diff --git a/impl/extension/jaas/.gitignore b/impl/extension/jaas/.gitignore
new file mode 100644
index 0000000..221c8fc
--- /dev/null
+++ b/impl/extension/jaas/.gitignore
@@ -0,0 +1,5 @@
+/target
+/.project
+/.classpath
+/.settings
+/.externalToolBuilders
diff --git a/impl/extension/jaas/pom.xml b/impl/extension/jaas/pom.xml
new file mode 100644
index 0000000..8c227b3
--- /dev/null
+++ b/impl/extension/jaas/pom.xml
@@ -0,0 +1,93 @@
+
+
+
+ 4.0.0
+
+ demoiselle-jaas
+ jar
+
+
+ br.gov.frameworkdemoiselle
+ demoiselle-extension-parent
+ 2.3.1-SNAPSHOT
+ ../../../parent/extension
+
+
+ Demoiselle Framework JAAS Extension
+
+ JAAS Extension
+
+ http://www.frameworkdemoiselle.gov.br
+
+
+
+ GNU Lesser General Public License, Version 3
+ http://www.gnu.org/licenses/lgpl-3.0.txt
+
+
+
+
+ SERPRO - Serviço Federal de Processamento de Dados
+ http://www.serpro.gov.br
+
+
+
+
+ sonatype-nexus-snapshots
+ Sonatype Nexus Snapshots
+ https://oss.sonatype.org/content/repositories/snapshots
+
+ true
+
+
+ false
+
+
+
+ sonatype-nexus-releases
+ Sonatype Nexus Releases
+ https://oss.sonatype.org/content/repositories/releases
+
+ false
+
+
+ true
+
+
+
+
diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/configuration/JAASConfig.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/configuration/JAASConfig.java
new file mode 100644
index 0000000..f4fb90b
--- /dev/null
+++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/configuration/JAASConfig.java
@@ -0,0 +1,57 @@
+/*
+ * Demoiselle Framework
+ * Copyright (C) 2010 SERPRO
+ * ----------------------------------------------------------------------------
+ * This file is part of Demoiselle Framework.
+ *
+ * Demoiselle Framework is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License version 3
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License version 3
+ * along with this program; if not, see
+ * or write to the Free Software Foundation, Inc., 51 Franklin Street,
+ * Fifth Floor, Boston, MA 02110-1301, USA.
+ * ----------------------------------------------------------------------------
+ * Este arquivo é parte do Framework Demoiselle.
+ *
+ * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
+ * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
+ * do Software Livre (FSF).
+ *
+ * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
+ * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
+ * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
+ * para maiores detalhes.
+ *
+ * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
+ * "LICENCA.txt", junto com esse programa. Se não, acesse
+ * ou escreva para a Fundação do Software Livre (FSF) Inc.,
+ * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
+ */
+package br.gov.frameworkdemoiselle.internal.configuration;
+
+import java.io.Serializable;
+
+import br.gov.frameworkdemoiselle.configuration.Configuration;
+
+@Configuration(prefix = "frameworkdemoiselle.security")
+public class JAASConfig implements Serializable {
+
+ private static final long serialVersionUID = 1L;
+
+ private String loginModuleName;
+
+ public String getLoginModuleName() {
+ return loginModuleName;
+ }
+
+ public void setLoginModuleName(String loginModuleName) {
+ this.loginModuleName = loginModuleName;
+ }
+}
diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java
new file mode 100644
index 0000000..02b2f41
--- /dev/null
+++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/CallbackHandlerProducer.java
@@ -0,0 +1,60 @@
+/*
+ * Demoiselle Framework
+ * Copyright (C) 2010 SERPRO
+ * ----------------------------------------------------------------------------
+ * This file is part of Demoiselle Framework.
+ *
+ * Demoiselle Framework is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License version 3
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License version 3
+ * along with this program; if not, see
+ * or write to the Free Software Foundation, Inc., 51 Franklin Street,
+ * Fifth Floor, Boston, MA 02110-1301, USA.
+ * ----------------------------------------------------------------------------
+ * Este arquivo é parte do Framework Demoiselle.
+ *
+ * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
+ * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
+ * do Software Livre (FSF).
+ *
+ * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
+ * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
+ * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
+ * para maiores detalhes.
+ *
+ * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
+ * "LICENCA.txt", junto com esse programa. Se não, acesse
+ * ou escreva para a Fundação do Software Livre (FSF) Inc.,
+ * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
+ */
+package br.gov.frameworkdemoiselle.internal.producer;
+
+import java.io.Serializable;
+
+import javax.enterprise.context.RequestScoped;
+import javax.enterprise.inject.Produces;
+import javax.security.auth.callback.CallbackHandler;
+
+import br.gov.frameworkdemoiselle.internal.proxy.CallbackHandlerProxy;
+import br.gov.frameworkdemoiselle.security.Credentials;
+import br.gov.frameworkdemoiselle.util.Beans;
+
+public class CallbackHandlerProducer implements Serializable {
+
+ private static final long serialVersionUID = 1L;
+
+ @Produces
+ @RequestScoped
+ public static CallbackHandler create() {
+ Credentials credentials = Beans.getReference(Credentials.class);
+
+ return new CallbackHandlerProxy(credentials);
+ }
+}
diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java
new file mode 100644
index 0000000..9de284b
--- /dev/null
+++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/producer/LoginContextFactory.java
@@ -0,0 +1,110 @@
+/*
+ * Demoiselle Framework
+ * Copyright (C) 2010 SERPRO
+ * ----------------------------------------------------------------------------
+ * This file is part of Demoiselle Framework.
+ *
+ * Demoiselle Framework is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License version 3
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License version 3
+ * along with this program; if not, see
+ * or write to the Free Software Foundation, Inc., 51 Franklin Street,
+ * Fifth Floor, Boston, MA 02110-1301, USA.
+ * ----------------------------------------------------------------------------
+ * Este arquivo é parte do Framework Demoiselle.
+ *
+ * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
+ * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
+ * do Software Livre (FSF).
+ *
+ * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
+ * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
+ * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
+ * para maiores detalhes.
+ *
+ * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
+ * "LICENCA.txt", junto com esse programa. Se não, acesse
+ * ou escreva para a Fundação do Software Livre (FSF) Inc.,
+ * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
+ */
+package br.gov.frameworkdemoiselle.internal.producer;
+
+import java.io.Serializable;
+
+import javax.enterprise.context.ContextNotActiveException;
+import javax.enterprise.context.SessionScoped;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig;
+import br.gov.frameworkdemoiselle.security.SecurityException;
+import br.gov.frameworkdemoiselle.util.Beans;
+
+@SessionScoped
+public class LoginContextFactory implements Serializable {
+
+ private static final long serialVersionUID = 1L;
+
+ private transient LoginContext loginContext;
+
+ private String name;
+
+ private CallbackHandler callbackHandler;
+
+ private LoginContext getLoginContext() throws LoginException {
+ if (this.loginContext == null) {
+ this.loginContext = new LoginContext(getName(), getCallbackHandler());
+ }
+
+ return this.loginContext;
+ }
+
+ public static LoginContext createLoginContext() {
+ LoginContext loginContext;
+
+ try {
+ loginContext = Beans.getReference(LoginContextFactory.class).getLoginContext();
+
+ } catch (ContextNotActiveException cause) {
+ loginContext = null;
+
+ } catch (LoginException cause) {
+ throw new SecurityException(cause);
+ }
+
+ if (loginContext == null) {
+ try {
+ loginContext = new LoginContextFactory().getLoginContext();
+
+ } catch (LoginException cause) {
+ throw new SecurityException(cause);
+ }
+ }
+
+ return loginContext;
+ }
+
+ private String getName() {
+ if (this.name == null) {
+ this.name = Beans.getReference(JAASConfig.class).getLoginModuleName();
+ }
+
+ return this.name;
+ }
+
+ private CallbackHandler getCallbackHandler() {
+ if (this.callbackHandler == null) {
+ this.callbackHandler = Beans.getReference(CallbackHandler.class);
+ }
+
+ return this.callbackHandler;
+ }
+}
diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java
new file mode 100644
index 0000000..8c1bba6
--- /dev/null
+++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/CallbackHandlerProxy.java
@@ -0,0 +1,92 @@
+/*
+ * Demoiselle Framework
+ * Copyright (C) 2010 SERPRO
+ * ----------------------------------------------------------------------------
+ * This file is part of Demoiselle Framework.
+ *
+ * Demoiselle Framework is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License version 3
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License version 3
+ * along with this program; if not, see
+ * or write to the Free Software Foundation, Inc., 51 Franklin Street,
+ * Fifth Floor, Boston, MA 02110-1301, USA.
+ * ----------------------------------------------------------------------------
+ * Este arquivo é parte do Framework Demoiselle.
+ *
+ * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
+ * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
+ * do Software Livre (FSF).
+ *
+ * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
+ * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
+ * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
+ * para maiores detalhes.
+ *
+ * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
+ * "LICENCA.txt", junto com esse programa. Se não, acesse
+ * ou escreva para a Fundação do Software Livre (FSF) Inc.,
+ * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
+ */
+package br.gov.frameworkdemoiselle.internal.proxy;
+
+import java.io.IOException;
+import java.io.Serializable;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import br.gov.frameworkdemoiselle.security.Credentials;
+
+public class CallbackHandlerProxy implements CallbackHandler, Serializable {
+
+ private static final long serialVersionUID = 1L;
+
+ private transient CallbackHandler delegate;
+
+ private final Credentials credentials;
+
+ public CallbackHandlerProxy(Credentials credentials) {
+ this.credentials = credentials;
+ }
+
+ private CallbackHandler getDelegate() {
+ if (this.delegate == null) {
+ this.delegate = create();
+ }
+
+ return this.delegate;
+ }
+
+ private CallbackHandler create() {
+ return new CallbackHandler() {
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof NameCallback) {
+ ((NameCallback) callbacks[i]).setName(credentials.getUsername());
+
+ } else if (callbacks[i] instanceof PasswordCallback) {
+ ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());
+
+ } else {
+ System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);
+ }
+ }
+ }
+ };
+ }
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ getDelegate().handle(callbacks);
+ }
+}
diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/LoginContextProxy.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/LoginContextProxy.java
new file mode 100644
index 0000000..8517b81
--- /dev/null
+++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/internal/proxy/LoginContextProxy.java
@@ -0,0 +1,120 @@
+///*
+// * Demoiselle Framework
+// * Copyright (C) 2010 SERPRO
+// * ----------------------------------------------------------------------------
+// * This file is part of Demoiselle Framework.
+// *
+// * Demoiselle Framework is free software; you can redistribute it and/or
+// * modify it under the terms of the GNU Lesser General Public License version 3
+// * as published by the Free Software Foundation.
+// *
+// * This program is distributed in the hope that it will be useful,
+// * but WITHOUT ANY WARRANTY; without even the implied warranty of
+// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// * GNU General Public License for more details.
+// *
+// * You should have received a copy of the GNU Lesser General Public License version 3
+// * along with this program; if not, see
+// * or write to the Free Software Foundation, Inc., 51 Franklin Street,
+// * Fifth Floor, Boston, MA 02110-1301, USA.
+// * ----------------------------------------------------------------------------
+// * Este arquivo é parte do Framework Demoiselle.
+// *
+// * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
+// * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
+// * do Software Livre (FSF).
+// *
+// * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
+// * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
+// * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
+// * para maiores detalhes.
+// *
+// * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
+// * "LICENCA.txt", junto com esse programa. Se não, acesse
+// * ou escreva para a Fundação do Software Livre (FSF) Inc.,
+// * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
+// */
+//package br.gov.frameworkdemoiselle.internal.proxy;
+//
+//import java.io.Serializable;
+//
+//import javax.enterprise.context.Dependent;
+//import javax.security.auth.Subject;
+//import javax.security.auth.callback.CallbackHandler;
+//import javax.security.auth.login.LoginContext;
+//import javax.security.auth.login.LoginException;
+//
+//import br.gov.frameworkdemoiselle.internal.configuration.JAASConfig;
+//import br.gov.frameworkdemoiselle.security.SecurityException;
+//import br.gov.frameworkdemoiselle.util.Beans;
+//
+////@Alternative
+////@SessionScoped
+//@Dependent
+//public class LoginContextProxy extends LoginContext implements Serializable {
+//
+// private static final long serialVersionUID = 1L;
+//
+// private transient LoginContext delegate;
+//
+// private transient CallbackHandler callbackHandler;
+//
+// private String name;
+//
+// // public LoginContextProxy() {
+// // super(name)
+// // }
+//
+// public LoginContextProxy() {
+// super("");
+// }
+//
+// private String getName() {
+// if (this.name == null) {
+// this.name = Beans.getReference(JAASConfig.class).getLoginModuleName();
+// }
+//
+// return this.name;
+// }
+//
+// private LoginContext getDelegate() {
+// if (this.delegate == null) {
+// try {
+// this.delegate = new LoginContext(getName(), getCallbackHandler());
+//
+// } catch (LoginException cause) {
+// throw new SecurityException(cause);
+// }
+// }
+//
+// return this.delegate;
+// }
+//
+// private CallbackHandler getCallbackHandler() {
+// if (this.callbackHandler == null) {
+// this.callbackHandler = Beans.getReference(CallbackHandler.class);
+// }
+//
+// return this.callbackHandler;
+// }
+//
+// public boolean equals(Object object) {
+// return getDelegate().equals(object);
+// }
+//
+// public Subject getSubject() {
+// return getDelegate().getSubject();
+// }
+//
+// public int hashCode() {
+// return getDelegate().hashCode();
+// }
+//
+// public void login() throws LoginException {
+// getDelegate().login();
+// }
+//
+// public void logout() throws LoginException {
+// getDelegate().logout();
+// }
+//}
diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java
new file mode 100644
index 0000000..3dc8f36
--- /dev/null
+++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java
@@ -0,0 +1,75 @@
+/*
+ * Demoiselle Framework
+ * Copyright (C) 2010 SERPRO
+ * ----------------------------------------------------------------------------
+ * This file is part of Demoiselle Framework.
+ *
+ * Demoiselle Framework is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License version 3
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License version 3
+ * along with this program; if not, see
+ * or write to the Free Software Foundation, Inc., 51 Franklin Street,
+ * Fifth Floor, Boston, MA 02110-1301, USA.
+ * ----------------------------------------------------------------------------
+ * Este arquivo é parte do Framework Demoiselle.
+ *
+ * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
+ * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
+ * do Software Livre (FSF).
+ *
+ * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
+ * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
+ * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
+ * para maiores detalhes.
+ *
+ * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
+ * "LICENCA.txt", junto com esse programa. Se não, acesse
+ * ou escreva para a Fundação do Software Livre (FSF) Inc.,
+ * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
+ */
+package br.gov.frameworkdemoiselle.security;
+
+import java.io.Serializable;
+
+import javax.enterprise.context.RequestScoped;
+import javax.inject.Named;
+
+@Named
+@RequestScoped
+public class Credentials implements Serializable {
+
+ private static final long serialVersionUID = 1L;
+
+ private String username;
+
+ private String password;
+
+ public void clear() {
+ this.username = null;
+ this.password = null;
+ }
+
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+}
diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java
new file mode 100644
index 0000000..887dc1f
--- /dev/null
+++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthenticator.java
@@ -0,0 +1,161 @@
+/*
+ * Demoiselle Framework
+ * Copyright (C) 2010 SERPRO
+ * ----------------------------------------------------------------------------
+ * This file is part of Demoiselle Framework.
+ *
+ * Demoiselle Framework is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License version 3
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License version 3
+ * along with this program; if not, see
+ * or write to the Free Software Foundation, Inc., 51 Franklin Street,
+ * Fifth Floor, Boston, MA 02110-1301, USA.
+ * ----------------------------------------------------------------------------
+ * Este arquivo é parte do Framework Demoiselle.
+ *
+ * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
+ * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
+ * do Software Livre (FSF).
+ *
+ * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
+ * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
+ * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
+ * para maiores detalhes.
+ *
+ * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
+ * "LICENCA.txt", junto com esse programa. Se não, acesse
+ * ou escreva para a Fundação do Software Livre (FSF) Inc.,
+ * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
+ */
+package br.gov.frameworkdemoiselle.security;
+
+import java.security.Principal;
+
+import javax.inject.Inject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+import br.gov.frameworkdemoiselle.internal.producer.LoginContextFactory;
+
+//@SessionScoped
+public class JAASAuthenticator implements Authenticator {
+
+ private static final long serialVersionUID = 1L;
+
+ private transient LoginContext loginContext;
+
+ private User user;
+
+ @Inject
+ private Credentials credentials;
+
+ @Override
+ public boolean authenticate() {
+ boolean result = false;
+
+ try {
+ getLoginContext().login();
+ getLoginContext().getSubject().getPrincipals().add(new Principal() {
+
+ @Override
+ public String getName() {
+ return credentials.getUsername();
+ }
+ });
+
+ this.credentials.clear();
+ result = true;
+
+ } catch (LoginException cause) {
+ result = false;
+ }
+
+ return result;
+ }
+
+ @Override
+ public void unAuthenticate() {
+ try {
+ getLoginContext().logout();
+ user = null;
+
+ } catch (LoginException cause) {
+ cause.printStackTrace();
+ }
+ }
+
+ @Override
+ public User getUser() {
+ if (this.user == null && getLoginContext().getSubject() != null
+ && !getLoginContext().getSubject().getPrincipals().isEmpty()) {
+ this.user = new User() {
+
+ private static final long serialVersionUID = 1L;
+
+ @Override
+ public String getId() {
+ return getLoginContext().getSubject().getPrincipals().iterator().next().getName();
+ }
+
+ @Override
+ public Object getAttribute(Object key) {
+ return null;
+ }
+
+ @Override
+ public void setAttribute(Object key, Object value) {
+ }
+ };
+ }
+
+ return this.user;
+ }
+
+ public LoginContext getLoginContext() {
+ if (this.loginContext == null) {
+ this.loginContext = LoginContextFactory.createLoginContext();
+ }
+
+ return this.loginContext;
+ }
+
+ //
+ // protected LoginContext createLoginContext() {
+ // LoginContext result = null;
+ //
+ // try {
+ // result = new LoginContext(this.config.getLoginModuleName(), createCallbackHandler());
+ //
+ // } catch (LoginException cause) {
+ // throw new SecurityException(cause);
+ // }
+ //
+ // return result;
+ // }
+
+ // protected CallbackHandler createCallbackHandler() {
+ // return new CallbackHandler() {
+ //
+ // public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ // for (int i = 0; i < callbacks.length; i++) {
+ // if (callbacks[i] instanceof NameCallback) {
+ // ((NameCallback) callbacks[i]).setName(credentials.getUsername());
+ //
+ // } else if (callbacks[i] instanceof PasswordCallback) {
+ // ((PasswordCallback) callbacks[i]).setPassword(credentials.getPassword().toCharArray());
+ //
+ // } else {
+ // System.out.println("XXXXXXXXXXXXXXXXXXXXXXXXXXXX Unsupported callback " + callbacks[i]);
+ // }
+ // }
+ // }
+ // };
+ // }
+}
diff --git a/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java
new file mode 100644
index 0000000..c2f72c2
--- /dev/null
+++ b/impl/extension/jaas/src/main/java/br/gov/frameworkdemoiselle/security/JAASAuthorizer.java
@@ -0,0 +1,95 @@
+/*
+ * Demoiselle Framework
+ * Copyright (C) 2010 SERPRO
+ * ----------------------------------------------------------------------------
+ * This file is part of Demoiselle Framework.
+ *
+ * Demoiselle Framework is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License version 3
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License version 3
+ * along with this program; if not, see
+ * or write to the Free Software Foundation, Inc., 51 Franklin Street,
+ * Fifth Floor, Boston, MA 02110-1301, USA.
+ * ----------------------------------------------------------------------------
+ * Este arquivo é parte do Framework Demoiselle.
+ *
+ * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
+ * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
+ * do Software Livre (FSF).
+ *
+ * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
+ * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
+ * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
+ * para maiores detalhes.
+ *
+ * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
+ * "LICENCA.txt", junto com esse programa. Se não, acesse
+ * ou escreva para a Fundação do Software Livre (FSF) Inc.,
+ * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
+ */
+package br.gov.frameworkdemoiselle.security;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Enumeration;
+
+import javax.security.auth.login.LoginContext;
+
+import br.gov.frameworkdemoiselle.internal.producer.LoginContextFactory;
+
+public class JAASAuthorizer implements Authorizer {
+
+ private static final long serialVersionUID = 1L;
+
+ private transient LoginContext loginContext;
+
+ @Override
+ public boolean hasRole(String role) {
+ boolean result = false;
+
+ Group group;
+ Principal member;
+ Enumeration enumeration;
+
+ for (Principal principal : getLoginContext().getSubject().getPrincipals()) {
+
+ if (principal instanceof Group) {
+ group = (Group) principal;
+ enumeration = group.members();
+
+ while (enumeration.hasMoreElements()) {
+ member = (Principal) enumeration.nextElement();
+
+ System.out.println("xxxxxx: " + member.getName());
+
+ if (member.getName().equals(role)) {
+ result = true;
+ break;
+ }
+ }
+ }
+ }
+
+ return result;
+ }
+
+ public LoginContext getLoginContext() {
+ if (this.loginContext == null) {
+ this.loginContext = LoginContextFactory.createLoginContext();
+ }
+
+ return this.loginContext;
+ }
+
+ @Override
+ public boolean hasPermission(String resource, String operation) {
+ return true;
+ }
+}
diff --git a/impl/extension/jaas/src/main/resources/META-INF/beans.xml b/impl/extension/jaas/src/main/resources/META-INF/beans.xml
new file mode 100644
index 0000000..527e828
--- /dev/null
+++ b/impl/extension/jaas/src/main/resources/META-INF/beans.xml
@@ -0,0 +1,40 @@
+
+
+
+
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 6a71130..7b1b8bf 100755
--- a/pom.xml
+++ b/pom.xml
@@ -70,6 +70,7 @@
impl/extension/jta
impl/extension/se
impl/extension/servlet
+ impl/extension/jaas
archetype/minimal
archetype/jsf-jpa
documentation/quickstart
--
libgit2 0.21.2