From 4daf7b463cd058622285200ebaeb618bad59ae7a Mon Sep 17 00:00:00 2001 From: Cleverson Sacramento Date: Tue, 11 Dec 2012 15:31:58 -0300 Subject: [PATCH] Agora o JAAS está funcionando, porém de forma dependente ao escopo de sessão. --- impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/LoginContextFactory.java | 135 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java | 120 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------------------------------------------------------------ impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java | 110 -------------------------------------------------------------------------------------------------------------- impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java | 184 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------------------------------------------------------------------------- impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java | 3 +-- impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java | 153 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------------------------------- impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java | 23 ++++++++--------------- 7 files changed, 372 insertions(+), 356 deletions(-) create mode 100644 impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/LoginContextFactory.java delete mode 100644 impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/LoginContextFactory.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/LoginContextFactory.java new file mode 100644 index 0000000..3b435eb --- /dev/null +++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/LoginContextFactory.java @@ -0,0 +1,135 @@ +///* +// * Demoiselle Framework +// * Copyright (C) 2010 SERPRO +// * ---------------------------------------------------------------------------- +// * This file is part of Demoiselle Framework. +// * +// * Demoiselle Framework is free software; you can redistribute it and/or +// * modify it under the terms of the GNU Lesser General Public License version 3 +// * as published by the Free Software Foundation. +// * +// * This program is distributed in the hope that it will be useful, +// * but WITHOUT ANY WARRANTY; without even the implied warranty of +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// * GNU General Public License for more details. +// * +// * You should have received a copy of the GNU Lesser General Public License version 3 +// * along with this program; if not, see +// * or write to the Free Software Foundation, Inc., 51 Franklin Street, +// * Fifth Floor, Boston, MA 02110-1301, USA. +// * ---------------------------------------------------------------------------- +// * Este arquivo é parte do Framework Demoiselle. +// * +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação +// * do Software Livre (FSF). +// * +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português +// * para maiores detalhes. +// * +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título +// * "LICENCA.txt", junto com esse programa. Se não, acesse +// * ou escreva para a Fundação do Software Livre (FSF) Inc., +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. +// */ +//package br.gov.frameworkdemoiselle.internal.implementation; +// +//import java.io.Serializable; +// +//import javax.enterprise.context.ContextNotActiveException; +//import javax.enterprise.context.SessionScoped; +//import javax.security.auth.Subject; +//import javax.security.auth.callback.CallbackHandler; +//import javax.security.auth.login.LoginContext; +//import javax.security.auth.login.LoginException; +// +//import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig; +//import br.gov.frameworkdemoiselle.security.SecurityException; +//import br.gov.frameworkdemoiselle.util.Beans; +// +//@SessionScoped +//public class LoginContextFactory implements Serializable { +// +// private static final long serialVersionUID = 1L; +// +// private transient LoginContext loginContext; +// +// private String name; +// +// private CallbackHandler callbackHandler; +// +// private LoginContext getLoginContext() throws LoginException { +// if (this.loginContext == null) { +// this.loginContext = new LoginContext(getName(), new Subject(), getCallbackHandler()); +// } +// +// getName(); +// +// return this.loginContext; +// } +// +// public static LoginContext createLoginContext() { +// LoginContext loginContext; +// +// try { +// loginContext = Beans.getReference(LoginContextFactory.class).getLoginContext(); +// +// } catch (ContextNotActiveException cause) { +// loginContext = null; +// +// } catch (LoginException cause) { +// throw new SecurityException(cause); +// } +// +// if (loginContext == null) { +// try { +// loginContext = new LoginContextFactory().getLoginContext(); +// +// } catch (LoginException cause) { +// throw new SecurityException(cause); +// } +// } +// +// return loginContext; +// } +// +// public static void destroyLoginContext() { +// try { +// LoginContextFactory factory = Beans.getReference(LoginContextFactory.class); +// factory.clean(); +// +// } catch (ContextNotActiveException cause) { +// } +// } +// +// private void clean() { +// if (this.loginContext != null) { +// +// try { +// this.loginContext.logout(); +// +// } catch (LoginException cause) { +// } +// +// this.loginContext = null; +// } +// } +// +// private String getName() { +// if (this.name == null) { +// this.name = Beans.getReference(JAASConfig.class).getLoginModuleName(); +// } +// +// return this.name; +// } +// +// private CallbackHandler getCallbackHandler() { +// if (this.callbackHandler == null) { +// this.callbackHandler = Beans.getReference(CallbackHandler.class); +// } +// +// return this.callbackHandler; +// } +//} diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java index 02b2f41..e50c6c0 100644 --- a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java +++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java @@ -1,60 +1,60 @@ -/* - * Demoiselle Framework - * Copyright (C) 2010 SERPRO - * ---------------------------------------------------------------------------- - * This file is part of Demoiselle Framework. - * - * Demoiselle Framework is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License version 3 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License version 3 - * along with this program; if not, see - * or write to the Free Software Foundation, Inc., 51 Franklin Street, - * Fifth Floor, Boston, MA 02110-1301, USA. - * ---------------------------------------------------------------------------- - * Este arquivo é parte do Framework Demoiselle. - * - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação - * do Software Livre (FSF). - * - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português - * para maiores detalhes. - * - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título - * "LICENCA.txt", junto com esse programa. Se não, acesse - * ou escreva para a Fundação do Software Livre (FSF) Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. - */ -package br.gov.frameworkdemoiselle.internal.producer; - -import java.io.Serializable; - -import javax.enterprise.context.RequestScoped; -import javax.enterprise.inject.Produces; -import javax.security.auth.callback.CallbackHandler; - -import br.gov.frameworkdemoiselle.internal.proxy.CallbackHandlerProxy; -import br.gov.frameworkdemoiselle.security.Credentials; -import br.gov.frameworkdemoiselle.util.Beans; - -public class CallbackHandlerProducer implements Serializable { - - private static final long serialVersionUID = 1L; - - @Produces - @RequestScoped - public static CallbackHandler create() { - Credentials credentials = Beans.getReference(Credentials.class); - - return new CallbackHandlerProxy(credentials); - } -} +///* +// * Demoiselle Framework +// * Copyright (C) 2010 SERPRO +// * ---------------------------------------------------------------------------- +// * This file is part of Demoiselle Framework. +// * +// * Demoiselle Framework is free software; you can redistribute it and/or +// * modify it under the terms of the GNU Lesser General Public License version 3 +// * as published by the Free Software Foundation. +// * +// * This program is distributed in the hope that it will be useful, +// * but WITHOUT ANY WARRANTY; without even the implied warranty of +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// * GNU General Public License for more details. +// * +// * You should have received a copy of the GNU Lesser General Public License version 3 +// * along with this program; if not, see +// * or write to the Free Software Foundation, Inc., 51 Franklin Street, +// * Fifth Floor, Boston, MA 02110-1301, USA. +// * ---------------------------------------------------------------------------- +// * Este arquivo é parte do Framework Demoiselle. +// * +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação +// * do Software Livre (FSF). +// * +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português +// * para maiores detalhes. +// * +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título +// * "LICENCA.txt", junto com esse programa. Se não, acesse +// * ou escreva para a Fundação do Software Livre (FSF) Inc., +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. +// */ +//package br.gov.frameworkdemoiselle.internal.producer; +// +//import java.io.Serializable; +// +//import javax.enterprise.context.RequestScoped; +//import javax.enterprise.inject.Produces; +//import javax.security.auth.callback.CallbackHandler; +// +//import br.gov.frameworkdemoiselle.internal.proxy.CallbackHandlerProxy; +//import br.gov.frameworkdemoiselle.security.Credentials; +//import br.gov.frameworkdemoiselle.util.Beans; +// +//public class CallbackHandlerProducer implements Serializable { +// +// private static final long serialVersionUID = 1L; +// +// @Produces +// @RequestScoped +// public CallbackHandler create() { +// Credentials credentials = Beans.getReference(Credentials.class); +// +// return new CallbackHandlerProxy(credentials); +// } +//} diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java deleted file mode 100644 index 9de284b..0000000 --- a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Demoiselle Framework - * Copyright (C) 2010 SERPRO - * ---------------------------------------------------------------------------- - * This file is part of Demoiselle Framework. - * - * Demoiselle Framework is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License version 3 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License version 3 - * along with this program; if not, see - * or write to the Free Software Foundation, Inc., 51 Franklin Street, - * Fifth Floor, Boston, MA 02110-1301, USA. - * ---------------------------------------------------------------------------- - * Este arquivo é parte do Framework Demoiselle. - * - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação - * do Software Livre (FSF). - * - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português - * para maiores detalhes. - * - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título - * "LICENCA.txt", junto com esse programa. Se não, acesse - * ou escreva para a Fundação do Software Livre (FSF) Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. - */ -package br.gov.frameworkdemoiselle.internal.producer; - -import java.io.Serializable; - -import javax.enterprise.context.ContextNotActiveException; -import javax.enterprise.context.SessionScoped; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.login.LoginContext; -import javax.security.auth.login.LoginException; - -import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig; -import br.gov.frameworkdemoiselle.security.SecurityException; -import br.gov.frameworkdemoiselle.util.Beans; - -@SessionScoped -public class LoginContextFactory implements Serializable { - - private static final long serialVersionUID = 1L; - - private transient LoginContext loginContext; - - private String name; - - private CallbackHandler callbackHandler; - - private LoginContext getLoginContext() throws LoginException { - if (this.loginContext == null) { - this.loginContext = new LoginContext(getName(), getCallbackHandler()); - } - - return this.loginContext; - } - - public static LoginContext createLoginContext() { - LoginContext loginContext; - - try { - loginContext = Beans.getReference(LoginContextFactory.class).getLoginContext(); - - } catch (ContextNotActiveException cause) { - loginContext = null; - - } catch (LoginException cause) { - throw new SecurityException(cause); - } - - if (loginContext == null) { - try { - loginContext = new LoginContextFactory().getLoginContext(); - - } catch (LoginException cause) { - throw new SecurityException(cause); - } - } - - return loginContext; - } - - private String getName() { - if (this.name == null) { - this.name = Beans.getReference(JAASConfig.class).getLoginModuleName(); - } - - return this.name; - } - - private CallbackHandler getCallbackHandler() { - if (this.callbackHandler == null) { - this.callbackHandler = Beans.getReference(CallbackHandler.class); - } - - return this.callbackHandler; - } -} diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java index 8c1bba6..7debeb4 100644 --- a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java +++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java @@ -1,92 +1,92 @@ -/* - * Demoiselle Framework - * Copyright (C) 2010 SERPRO - * ---------------------------------------------------------------------------- - * This file is part of Demoiselle Framework. - * - * Demoiselle Framework is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License version 3 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License version 3 - * along with this program; if not, see - * or write to the Free Software Foundation, Inc., 51 Franklin Street, - * Fifth Floor, Boston, MA 02110-1301, USA. - * ---------------------------------------------------------------------------- - * Este arquivo é parte do Framework Demoiselle. - * - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação - * do Software Livre (FSF). - * - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português - * para maiores detalhes. - * - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título - * "LICENCA.txt", junto com esse programa. Se não, acesse - * ou escreva para a Fundação do Software Livre (FSF) Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. - */ -package br.gov.frameworkdemoiselle.internal.proxy; - -import java.io.IOException; -import java.io.Serializable; - -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.UnsupportedCallbackException; - -import br.gov.frameworkdemoiselle.security.Credentials; - -public class CallbackHandlerProxy implements CallbackHandler, Serializable { - - private static final long serialVersionUID = 1L; - - private transient CallbackHandler delegate; - - private final Credentials credentials; - - public CallbackHandlerProxy(Credentials credentials) { - this.credentials = credentials; - } - - private CallbackHandler getDelegate() { - if (this.delegate == null) { - this.delegate = create(); - } - - return this.delegate; - } - - private CallbackHandler create() { - return new CallbackHandler() { - - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof NameCallback) { - ((NameCallback) callbacks[i]).setName(credentials.getUsername()); - - } else if (callbacks[i] instanceof PasswordCallback) { - ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray()); - - } else { - System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]); - } - } - } - }; - } - - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { - getDelegate().handle(callbacks); - } -} +///* +// * Demoiselle Framework +// * Copyright (C) 2010 SERPRO +// * ---------------------------------------------------------------------------- +// * This file is part of Demoiselle Framework. +// * +// * Demoiselle Framework is free software; you can redistribute it and/or +// * modify it under the terms of the GNU Lesser General Public License version 3 +// * as published by the Free Software Foundation. +// * +// * This program is distributed in the hope that it will be useful, +// * but WITHOUT ANY WARRANTY; without even the implied warranty of +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// * GNU General Public License for more details. +// * +// * You should have received a copy of the GNU Lesser General Public License version 3 +// * along with this program; if not, see +// * or write to the Free Software Foundation, Inc., 51 Franklin Street, +// * Fifth Floor, Boston, MA 02110-1301, USA. +// * ---------------------------------------------------------------------------- +// * Este arquivo é parte do Framework Demoiselle. +// * +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação +// * do Software Livre (FSF). +// * +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português +// * para maiores detalhes. +// * +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título +// * "LICENCA.txt", junto com esse programa. Se não, acesse +// * ou escreva para a Fundação do Software Livre (FSF) Inc., +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. +// */ +//package br.gov.frameworkdemoiselle.internal.proxy; +// +//import java.io.IOException; +//import java.io.Serializable; +// +//import javax.security.auth.callback.Callback; +//import javax.security.auth.callback.CallbackHandler; +//import javax.security.auth.callback.NameCallback; +//import javax.security.auth.callback.PasswordCallback; +//import javax.security.auth.callback.UnsupportedCallbackException; +// +//import br.gov.frameworkdemoiselle.security.Credentials; +// +//public class CallbackHandlerProxy implements CallbackHandler, Serializable { +// +// private static final long serialVersionUID = 1L; +// +// private transient CallbackHandler delegate; +// +// private final Credentials credentials; +// +// public CallbackHandlerProxy(Credentials credentials) { +// this.credentials = credentials; +// } +// +// private CallbackHandler getDelegate() { +// if (this.delegate == null) { +// this.delegate = create(); +// } +// +// return this.delegate; +// } +// +// private CallbackHandler create() { +// return new CallbackHandler() { +// +// public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { +// for (int i = 0; i < callbacks.length; i++) { +// if (callbacks[i] instanceof NameCallback) { +// ((NameCallback) callbacks[i]).setName(credentials.getUsername()); +// +// } else if (callbacks[i] instanceof PasswordCallback) { +// ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray()); +// +// } else { +// System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]); +// } +// } +// } +// }; +// } +// +// public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { +// getDelegate().handle(callbacks); +// } +//} diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java index 3dc8f36..023bef8 100644 --- a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java +++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java @@ -55,7 +55,7 @@ public class Credentials implements Serializable { this.username = null; this.password = null; } - + public String getUsername() { return username; } @@ -71,5 +71,4 @@ public class Credentials implements Serializable { public void setPassword(String password) { this.password = password; } - } diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java index 887dc1f..f5e59fc 100644 --- a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java +++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java @@ -36,44 +36,63 @@ */ package br.gov.frameworkdemoiselle.security; -import java.security.Principal; +import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY; +import java.io.IOException; + +import javax.enterprise.context.SessionScoped; +import javax.enterprise.inject.Produces; import javax.inject.Inject; +import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; -import br.gov.frameworkdemoiselle.internal.producer.LoginContextFactory; +import br.gov.frameworkdemoiselle.annotation.Priority; +import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig; -//@SessionScoped +@SessionScoped +@Priority(EXTENSIONS_L1_PRIORITY) public class JAASAuthenticator implements Authenticator { private static final long serialVersionUID = 1L; - private transient LoginContext loginContext; - private User user; + private final Subject subject; + + @Inject + private JAASConfig config; + @Inject private Credentials credentials; + public JAASAuthenticator() { + this.subject = new Subject(); + } + @Override public boolean authenticate() { boolean result = false; try { - getLoginContext().login(); - getLoginContext().getSubject().getPrincipals().add(new Principal() { + LoginContext loginContext = createLoginContext(); - @Override - public String getName() { - return credentials.getUsername(); - } - }); + if (loginContext != null) { + loginContext.login(); - this.credentials.clear(); - result = true; + this.user = createUser(this.credentials.getUsername()); + this.credentials.clear(); + + result = true; + } } catch (LoginException cause) { + // TODO Colocar no log result = false; } @@ -82,80 +101,60 @@ public class JAASAuthenticator implements Authenticator { @Override public void unAuthenticate() { - try { - getLoginContext().logout(); - user = null; - - } catch (LoginException cause) { - cause.printStackTrace(); - } + this.user = null; } - @Override - public User getUser() { - if (this.user == null && getLoginContext().getSubject() != null - && !getLoginContext().getSubject().getPrincipals().isEmpty()) { - this.user = new User() { + private User createUser(final String username) { + return new User() { - private static final long serialVersionUID = 1L; + private static final long serialVersionUID = 1L; - @Override - public String getId() { - return getLoginContext().getSubject().getPrincipals().iterator().next().getName(); - } + @Override + public String getId() { + return username; + } - @Override - public Object getAttribute(Object key) { - return null; - } + @Override + public Object getAttribute(Object key) { + return null; + } - @Override - public void setAttribute(Object key, Object value) { - } - }; - } + @Override + public void setAttribute(Object key, Object value) { + } + }; + } + @Override + public User getUser() { return this.user; } - public LoginContext getLoginContext() { - if (this.loginContext == null) { - this.loginContext = LoginContextFactory.createLoginContext(); - } + @Produces + public Subject getSubject() { + return this.subject; + } - return this.loginContext; + public LoginContext createLoginContext() throws LoginException { + return new LoginContext(config.getLoginModuleName(), this.subject, createCallbackHandler()); } - // - // protected LoginContext createLoginContext() { - // LoginContext result = null; - // - // try { - // result = new LoginContext(this.config.getLoginModuleName(), createCallbackHandler()); - // - // } catch (LoginException cause) { - // throw new SecurityException(cause); - // } - // - // return result; - // } - - // protected CallbackHandler createCallbackHandler() { - // return new CallbackHandler() { - // - // public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { - // for (int i = 0; i < callbacks.length; i++) { - // if (callbacks[i] instanceof NameCallback) { - // ((NameCallback) callbacks[i]).setName(credentials.getUsername()); - // - // } else if (callbacks[i] instanceof PasswordCallback) { - // ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray()); - // - // } else { - // System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]); - // } - // } - // } - // }; - // } + private CallbackHandler createCallbackHandler() { + return new CallbackHandler() { + + public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { + for (int i = 0; i < callbacks.length; i++) { + if (callbacks[i] instanceof NameCallback) { + ((NameCallback) callbacks[i]).setName(credentials.getUsername()); + + } else if (callbacks[i] instanceof PasswordCallback) { + ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray()); + + } else { + System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]); + } + } + } + }; + } } diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java index c2f72c2..2239557 100644 --- a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java +++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java @@ -36,20 +36,22 @@ */ package br.gov.frameworkdemoiselle.security; +import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY; + import java.security.Principal; import java.security.acl.Group; import java.util.Enumeration; -import javax.security.auth.login.LoginContext; +import javax.security.auth.Subject; -import br.gov.frameworkdemoiselle.internal.producer.LoginContextFactory; +import br.gov.frameworkdemoiselle.annotation.Priority; +import br.gov.frameworkdemoiselle.util.Beans; +@Priority(EXTENSIONS_L1_PRIORITY) public class JAASAuthorizer implements Authorizer { private static final long serialVersionUID = 1L; - private transient LoginContext loginContext; - @Override public boolean hasRole(String role) { boolean result = false; @@ -57,8 +59,9 @@ public class JAASAuthorizer implements Authorizer { Group group; Principal member; Enumeration enumeration; + Subject subject = Beans.getReference(Subject.class); - for (Principal principal : getLoginContext().getSubject().getPrincipals()) { + for (Principal principal : subject.getPrincipals()) { if (principal instanceof Group) { group = (Group) principal; @@ -67,8 +70,6 @@ public class JAASAuthorizer implements Authorizer { while (enumeration.hasMoreElements()) { member = (Principal) enumeration.nextElement(); - System.out.println("xxxxxx: " + member.getName()); - if (member.getName().equals(role)) { result = true; break; @@ -80,14 +81,6 @@ public class JAASAuthorizer implements Authorizer { return result; } - public LoginContext getLoginContext() { - if (this.loginContext == null) { - this.loginContext = LoginContextFactory.createLoginContext(); - } - - return this.loginContext; - } - @Override public boolean hasPermission(String resource, String operation) { return true; -- libgit2 0.21.2