/**
* The instance method checks if for the given user the password is correct and the person is
* active (status equals 10001).<br>
* All exceptions which could be thrown from the test are catched. Instead a <i>false</i> is
* returned.
*
* @param _name name of the person name to check
* @param _passwd password of the person to check
* @return <i>true</i> if user name and password is correct and exists, otherwise <i>false</i> is
* returned
* @return <i>true</i> if login is allowed and user name with password is correct
* @throws FailedLoginException if login is not allowed with given user name and password (if user
* does not exists or password is not correct)
* @throws LoginException if an error occurs while calling the callback handler or the {@link
* #checkLogin} method
* @throws LoginException if user or password could not be get from the callback handler
*/
public final boolean login() throws LoginException {
boolean ret = false;
Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("Username: "******"Password: "******"login failed for user '" + userName + "'", e);
throw new LoginException(e.toString());
} catch (UnsupportedCallbackException e) {
LOG.error("login failed for user '" + userName + "'", e);
throw new LoginException(e.toString());
}
if (userName != null) {
try {
Person person = Person.getWithJAASKey(JAASSystem.getJAASSystem(this.jaasSystem), userName);
if (person != null) {
if (!person.checkPassword(password)) {
throw new FailedLoginException("Username or password is incorrect");
}
ret = true;
this.principal = new PersonPrincipal(userName);
if (LOG.isDebugEnabled()) {
LOG.debug("login " + userName + " " + this.principal);
}
}
} catch (EFapsException e) {
LOG.error("login failed for user '" + userName + "'", e);
throw new LoginException(e.toString());
}
}
return ret;
}
/**
* Adds the principal person and all found roles for the given JAAS system {@link #jaasSystem}
* related to the person.
*
* @return <i>true</i> if authentification was successful, otherwise <i>false</i>
*/
public final boolean commit() throws LoginException {
boolean ret = true;
// If authentication was not successful, just return false
if (this.principal == null) {
return (false);
}
// Add our Principal and Related Roles to the Subject if needed
if (!this.subject.getPrincipals().contains(this.principal)) {
this.subject.getPrincipals().add(this.principal);
try {
JAASSystem jaasSystem = JAASSystem.getJAASSystem(this.jaasSystem);
Person person = Person.getWithJAASKey(jaasSystem, this.principal.getName());
if (person != null) {
Set<Role> roles = person.getRolesFromDB(jaasSystem);
for (Role role : roles) {
this.subject.getPrincipals().add(new RolePrincipal(role.getName()));
}
Set<Group> groups = person.getGroupsFromDB(jaasSystem);
for (Group group : groups) {
this.subject.getPrincipals().add(new GroupPrincipal(group.getName()));
}
}
} catch (EFapsException e) {
e.printStackTrace();
LOG.error("assign of roles to user '" + this.principal.getName() + "' not possible", e);
// TODO: throw LoginException
// throw new LoginException(e);
}
}
this.committed = true;
return ret;
}
