) {
  122 +// this.name = Beans.getReference(JAASConfig.class).getLoginModuleName();
  123 +// }
  124 +//
  125 +// return this.name;
  126 +// }
  127 +//
  128 +// private CallbackHandler getCallbackHandler() {
  129 +// if (this.callbackHandler == null) {
  130 +// this.callbackHandler = Beans.getReference(CallbackHandler.class);
  131 +// }
  132 +//
  133 +// return this.callbackHandler;
  134 +// }
  135 +//}
... ...
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java
  Diff comments   View file @4daf7b4
1   -/*
2   - * Demoiselle Framework
3   - * Copyright (C) 2010 SERPRO
4   - * ----------------------------------------------------------------------------
5   - * This file is part of Demoiselle Framework.
6   - *
7   - * Demoiselle Framework is free software; you can redistribute it and/or
8   - * modify it under the terms of the GNU Lesser General Public License version 3
9   - * as published by the Free Software Foundation.
10   - *
11   - * This program is distributed in the hope that it will be useful,
12   - * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14   - * GNU General Public License for more details.
15   - *
16   - * You should have received a copy of the GNU Lesser General Public License version 3
17   - * along with this program; if not, see <http://www.gnu.org/licenses/>
18   - * or write to the Free Software Foundation, Inc., 51 Franklin Street,
19   - * Fifth Floor, Boston, MA 02110-1301, USA.
20   - * ----------------------------------------------------------------------------
21   - * Este arquivo é parte do Framework Demoiselle.
22   - *
23   - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
24   - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
25   - * do Software Livre (FSF).
26   - *
27   - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
28   - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
29   - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
30   - * para maiores detalhes.
31   - *
32   - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
33   - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
34   - * ou escreva para a Fundação do Software Livre (FSF) Inc.,
35   - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
36   - */
37   -package br.gov.frameworkdemoiselle.internal.producer;
38   -
39   -import java.io.Serializable;
40   -
41   -import javax.enterprise.context.RequestScoped;
42   -import javax.enterprise.inject.Produces;
43   -import javax.security.auth.callback.CallbackHandler;
44   -
45   -import br.gov.frameworkdemoiselle.internal.proxy.CallbackHandlerProxy;
46   -import br.gov.frameworkdemoiselle.security.Credentials;
47   -import br.gov.frameworkdemoiselle.util.Beans;
48   -
49   -public class CallbackHandlerProducer implements Serializable {
50   -
51   - private static final long serialVersionUID = 1L;
52   -
53   - @Produces
54   - @RequestScoped
55   - public static CallbackHandler create() {
56   - Credentials credentials = Beans.getReference(Credentials.class);
57   -
58   - return new CallbackHandlerProxy(credentials);
59   - }
60   -}
  1 +///*
  2 +// * Demoiselle Framework
  3 +// * Copyright (C) 2010 SERPRO
  4 +// * ----------------------------------------------------------------------------
  5 +// * This file is part of Demoiselle Framework.
  6 +// *
  7 +// * Demoiselle Framework is free software; you can redistribute it and/or
  8 +// * modify it under the terms of the GNU Lesser General Public License version 3
  9 +// * as published by the Free Software Foundation.
  10 +// *
  11 +// * This program is distributed in the hope that it will be useful,
  12 +// * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 +// * GNU General Public License for more details.
  15 +// *
  16 +// * You should have received a copy of the GNU Lesser General Public License version 3
  17 +// * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 +// * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 +// * Fifth Floor, Boston, MA 02110-1301, USA.
  20 +// * ----------------------------------------------------------------------------
  21 +// * Este arquivo é parte do Framework Demoiselle.
  22 +// *
  23 +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 +// * do Software Livre (FSF).
  26 +// *
  27 +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 +// * para maiores detalhes.
  31 +// *
  32 +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 +// * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 +// * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 +// */
  37 +//package br.gov.frameworkdemoiselle.internal.producer;
  38 +//
  39 +//import java.io.Serializable;
  40 +//
  41 +//import javax.enterprise.context.RequestScoped;
  42 +//import javax.enterprise.inject.Produces;
  43 +//import javax.security.auth.callback.CallbackHandler;
  44 +//
  45 +//import br.gov.frameworkdemoiselle.internal.proxy.CallbackHandlerProxy;
  46 +//import br.gov.frameworkdemoiselle.security.Credentials;
  47 +//import br.gov.frameworkdemoiselle.util.Beans;
  48 +//
  49 +//public class CallbackHandlerProducer implements Serializable {
  50 +//
  51 +// private static final long serialVersionUID = 1L;
  52 +//
  53 +// @Produces
  54 +// @RequestScoped
  55 +// public CallbackHandler create() {
  56 +// Credentials credentials = Beans.getReference(Credentials.class);
  57 +//
  58 +// return new CallbackHandlerProxy(credentials);
  59 +// }
  60 +//}
... ...
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java
View file @ed8f270
... ... @@ -1,110 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - * Copyright (C) 2010 SERPRO
4   - * ----------------------------------------------------------------------------
5   - * This file is part of Demoiselle Framework.
6   - *
7   - * Demoiselle Framework is free software; you can redistribute it and/or
8   - * modify it under the terms of the GNU Lesser General Public License version 3
9   - * as published by the Free Software Foundation.
10   - *
11   - * This program is distributed in the hope that it will be useful,
12   - * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14   - * GNU General Public License for more details.
15   - *
16   - * You should have received a copy of the GNU Lesser General Public License version 3
17   - * along with this program; if not, see <http://www.gnu.org/licenses/>
18   - * or write to the Free Software Foundation, Inc., 51 Franklin Street,
19   - * Fifth Floor, Boston, MA 02110-1301, USA.
20   - * ----------------------------------------------------------------------------
21   - * Este arquivo é parte do Framework Demoiselle.
22   - *
23   - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
24   - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
25   - * do Software Livre (FSF).
26   - *
27   - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
28   - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
29   - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
30   - * para maiores detalhes.
31   - *
32   - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
33   - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
34   - * ou escreva para a Fundação do Software Livre (FSF) Inc.,
35   - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
36   - */
37   -package br.gov.frameworkdemoiselle.internal.producer;
38   -
39   -import java.io.Serializable;
40   -
41   -import javax.enterprise.context.ContextNotActiveException;
42   -import javax.enterprise.context.SessionScoped;
43   -import javax.security.auth.callback.CallbackHandler;
44   -import javax.security.auth.login.LoginContext;
45   -import javax.security.auth.login.LoginException;
46   -
47   -import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig;
48   -import br.gov.frameworkdemoiselle.security.SecurityException;
49   -import br.gov.frameworkdemoiselle.util.Beans;
50   -
51   -@SessionScoped
52   -public class LoginContextFactory implements Serializable {
53   -
54   - private static final long serialVersionUID = 1L;
55   -
56   - private transient LoginContext loginContext;
57   -
58   - private String name;
59   -
60   - private CallbackHandler callbackHandler;
61   -
62   - private LoginContext getLoginContext() throws LoginException {
63   - if (this.loginContext == null) {
64   - this.loginContext = new LoginContext(getName(), getCallbackHandler());
65   - }
66   -
67   - return this.loginContext;
68   - }
69   -
70   - public static LoginContext createLoginContext() {
71   - LoginContext loginContext;
72   -
73   - try {
74   - loginContext = Beans.getReference(LoginContextFactory.class).getLoginContext();
75   -
76   - } catch (ContextNotActiveException cause) {
77   - loginContext = null;
78   -
79   - } catch (LoginException cause) {
80   - throw new SecurityException(cause);
81   - }
82   -
83   - if (loginContext == null) {
84   - try {
85   - loginContext = new LoginContextFactory().getLoginContext();
86   -
87   - } catch (LoginException cause) {
88   - throw new SecurityException(cause);
89   - }
90   - }
91   -
92   - return loginContext;
93   - }
94   -
95   - private String getName() {
96   - if (this.name == null) {
97   - this.name = Beans.getReference(JAASConfig.class).getLoginModuleName();
98   - }
99   -
100   - return this.name;
101   - }
102   -
103   - private CallbackHandler getCallbackHandler() {
104   - if (this.callbackHandler == null) {
105   - this.callbackHandler = Beans.getReference(CallbackHandler.class);
106   - }
107   -
108   - return this.callbackHandler;
109   - }
110   -}
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java
  Diff comments   View file @4daf7b4
1   -/*
2   - * Demoiselle Framework
3   - * Copyright (C) 2010 SERPRO
4   - * ----------------------------------------------------------------------------
5   - * This file is part of Demoiselle Framework.
6   - *
7   - * Demoiselle Framework is free software; you can redistribute it and/or
8   - * modify it under the terms of the GNU Lesser General Public License version 3
9   - * as published by the Free Software Foundation.
10   - *
11   - * This program is distributed in the hope that it will be useful,
12   - * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14   - * GNU General Public License for more details.
15   - *
16   - * You should have received a copy of the GNU Lesser General Public License version 3
17   - * along with this program; if not, see <http://www.gnu.org/licenses/>
18   - * or write to the Free Software Foundation, Inc., 51 Franklin Street,
19   - * Fifth Floor, Boston, MA 02110-1301, USA.
20   - * ----------------------------------------------------------------------------
21   - * Este arquivo é parte do Framework Demoiselle.
22   - *
23   - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
24   - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
25   - * do Software Livre (FSF).
26   - *
27   - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
28   - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
29   - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
30   - * para maiores detalhes.
31   - *
32   - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
33   - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
34   - * ou escreva para a Fundação do Software Livre (FSF) Inc.,
35   - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
36   - */
37   -package br.gov.frameworkdemoiselle.internal.proxy;
38   -
39   -import java.io.IOException;
40   -import java.io.Serializable;
41   -
42   -import javax.security.auth.callback.Callback;
43   -import javax.security.auth.callback.CallbackHandler;
44   -import javax.security.auth.callback.NameCallback;
45   -import javax.security.auth.callback.PasswordCallback;
46   -import javax.security.auth.callback.UnsupportedCallbackException;
47   -
48   -import br.gov.frameworkdemoiselle.security.Credentials;
49   -
50   -public class CallbackHandlerProxy implements CallbackHandler, Serializable {
51   -
52   - private static final long serialVersionUID = 1L;
53   -
54   - private transient CallbackHandler delegate;
55   -
56   - private final Credentials credentials;
57   -
58   - public CallbackHandlerProxy(Credentials credentials) {
59   - this.credentials = credentials;
60   - }
61   -
62   - private CallbackHandler getDelegate() {
63   - if (this.delegate == null) {
64   - this.delegate = create();
65   - }
66   -
67   - return this.delegate;
68   - }
69   -
70   - private CallbackHandler create() {
71   - return new CallbackHandler() {
72   -
73   - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
74   - for (int i = 0; i < callbacks.length; i++) {
75   - if (callbacks[i] instanceof NameCallback) {
76   - ((NameCallback) callbacks[i]).setName(credentials.getUsername());
77   -
78   - } else if (callbacks[i] instanceof PasswordCallback) {
79   - ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());
80   -
81   - } else {
82   - System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);
83   - }
84   - }
85   - }
86   - };
87   - }
88   -
89   - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
90   - getDelegate().handle(callbacks);
91   - }
92   -}
  1 +///*
  2 +// * Demoiselle Framework
  3 +// * Copyright (C) 2010 SERPRO
  4 +// * ----------------------------------------------------------------------------
  5 +// * This file is part of Demoiselle Framework.
  6 +// *
  7 +// * Demoiselle Framework is free software; you can redistribute it and/or
  8 +// * modify it under the terms of the GNU Lesser General Public License version 3
  9 +// * as published by the Free Software Foundation.
  10 +// *
  11 +// * This program is distributed in the hope that it will be useful,
  12 +// * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 +// * GNU General Public License for more details.
  15 +// *
  16 +// * You should have received a copy of the GNU Lesser General Public License version 3
  17 +// * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 +// * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 +// * Fifth Floor, Boston, MA 02110-1301, USA.
  20 +// * ----------------------------------------------------------------------------
  21 +// * Este arquivo é parte do Framework Demoiselle.
  22 +// *
  23 +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 +// * do Software Livre (FSF).
  26 +// *
  27 +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 +// * para maiores detalhes.
  31 +// *
  32 +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 +// * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 +// * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 +// */
  37 +//package br.gov.frameworkdemoiselle.internal.proxy;
  38 +//
  39 +//import java.io.IOException;
  40 +//import java.io.Serializable;
  41 +//
  42 +//import javax.security.auth.callback.Callback;
  43 +//import javax.security.auth.callback.CallbackHandler;
  44 +//import javax.security.auth.callback.NameCallback;
  45 +//import javax.security.auth.callback.PasswordCallback;
  46 +//import javax.security.auth.callback.UnsupportedCallbackException;
  47 +//
  48 +//import br.gov.frameworkdemoiselle.security.Credentials;
  49 +//
  50 +//public class CallbackHandlerProxy implements CallbackHandler, Serializable {
  51 +//
  52 +// private static final long serialVersionUID = 1L;
  53 +//
  54 +// private transient CallbackHandler delegate;
  55 +//
  56 +// private final Credentials credentials;
  57 +//
  58 +// public CallbackHandlerProxy(Credentials credentials) {
  59 +// this.credentials = credentials;
  60 +// }
  61 +//
  62 +// private CallbackHandler getDelegate() {
  63 +// if (this.delegate == null) {
  64 +// this.delegate = create();
  65 +// }
  66 +//
  67 +// return this.delegate;
  68 +// }
  69 +//
  70 +// private CallbackHandler create() {
  71 +// return new CallbackHandler() {
  72 +//
  73 +// public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  74 +// for (int i = 0; i < callbacks.length; i++) {
  75 +// if (callbacks[i] instanceof NameCallback) {
  76 +// ((NameCallback) callbacks[i]).setName(credentials.getUsername());
  77 +//
  78 +// } else if (callbacks[i] instanceof PasswordCallback) {
  79 +// ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());
  80 +//
  81 +// } else {
  82 +// System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);
  83 +// }
  84 +// }
  85 +// }
  86 +// };
  87 +// }
  88 +//
  89 +// public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  90 +// getDelegate().handle(callbacks);
  91 +// }
  92 +//}
... ...
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java
  Diff comments   View file @4daf7b4
... ... @@ -55,7 +55,7 @@ public class Credentials implements Serializable {
55 55 this.username = null;
56 56 this.password = null;
57 57 }
58   -
  58 +
59 59 public String getUsername() {
60 60 return username;
61 61 }
... ... @@ -71,5 +71,4 @@ public class Credentials implements Serializable {
71 71 public void setPassword(String password) {
72 72 this.password = password;
73 73 }
74   -
75 74 }
... ...
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java
  Diff comments   View file @4daf7b4
... ... @@ -36,44 +36,63 @@
36 36 */
37 37 package br.gov.frameworkdemoiselle.security;
38 38  
39   -import java.security.Principal;
  39 +import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY;
40 40  
  41 +import java.io.IOException;
  42 +
  43 +import javax.enterprise.context.SessionScoped;
  44 +import javax.enterprise.inject.Produces;
41 45 import javax.inject.Inject;
  46 +import javax.security.auth.Subject;
  47 +import javax.security.auth.callback.Callback;
  48 +import javax.security.auth.callback.CallbackHandler;
  49 +import javax.security.auth.callback.NameCallback;
  50 +import javax.security.auth.callback.PasswordCallback;
  51 +import javax.security.auth.callback.UnsupportedCallbackException;
42 52 import javax.security.auth.login.LoginContext;
43 53 import javax.security.auth.login.LoginException;
44 54  
45   -import br.gov.frameworkdemoiselle.internal.producer.LoginContextFactory;
  55 +import br.gov.frameworkdemoiselle.annotation.Priority;
  56 +import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig;
46 57  
47   -//@SessionScoped
  58 +@SessionScoped
  59 +@Priority(EXTENSIONS_L1_PRIORITY)
48 60 public class JAASAuthenticator implements Authenticator {
49 61  
50 62 private static final long serialVersionUID = 1L;
51 63  
52   - private transient LoginContext loginContext;
53   -
54 64 private User user;
55 65  
  66 + private final Subject subject;
  67 +
  68 + @Inject
  69 + private JAASConfig config;
  70 +
56 71 @Inject
57 72 private Credentials credentials;
58 73  
  74 + public JAASAuthenticator() {
  75 + this.subject = new Subject();
  76 + }
  77 +
59 78 @Override
60 79 public boolean authenticate() {
61 80 boolean result = false;
62 81  
63 82 try {
64   - getLoginContext().login();
65   - getLoginContext().getSubject().getPrincipals().add(new Principal() {
  83 + LoginContext loginContext = createLoginContext();
66 84  
67   - @Override
68   - public String getName() {
69   - return credentials.getUsername();
70   - }
71   - });
  85 + if (loginContext != null) {
  86 + loginContext.login();
72 87  
73   - this.credentials.clear();
74   - result = true;
  88 + this.user = createUser(this.credentials.getUsername());
  89 + this.credentials.clear();
  90 +
  91 + result = true;
  92 + }
75 93  
76 94 } catch (LoginException cause) {
  95 + // TODO Colocar no log
77 96 result = false;
78 97 }
79 98  
... ... @@ -82,80 +101,60 @@ public class JAASAuthenticator implements Authenticator {
82 101  
83 102 @Override
84 103 public void unAuthenticate() {
85   - try {
86   - getLoginContext().logout();
87   - user = null;
88   -
89   - } catch (LoginException cause) {
90   - cause.printStackTrace();
91   - }
  104 + this.user = null;
92 105 }
93 106  
94   - @Override
95   - public User getUser() {
96   - if (this.user == null && getLoginContext().getSubject() != null
97   - && !getLoginContext().getSubject().getPrincipals().isEmpty()) {
98   - this.user = new User() {
  107 + private User createUser(final String username) {
  108 + return new User() {
99 109  
100   - private static final long serialVersionUID = 1L;
  110 + private static final long serialVersionUID = 1L;
101 111  
102   - @Override
103   - public String getId() {
104   - return getLoginContext().getSubject().getPrincipals().iterator().next().getName();
105   - }
  112 + @Override
  113 + public String getId() {
  114 + return username;
  115 + }
106 116  
107   - @Override
108   - public Object getAttribute(Object key) {
109   - return null;
110   - }
  117 + @Override
  118 + public Object getAttribute(Object key) {
  119 + return null;
  120 + }
111 121  
112   - @Override
113   - public void setAttribute(Object key, Object value) {
114   - }
115   - };
116   - }
  122 + @Override
  123 + public void setAttribute(Object key, Object value) {
  124 + }
  125 + };
  126 + }
117 127  
  128 + @Override
  129 + public User getUser() {
118 130 return this.user;
119 131 }
120 132  
121   - public LoginContext getLoginContext() {
122   - if (this.loginContext == null) {
123   - this.loginContext = LoginContextFactory.createLoginContext();
124   - }
  133 + @Produces
  134 + public Subject getSubject() {
  135 + return this.subject;
  136 + }
125 137  
126   - return this.loginContext;
  138 + public LoginContext createLoginContext() throws LoginException {
  139 + return new LoginContext(config.getLoginModuleName(), this.subject, createCallbackHandler());
127 140 }
128 141  
129   - //
130   - // protected LoginContext createLoginContext() {
131   - // LoginContext result = null;
132   - //
133   - // try {
134   - // result = new LoginContext(this.config.getLoginModuleName(), createCallbackHandler());
135   - //
136   - // } catch (LoginException cause) {
137   - // throw new SecurityException(cause);
138   - // }
139   - //
140   - // return result;
141   - // }
142   -
143   - // protected CallbackHandler createCallbackHandler() {
144   - // return new CallbackHandler() {
145   - //
146   - // public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
147   - // for (int i = 0; i < callbacks.length; i++) {
148   - // if (callbacks[i] instanceof NameCallback) {
149   - // ((NameCallback) callbacks[i]).setName(credentials.getUsername());
150   - //
151   - // } else if (callbacks[i] instanceof PasswordCallback) {
152   - // ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());
153   - //
154   - // } else {
155   - // System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);
156   - // }
157   - // }
158   - // }
159   - // };
160   - // }
  142 + private CallbackHandler createCallbackHandler() {
  143 + return new CallbackHandler() {
  144 +
  145 + public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  146 + for (int i = 0; i < callbacks.length; i++) {
  147 + if (callbacks[i] instanceof NameCallback) {
  148 + ((NameCallback) callbacks[i]).setName(credentials.getUsername());
  149 +
  150 + } else if (callbacks[i] instanceof PasswordCallback) {
  151 + ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());
  152 +
  153 + } else {
  154 + System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);
  155 + }
  156 + }
  157 + }
  158 + };
  159 + }
161 160 }
... ...
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java
  Diff comments   View file @4daf7b4
... ... @@ -36,20 +36,22 @@
36 36 */
37 37 package br.gov.frameworkdemoiselle.security;
38 38  
  39 +import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY;
  40 +
39 41 import java.security.Principal;
40 42 import java.security.acl.Group;
41 43 import java.util.Enumeration;
42 44  
43   -import javax.security.auth.login.LoginContext;
  45 +import javax.security.auth.Subject;
44 46  
45   -import br.gov.frameworkdemoiselle.internal.producer.LoginContextFactory;
  47 +import br.gov.frameworkdemoiselle.annotation.Priority;
  48 +import br.gov.frameworkdemoiselle.util.Beans;
46 49  
  50 +@Priority(EXTENSIONS_L1_PRIORITY)
47 51 public class JAASAuthorizer implements Authorizer {
48 52  
49 53 private static final long serialVersionUID = 1L;
50 54  
51   - private transient LoginContext loginContext;
52   -
53 55 @Override
54 56 public boolean hasRole(String role) {
55 57 boolean result = false;
... ... @@ -57,8 +59,9 @@ public class JAASAuthorizer implements Authorizer {
57 59 Group group;
58 60 Principal member;
59 61 Enumeration<? extends Principal> enumeration;
  62 + Subject subject = Beans.getReference(Subject.class);
60 63  
61   - for (Principal principal : getLoginContext().getSubject().getPrincipals()) {
  64 + for (Principal principal : subject.getPrincipals()) {
62 65  
63 66 if (principal instanceof Group) {
64 67 group = (Group) principal;
... ... @@ -67,8 +70,6 @@ public class JAASAuthorizer implements Authorizer {
67 70 while (enumeration.hasMoreElements()) {
68 71 member = (Principal) enumeration.nextElement();
69 72  
70   - System.out.println("xxxxxx: " + member.getName());
71   -
72 73 if (member.getName().equals(role)) {
73 74 result = true;
74 75 break;
... ... @@ -80,14 +81,6 @@ public class JAASAuthorizer implements Authorizer {
80 81 return result;
81 82 }
82 83  
83   - public LoginContext getLoginContext() {
84   - if (this.loginContext == null) {
85   - this.loginContext = LoginContextFactory.createLoginContext();
86   - }
87   -
88   - return this.loginContext;
89   - }
90   -
91 84 @Override
92 85 public boolean hasPermission(String resource, String operation) {
93 86 return true;
... ...