/** * The instance method checks if for the given user the password is correct and the person is * active (status equals 10001).<br> * All exceptions which could be thrown from the test are catched. Instead a <i>false</i> is * returned. * * @param _name name of the person name to check * @param _passwd password of the person to check * @return <i>true</i> if user name and password is correct and exists, otherwise <i>false</i> is * returned * @return <i>true</i> if login is allowed and user name with password is correct * @throws FailedLoginException if login is not allowed with given user name and password (if user * does not exists or password is not correct) * @throws LoginException if an error occurs while calling the callback handler or the {@link * #checkLogin} method * @throws LoginException if user or password could not be get from the callback handler */ public final boolean login() throws LoginException { boolean ret = false; Callback[] callbacks = new Callback[2]; callbacks[0] = new NameCallback("Username: "******"Password: "******"login failed for user '" + userName + "'", e); throw new LoginException(e.toString()); } catch (UnsupportedCallbackException e) { LOG.error("login failed for user '" + userName + "'", e); throw new LoginException(e.toString()); } if (userName != null) { try { Person person = Person.getWithJAASKey(JAASSystem.getJAASSystem(this.jaasSystem), userName); if (person != null) { if (!person.checkPassword(password)) { throw new FailedLoginException("Username or password is incorrect"); } ret = true; this.principal = new PersonPrincipal(userName); if (LOG.isDebugEnabled()) { LOG.debug("login " + userName + " " + this.principal); } } } catch (EFapsException e) { LOG.error("login failed for user '" + userName + "'", e); throw new LoginException(e.toString()); } } return ret; }
/** * For current thread a new context object must be created * * @param _transaction transaction of the new thread * @param _userName name of current user to set * @return new context of thread * @throws EFapsException if current thread context is alread set * @see #threadContext */ public static Context newThreadContext( final Transaction _transaction, final String _userName, final Locale _locale) throws EFapsException { Context context = new Context(_transaction, null, null); setThreadContext(context); if (_userName != null) { context.setPerson(Person.get(_userName)); } context.setLocale(_locale); return context; }
/** * Adds the principal person and all found roles for the given JAAS system {@link #jaasSystem} * related to the person. * * @return <i>true</i> if authentification was successful, otherwise <i>false</i> */ public final boolean commit() throws LoginException { boolean ret = true; // If authentication was not successful, just return false if (this.principal == null) { return (false); } // Add our Principal and Related Roles to the Subject if needed if (!this.subject.getPrincipals().contains(this.principal)) { this.subject.getPrincipals().add(this.principal); try { JAASSystem jaasSystem = JAASSystem.getJAASSystem(this.jaasSystem); Person person = Person.getWithJAASKey(jaasSystem, this.principal.getName()); if (person != null) { Set<Role> roles = person.getRolesFromDB(jaasSystem); for (Role role : roles) { this.subject.getPrincipals().add(new RolePrincipal(role.getName())); } Set<Group> groups = person.getGroupsFromDB(jaasSystem); for (Group group : groups) { this.subject.getPrincipals().add(new GroupPrincipal(group.getName())); } } } catch (EFapsException e) { e.printStackTrace(); LOG.error("assign of roles to user '" + this.principal.getName() + "' not possible", e); // TODO: throw LoginException // throw new LoginException(e); } } this.committed = true; return ret; }
/** * The instance method checks if for the given user the password is correct. The test itself is * done with * * @param _name name of the person name to check * @param _passwd password of the person to check * @see #checkLogin */ protected boolean checkLogin(final String _name, final String _passwd) { boolean ret = false; try { LoginContext login = new LoginContext(this.application, new LoginCallBackHandler(_name, _passwd)); login.login(); Person person = null; for (JAASSystem system : JAASSystem.getAllJAASSystems()) { Set users = login.getSubject().getPrincipals(system.getPersonJAASPrincipleClass()); System.out.println("---------------------->users=" + users); for (Object persObj : users) { try { String persKey = (String) system.getPersonMethodKey().invoke(persObj, null); Person foundPerson = Person.getWithJAASKey(system, persKey); if (foundPerson == null) { // TODO: JAASKey for person must be added!!! } else if (person == null) { person = foundPerson; } else if (person.getId() != foundPerson.getId()) { LOG.error( "For JAAS system " + system.getName() + " " + "person with key '" + persKey + "' is not unique!" + "Have found person '" + person.getName() + "' " + "(id = " + person.getId() + ") and person " + "'" + foundPerson.getName() + "' " + "(id = " + foundPerson.getId() + ")."); // TODO: throw exception!! } } catch (IllegalAccessException e) { LOG.error("could not execute person key method for system " + system.getName(), e); // TODO: throw exception!! } catch (IllegalArgumentException e) { LOG.error("could not execute person key method for system " + system.getName(), e); // TODO: throw exception!! } catch (InvocationTargetException e) { LOG.error("could not execute person key method for system " + system.getName(), e); // TODO: throw exception!! } } } if (person == null) { for (JAASSystem system : JAASSystem.getAllJAASSystems()) { Set users = login.getSubject().getPrincipals(system.getPersonJAASPrincipleClass()); for (Object persObj : users) { try { String persKey = (String) system.getPersonMethodKey().invoke(persObj, null); if (person == null) { person = Person.createPerson(system, persKey, persKey); } else { person.assignToJAASSystem(system, persKey); } } catch (IllegalAccessException e) { LOG.error("could not execute person key method for system " + system.getName(), e); // TODO: throw exception!! } catch (IllegalArgumentException e) { LOG.error("could not execute person key method for system " + system.getName(), e); // TODO: throw exception!! } catch (InvocationTargetException e) { LOG.error("could not execute person key method for system " + system.getName(), e); // TODO: throw exception!! } } } } person.cleanUp(); for (JAASSystem system : JAASSystem.getAllJAASSystems()) { if (system.getRoleJAASPrincipleClass() != null) { Set rolesJaas = login.getSubject().getPrincipals(system.getRoleJAASPrincipleClass()); Set<Role> rolesEfaps = new HashSet<Role>(); for (Object roleObj : rolesJaas) { try { String roleKey = (String) system.getRoleMethodKey().invoke(roleObj, null); Role roleEfaps = Role.getWithJAASKey(system, roleKey); if (roleEfaps != null) { rolesEfaps.add(roleEfaps); } } catch (IllegalAccessException e) { LOG.error("could not execute role key method for system " + system.getName(), e); } catch (IllegalArgumentException e) { LOG.error("could not execute role key method for system " + system.getName(), e); } catch (InvocationTargetException e) { LOG.error("could not execute role key method for system " + system.getName(), e); } } person.setRoles(system, rolesEfaps); } } ret = true; } catch (EFapsException e) { e.printStackTrace(); LOG.error("login failed for '" + _name + "'", e); } catch (LoginException e) { e.printStackTrace(); LOG.error("login failed for '" + _name + "'", e); } return ret; }