Download as
Browse Code »

Commit 4daf7b463cd058622285200ebaeb618bad59ae7a

Authored by Cleverson Sacramento
1 parent ed8f2707
Exists in master

Agora o JAAS está funcionando, porém de forma dependente ao escopo 

de sessão.
Showing 7 changed files with 372 additions and 356 deletions   Show diff stats
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/LoginContextFactory.java 0 → 100644
  Diff comments   View file @4daf7b4
@@ -0,0 +1,135 @@ @@ -0,0 +1,135 @@
  1 +///*
  2 +// * Demoiselle Framework
  3 +// * Copyright (C) 2010 SERPRO
  4 +// * ----------------------------------------------------------------------------
  5 +// * This file is part of Demoiselle Framework.
  6 +// *
  7 +// * Demoiselle Framework is free software; you can redistribute it and/or
  8 +// * modify it under the terms of the GNU Lesser General Public License version 3
  9 +// * as published by the Free Software Foundation.
  10 +// *
  11 +// * This program is distributed in the hope that it will be useful,
  12 +// * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 +// * GNU General Public License for more details.
  15 +// *
  16 +// * You should have received a copy of the GNU Lesser General Public License version 3
  17 +// * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 +// * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 +// * Fifth Floor, Boston, MA 02110-1301, USA.
  20 +// * ----------------------------------------------------------------------------
  21 +// * Este arquivo é parte do Framework Demoiselle.
  22 +// *
  23 +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 +// * do Software Livre (FSF).
  26 +// *
  27 +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 +// * para maiores detalhes.
  31 +// *
  32 +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 +// * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 +// * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 +// */
  37 +//package br.gov.frameworkdemoiselle.internal.implementation;
  38 +//
  39 +//import java.io.Serializable;
  40 +//
  41 +//import javax.enterprise.context.ContextNotActiveException;
  42 +//import javax.enterprise.context.SessionScoped;
  43 +//import javax.security.auth.Subject;
  44 +//import javax.security.auth.callback.CallbackHandler;
  45 +//import javax.security.auth.login.LoginContext;
  46 +//import javax.security.auth.login.LoginException;
  47 +//
  48 +//import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig;
  49 +//import br.gov.frameworkdemoiselle.security.SecurityException;
  50 +//import br.gov.frameworkdemoiselle.util.Beans;
  51 +//
  52 +//@SessionScoped
  53 +//public class LoginContextFactory implements Serializable {
  54 +//
  55 +// private static final long serialVersionUID = 1L;
  56 +//
  57 +// private transient LoginContext loginContext;
  58 +//
  59 +// private String name;
  60 +//
  61 +// private CallbackHandler callbackHandler;
  62 +//
  63 +// private LoginContext getLoginContext() throws LoginException {
  64 +// if (this.loginContext == null) {
  65 +// this.loginContext = new LoginContext(getName(), new Subject(), getCallbackHandler());
  66 +// }
  67 +//
  68 +// getName();
  69 +//
  70 +// return this.loginContext;
  71 +// }
  72 +//
  73 +// public static LoginContext createLoginContext() {
  74 +// LoginContext loginContext;
  75 +//
  76 +// try {
  77 +// loginContext = Beans.getReference(LoginContextFactory.class).getLoginContext();
  78 +//
  79 +// } catch (ContextNotActiveException cause) {
  80 +// loginContext = null;
  81 +//
  82 +// } catch (LoginException cause) {
  83 +// throw new SecurityException(cause);
  84 +// }
  85 +//
  86 +// if (loginContext == null) {
  87 +// try {
  88 +// loginContext = new LoginContextFactory().getLoginContext();
  89 +//
  90 +// } catch (LoginException cause) {
  91 +// throw new SecurityException(cause);
  92 +// }
  93 +// }
  94 +//
  95 +// return loginContext;
  96 +// }
  97 +//
  98 +// public static void destroyLoginContext() {
  99 +// try {
  100 +// LoginContextFactory factory = Beans.getReference(LoginContextFactory.class);
  101 +// factory.clean();
  102 +//
  103 +// } catch (ContextNotActiveException cause) {
  104 +// }
  105 +// }
  106 +//
  107 +// private void clean() {
  108 +// if (this.loginContext != null) {
  109 +//
  110 +// try {
  111 +// this.loginContext.logout();
  112 +//
  113 +// } catch (LoginException cause) {
  114 +// }
  115 +//
  116 +// this.loginContext = null;
  117 +// }
  118 +// }
  119 +//
  120 +// private String getName() {
  121 +// if (this.name == null) {
  122 +// this.name = Beans.getReference(JAASConfig.class).getLoginModuleName();
  123 +// }
  124 +//
  125 +// return this.name;
  126 +// }
  127 +//
  128 +// private CallbackHandler getCallbackHandler() {
  129 +// if (this.callbackHandler == null) {
  130 +// this.callbackHandler = Beans.getReference(CallbackHandler.class);
  131 +// }
  132 +//
  133 +// return this.callbackHandler;
  134 +// }
  135 +//}
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java
  Diff comments   View file @4daf7b4
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package br.gov.frameworkdemoiselle.internal.producer;  
38 -  
39 -import java.io.Serializable;  
40 -  
41 -import javax.enterprise.context.RequestScoped;  
42 -import javax.enterprise.inject.Produces;  
43 -import javax.security.auth.callback.CallbackHandler;  
44 -  
45 -import br.gov.frameworkdemoiselle.internal.proxy.CallbackHandlerProxy;  
46 -import br.gov.frameworkdemoiselle.security.Credentials;  
47 -import br.gov.frameworkdemoiselle.util.Beans;  
48 -  
49 -public class CallbackHandlerProducer implements Serializable {  
50 -  
51 - private static final long serialVersionUID = 1L;  
52 -  
53 - @Produces  
54 - @RequestScoped  
55 - public static CallbackHandler create() {  
56 - Credentials credentials = Beans.getReference(Credentials.class);  
57 -  
58 - return new CallbackHandlerProxy(credentials);  
59 - }  
60 -} 1 +///*
  2 +// * Demoiselle Framework
  3 +// * Copyright (C) 2010 SERPRO
  4 +// * ----------------------------------------------------------------------------
  5 +// * This file is part of Demoiselle Framework.
  6 +// *
  7 +// * Demoiselle Framework is free software; you can redistribute it and/or
  8 +// * modify it under the terms of the GNU Lesser General Public License version 3
  9 +// * as published by the Free Software Foundation.
  10 +// *
  11 +// * This program is distributed in the hope that it will be useful,
  12 +// * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 +// * GNU General Public License for more details.
  15 +// *
  16 +// * You should have received a copy of the GNU Lesser General Public License version 3
  17 +// * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 +// * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 +// * Fifth Floor, Boston, MA 02110-1301, USA.
  20 +// * ----------------------------------------------------------------------------
  21 +// * Este arquivo é parte do Framework Demoiselle.
  22 +// *
  23 +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 +// * do Software Livre (FSF).
  26 +// *
  27 +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 +// * para maiores detalhes.
  31 +// *
  32 +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 +// * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 +// * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 +// */
  37 +//package br.gov.frameworkdemoiselle.internal.producer;
  38 +//
  39 +//import java.io.Serializable;
  40 +//
  41 +//import javax.enterprise.context.RequestScoped;
  42 +//import javax.enterprise.inject.Produces;
  43 +//import javax.security.auth.callback.CallbackHandler;
  44 +//
  45 +//import br.gov.frameworkdemoiselle.internal.proxy.CallbackHandlerProxy;
  46 +//import br.gov.frameworkdemoiselle.security.Credentials;
  47 +//import br.gov.frameworkdemoiselle.util.Beans;
  48 +//
  49 +//public class CallbackHandlerProducer implements Serializable {
  50 +//
  51 +// private static final long serialVersionUID = 1L;
  52 +//
  53 +// @Produces
  54 +// @RequestScoped
  55 +// public CallbackHandler create() {
  56 +// Credentials credentials = Beans.getReference(Credentials.class);
  57 +//
  58 +// return new CallbackHandlerProxy(credentials);
  59 +// }
  60 +//}
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java
View file @ed8f270
@@ -1,110 +0,0 @@ @@ -1,110 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package br.gov.frameworkdemoiselle.internal.producer;  
38 -  
39 -import java.io.Serializable;  
40 -  
41 -import javax.enterprise.context.ContextNotActiveException;  
42 -import javax.enterprise.context.SessionScoped;  
43 -import javax.security.auth.callback.CallbackHandler;  
44 -import javax.security.auth.login.LoginContext;  
45 -import javax.security.auth.login.LoginException;  
46 -  
47 -import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig;  
48 -import br.gov.frameworkdemoiselle.security.SecurityException;  
49 -import br.gov.frameworkdemoiselle.util.Beans;  
50 -  
51 -@SessionScoped  
52 -public class LoginContextFactory implements Serializable {  
53 -  
54 - private static final long serialVersionUID = 1L;  
55 -  
56 - private transient LoginContext loginContext;  
57 -  
58 - private String name;  
59 -  
60 - private CallbackHandler callbackHandler;  
61 -  
62 - private LoginContext getLoginContext() throws LoginException {  
63 - if (this.loginContext == null) {  
64 - this.loginContext = new LoginContext(getName(), getCallbackHandler());  
65 - }  
66 -  
67 - return this.loginContext;  
68 - }  
69 -  
70 - public static LoginContext createLoginContext() {  
71 - LoginContext loginContext;  
72 -  
73 - try {  
74 - loginContext = Beans.getReference(LoginContextFactory.class).getLoginContext();  
75 -  
76 - } catch (ContextNotActiveException cause) {  
77 - loginContext = null;  
78 -  
79 - } catch (LoginException cause) {  
80 - throw new SecurityException(cause);  
81 - }  
82 -  
83 - if (loginContext == null) {  
84 - try {  
85 - loginContext = new LoginContextFactory().getLoginContext();  
86 -  
87 - } catch (LoginException cause) {  
88 - throw new SecurityException(cause);  
89 - }  
90 - }  
91 -  
92 - return loginContext;  
93 - }  
94 -  
95 - private String getName() {  
96 - if (this.name == null) {  
97 - this.name = Beans.getReference(JAASConfig.class).getLoginModuleName();  
98 - }  
99 -  
100 - return this.name;  
101 - }  
102 -  
103 - private CallbackHandler getCallbackHandler() {  
104 - if (this.callbackHandler == null) {  
105 - this.callbackHandler = Beans.getReference(CallbackHandler.class);  
106 - }  
107 -  
108 - return this.callbackHandler;  
109 - }  
110 -}  
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java
  Diff comments   View file @4daf7b4
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package br.gov.frameworkdemoiselle.internal.proxy;  
38 -  
39 -import java.io.IOException;  
40 -import java.io.Serializable;  
41 -  
42 -import javax.security.auth.callback.Callback;  
43 -import javax.security.auth.callback.CallbackHandler;  
44 -import javax.security.auth.callback.NameCallback;  
45 -import javax.security.auth.callback.PasswordCallback;  
46 -import javax.security.auth.callback.UnsupportedCallbackException;  
47 -  
48 -import br.gov.frameworkdemoiselle.security.Credentials;  
49 -  
50 -public class CallbackHandlerProxy implements CallbackHandler, Serializable {  
51 -  
52 - private static final long serialVersionUID = 1L;  
53 -  
54 - private transient CallbackHandler delegate;  
55 -  
56 - private final Credentials credentials;  
57 -  
58 - public CallbackHandlerProxy(Credentials credentials) {  
59 - this.credentials = credentials;  
60 - }  
61 -  
62 - private CallbackHandler getDelegate() {  
63 - if (this.delegate == null) {  
64 - this.delegate = create();  
65 - }  
66 -  
67 - return this.delegate;  
68 - }  
69 -  
70 - private CallbackHandler create() {  
71 - return new CallbackHandler() {  
72 -  
73 - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {  
74 - for (int i = 0; i < callbacks.length; i++) {  
75 - if (callbacks[i] instanceof NameCallback) {  
76 - ((NameCallback) callbacks[i]).setName(credentials.getUsername());  
77 -  
78 - } else if (callbacks[i] instanceof PasswordCallback) {  
79 - ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());  
80 -  
81 - } else {  
82 - System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);  
83 - }  
84 - }  
85 - }  
86 - };  
87 - }  
88 -  
89 - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {  
90 - getDelegate().handle(callbacks);  
91 - }  
92 -} 1 +///*
  2 +// * Demoiselle Framework
  3 +// * Copyright (C) 2010 SERPRO
  4 +// * ----------------------------------------------------------------------------
  5 +// * This file is part of Demoiselle Framework.
  6 +// *
  7 +// * Demoiselle Framework is free software; you can redistribute it and/or
  8 +// * modify it under the terms of the GNU Lesser General Public License version 3
  9 +// * as published by the Free Software Foundation.
  10 +// *
  11 +// * This program is distributed in the hope that it will be useful,
  12 +// * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 +// * GNU General Public License for more details.
  15 +// *
  16 +// * You should have received a copy of the GNU Lesser General Public License version 3
  17 +// * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 +// * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 +// * Fifth Floor, Boston, MA 02110-1301, USA.
  20 +// * ----------------------------------------------------------------------------
  21 +// * Este arquivo é parte do Framework Demoiselle.
  22 +// *
  23 +// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 +// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 +// * do Software Livre (FSF).
  26 +// *
  27 +// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 +// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 +// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 +// * para maiores detalhes.
  31 +// *
  32 +// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 +// * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 +// * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 +// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 +// */
  37 +//package br.gov.frameworkdemoiselle.internal.proxy;
  38 +//
  39 +//import java.io.IOException;
  40 +//import java.io.Serializable;
  41 +//
  42 +//import javax.security.auth.callback.Callback;
  43 +//import javax.security.auth.callback.CallbackHandler;
  44 +//import javax.security.auth.callback.NameCallback;
  45 +//import javax.security.auth.callback.PasswordCallback;
  46 +//import javax.security.auth.callback.UnsupportedCallbackException;
  47 +//
  48 +//import br.gov.frameworkdemoiselle.security.Credentials;
  49 +//
  50 +//public class CallbackHandlerProxy implements CallbackHandler, Serializable {
  51 +//
  52 +// private static final long serialVersionUID = 1L;
  53 +//
  54 +// private transient CallbackHandler delegate;
  55 +//
  56 +// private final Credentials credentials;
  57 +//
  58 +// public CallbackHandlerProxy(Credentials credentials) {
  59 +// this.credentials = credentials;
  60 +// }
  61 +//
  62 +// private CallbackHandler getDelegate() {
  63 +// if (this.delegate == null) {
  64 +// this.delegate = create();
  65 +// }
  66 +//
  67 +// return this.delegate;
  68 +// }
  69 +//
  70 +// private CallbackHandler create() {
  71 +// return new CallbackHandler() {
  72 +//
  73 +// public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  74 +// for (int i = 0; i < callbacks.length; i++) {
  75 +// if (callbacks[i] instanceof NameCallback) {
  76 +// ((NameCallback) callbacks[i]).setName(credentials.getUsername());
  77 +//
  78 +// } else if (callbacks[i] instanceof PasswordCallback) {
  79 +// ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());
  80 +//
  81 +// } else {
  82 +// System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);
  83 +// }
  84 +// }
  85 +// }
  86 +// };
  87 +// }
  88 +//
  89 +// public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  90 +// getDelegate().handle(callbacks);
  91 +// }
  92 +//}
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java
  Diff comments   View file @4daf7b4
@@ -55,7 +55,7 @@ public class Credentials implements Serializable { @@ -55,7 +55,7 @@ public class Credentials implements Serializable {
55 this.username = null; 55 this.username = null;
56 this.password = null; 56 this.password = null;
57 } 57 }
58 - 58 +
59 public String getUsername() { 59 public String getUsername() {
60 return username; 60 return username;
61 } 61 }
@@ -71,5 +71,4 @@ public class Credentials implements Serializable { @@ -71,5 +71,4 @@ public class Credentials implements Serializable {
71 public void setPassword(String password) { 71 public void setPassword(String password) {
72 this.password = password; 72 this.password = password;
73 } 73 }
74 -  
75 } 74 }
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java
  Diff comments   View file @4daf7b4
@@ -36,44 +36,63 @@ @@ -36,44 +36,63 @@
36 */ 36 */
37 package br.gov.frameworkdemoiselle.security; 37 package br.gov.frameworkdemoiselle.security;
38 38
39 -import java.security.Principal; 39 +import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY;
40 40
  41 +import java.io.IOException;
  42 +
  43 +import javax.enterprise.context.SessionScoped;
  44 +import javax.enterprise.inject.Produces;
41 import javax.inject.Inject; 45 import javax.inject.Inject;
  46 +import javax.security.auth.Subject;
  47 +import javax.security.auth.callback.Callback;
  48 +import javax.security.auth.callback.CallbackHandler;
  49 +import javax.security.auth.callback.NameCallback;
  50 +import javax.security.auth.callback.PasswordCallback;
  51 +import javax.security.auth.callback.UnsupportedCallbackException;
42 import javax.security.auth.login.LoginContext; 52 import javax.security.auth.login.LoginContext;
43 import javax.security.auth.login.LoginException; 53 import javax.security.auth.login.LoginException;
44 54
45 -import br.gov.frameworkdemoiselle.internal.producer.LoginContextFactory; 55 +import br.gov.frameworkdemoiselle.annotation.Priority;
  56 +import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig;
46 57
47 -//@SessionScoped 58 +@SessionScoped
  59 +@Priority(EXTENSIONS_L1_PRIORITY)
48 public class JAASAuthenticator implements Authenticator { 60 public class JAASAuthenticator implements Authenticator {
49 61
50 private static final long serialVersionUID = 1L; 62 private static final long serialVersionUID = 1L;
51 63
52 - private transient LoginContext loginContext;  
53 -  
54 private User user; 64 private User user;
55 65
  66 + private final Subject subject;
  67 +
  68 + @Inject
  69 + private JAASConfig config;
  70 +
56 @Inject 71 @Inject
57 private Credentials credentials; 72 private Credentials credentials;
58 73
  74 + public JAASAuthenticator() {
  75 + this.subject = new Subject();
  76 + }
  77 +
59 @Override 78 @Override
60 public boolean authenticate() { 79 public boolean authenticate() {
61 boolean result = false; 80 boolean result = false;
62 81
63 try { 82 try {
64 - getLoginContext().login();  
65 - getLoginContext().getSubject().getPrincipals().add(new Principal() { 83 + LoginContext loginContext = createLoginContext();
66 84
67 - @Override  
68 - public String getName() {  
69 - return credentials.getUsername();  
70 - }  
71 - }); 85 + if (loginContext != null) {
  86 + loginContext.login();
72 87
73 - this.credentials.clear();  
74 - result = true; 88 + this.user = createUser(this.credentials.getUsername());
  89 + this.credentials.clear();
  90 +
  91 + result = true;
  92 + }
75 93
76 } catch (LoginException cause) { 94 } catch (LoginException cause) {
  95 + // TODO Colocar no log
77 result = false; 96 result = false;
78 } 97 }
79 98
@@ -82,80 +101,60 @@ public class JAASAuthenticator implements Authenticator { @@ -82,80 +101,60 @@ public class JAASAuthenticator implements Authenticator {
82 101
83 @Override 102 @Override
84 public void unAuthenticate() { 103 public void unAuthenticate() {
85 - try {  
86 - getLoginContext().logout();  
87 - user = null;  
88 -  
89 - } catch (LoginException cause) {  
90 - cause.printStackTrace();  
91 - } 104 + this.user = null;
92 } 105 }
93 106
94 - @Override  
95 - public User getUser() {  
96 - if (this.user == null && getLoginContext().getSubject() != null  
97 - && !getLoginContext().getSubject().getPrincipals().isEmpty()) {  
98 - this.user = new User() { 107 + private User createUser(final String username) {
  108 + return new User() {
99 109
100 - private static final long serialVersionUID = 1L; 110 + private static final long serialVersionUID = 1L;
101 111
102 - @Override  
103 - public String getId() {  
104 - return getLoginContext().getSubject().getPrincipals().iterator().next().getName();  
105 - } 112 + @Override
  113 + public String getId() {
  114 + return username;
  115 + }
106 116
107 - @Override  
108 - public Object getAttribute(Object key) {  
109 - return null;  
110 - } 117 + @Override
  118 + public Object getAttribute(Object key) {
  119 + return null;
  120 + }
111 121
112 - @Override  
113 - public void setAttribute(Object key, Object value) {  
114 - }  
115 - };  
116 - } 122 + @Override
  123 + public void setAttribute(Object key, Object value) {
  124 + }
  125 + };
  126 + }
117 127
  128 + @Override
  129 + public User getUser() {
118 return this.user; 130 return this.user;
119 } 131 }
120 132
121 - public LoginContext getLoginContext() {  
122 - if (this.loginContext == null) {  
123 - this.loginContext = LoginContextFactory.createLoginContext();  
124 - } 133 + @Produces
  134 + public Subject getSubject() {
  135 + return this.subject;
  136 + }
125 137
126 - return this.loginContext; 138 + public LoginContext createLoginContext() throws LoginException {
  139 + return new LoginContext(config.getLoginModuleName(), this.subject, createCallbackHandler());
127 } 140 }
128 141
129 - //  
130 - // protected LoginContext createLoginContext() {  
131 - // LoginContext result = null;  
132 - //  
133 - // try {  
134 - // result = new LoginContext(this.config.getLoginModuleName(), createCallbackHandler());  
135 - //  
136 - // } catch (LoginException cause) {  
137 - // throw new SecurityException(cause);  
138 - // }  
139 - //  
140 - // return result;  
141 - // }  
142 -  
143 - // protected CallbackHandler createCallbackHandler() {  
144 - // return new CallbackHandler() {  
145 - //  
146 - // public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {  
147 - // for (int i = 0; i < callbacks.length; i++) {  
148 - // if (callbacks[i] instanceof NameCallback) {  
149 - // ((NameCallback) callbacks[i]).setName(credentials.getUsername());  
150 - //  
151 - // } else if (callbacks[i] instanceof PasswordCallback) {  
152 - // ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());  
153 - //  
154 - // } else {  
155 - // System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);  
156 - // }  
157 - // }  
158 - // }  
159 - // };  
160 - // } 142 + private CallbackHandler createCallbackHandler() {
  143 + return new CallbackHandler() {
  144 +
  145 + public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  146 + for (int i = 0; i < callbacks.length; i++) {
  147 + if (callbacks[i] instanceof NameCallback) {
  148 + ((NameCallback) callbacks[i]).setName(credentials.getUsername());
  149 +
  150 + } else if (callbacks[i] instanceof PasswordCallback) {
  151 + ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());
  152 +
  153 + } else {
  154 + System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);
  155 + }
  156 + }
  157 + }
  158 + };
  159 + }
161 } 160 }
impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java
  Diff comments   View file @4daf7b4
@@ -36,20 +36,22 @@ @@ -36,20 +36,22 @@
36 */ 36 */
37 package br.gov.frameworkdemoiselle.security; 37 package br.gov.frameworkdemoiselle.security;
38 38
  39 +import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY;
  40 +
39 import java.security.Principal; 41 import java.security.Principal;
40 import java.security.acl.Group; 42 import java.security.acl.Group;
41 import java.util.Enumeration; 43 import java.util.Enumeration;
42 44
43 -import javax.security.auth.login.LoginContext; 45 +import javax.security.auth.Subject;
44 46
45 -import br.gov.frameworkdemoiselle.internal.producer.LoginContextFactory; 47 +import br.gov.frameworkdemoiselle.annotation.Priority;
  48 +import br.gov.frameworkdemoiselle.util.Beans;
46 49
  50 +@Priority(EXTENSIONS_L1_PRIORITY)
47 public class JAASAuthorizer implements Authorizer { 51 public class JAASAuthorizer implements Authorizer {
48 52
49 private static final long serialVersionUID = 1L; 53 private static final long serialVersionUID = 1L;
50 54
51 - private transient LoginContext loginContext;  
52 -  
53 @Override 55 @Override
54 public boolean hasRole(String role) { 56 public boolean hasRole(String role) {
55 boolean result = false; 57 boolean result = false;
@@ -57,8 +59,9 @@ public class JAASAuthorizer implements Authorizer { @@ -57,8 +59,9 @@ public class JAASAuthorizer implements Authorizer {
57 Group group; 59 Group group;
58 Principal member; 60 Principal member;
59 Enumeration<? extends Principal> enumeration; 61 Enumeration<? extends Principal> enumeration;
  62 + Subject subject = Beans.getReference(Subject.class);
60 63
61 - for (Principal principal : getLoginContext().getSubject().getPrincipals()) { 64 + for (Principal principal : subject.getPrincipals()) {
62 65
63 if (principal instanceof Group) { 66 if (principal instanceof Group) {
64 group = (Group) principal; 67 group = (Group) principal;
@@ -67,8 +70,6 @@ public class JAASAuthorizer implements Authorizer { @@ -67,8 +70,6 @@ public class JAASAuthorizer implements Authorizer {
67 while (enumeration.hasMoreElements()) { 70 while (enumeration.hasMoreElements()) {
68 member = (Principal) enumeration.nextElement(); 71 member = (Principal) enumeration.nextElement();
69 72
70 - System.out.println("xxxxxx: " + member.getName());  
71 -  
72 if (member.getName().equals(role)) { 73 if (member.getName().equals(role)) {
73 result = true; 74 result = true;
74 break; 75 break;
@@ -80,14 +81,6 @@ public class JAASAuthorizer implements Authorizer { @@ -80,14 +81,6 @@ public class JAASAuthorizer implements Authorizer {
80 return result; 81 return result;
81 } 82 }
82 83
83 - public LoginContext getLoginContext() {  
84 - if (this.loginContext == null) {  
85 - this.loginContext = LoginContextFactory.createLoginContext();  
86 - }  
87 -  
88 - return this.loginContext;  
89 - }  
90 -  
91 @Override 84 @Override
92 public boolean hasPermission(String resource, String operation) { 85 public boolean hasPermission(String resource, String operation) {
93 return true; 86 return true;