@Override public void initialize( Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) { Preconditions.checkNotNull(callbackHandler, "Callback handler null"); accountStore = AccountStoreHolder.getAccountStore(); status = Status.NOT; this.subject = subject; this.callbackHandler = callbackHandler; }
@Override public boolean login() throws LoginException { NameCallback nameCallback = new NameCallback("Username"); PasswordCallback passwordCallback = new PasswordCallback("Password", false); Callback callbacks[] = new Callback[] {nameCallback, passwordCallback}; try { callbackHandler.handle(callbacks); } catch (java.io.IOException e) { throw new LoginException(e.toString()); } catch (UnsupportedCallbackException e) { throw new LoginException("Error: " + e.getCallback().toString()); } boolean success; ParticipantId id = null; String address = nameCallback.getName(); if (!address.contains(ParticipantId.DOMAIN_PREFIX)) { address = address + ParticipantId.DOMAIN_PREFIX + AccountStoreHolder.getDefaultDomain(); } try { id = ParticipantId.of(address); AccountData account = accountStore.getAccount(id); char[] password = passwordCallback.getPassword(); if (account == null) { // The user doesn't exist. Auth failed. success = false; } else if (!account.isHuman()) { // The account is owned by a robot. Auth failed. success = false; } else if (password == null) { // Null password provided by callback. We require a password (even an empty one). success = false; } else if (!account.asHuman().getPasswordDigest().verify(password)) { // The supplied password doesn't match. Auth failed. success = false; } else { success = true; } } catch (InvalidParticipantAddress e) { // The supplied user address is invalid. Auth failed. success = false; } catch (PersistenceException e) { LOG.severe("Failed to retreive account data for " + id, e); throw new LoginException( "An unexpected error occured while trying to retrieve account information!"); } // The password is zeroed before it gets GC'ed for memory security. passwordCallback.clearPassword(); if (success) { principal = new ParticipantPrincipal(id); status = Status.OK; return true; } else { return false; } }