コード例 #1
0
 /**
  * @return a Collection of principals that contains the current user principal and all groups it
  *     is member of.
  */
 protected Set<Principal> getPrincipals() {
   // use linked HashSet instead of HashSet in order to maintain the order
   // of principals (as in the Subject).
   Set<Principal> principals = new LinkedHashSet<Principal>();
   principals.add(principal);
   PrincipalIterator groups = principalProvider.getGroupMembership(principal);
   while (groups.hasNext()) {
     principals.add(groups.nextPrincipal());
   }
   return principals;
 }
コード例 #2
0
  /**
   * Initialize this LoginModule and sets the following fields for later usage:
   *
   * <ul>
   *   <li>{@link PrincipalProvider} for user-{@link Principal} resolution.
   *   <li>{@link LoginModuleConfig#PARAM_ADMIN_ID} option is evaluated
   *   <li>{@link LoginModuleConfig#PARAM_ANONYMOUS_ID} option is evaluated
   * </ul>
   *
   * Implementations are called via {@link #doInit(CallbackHandler, Session, Map)} to implement
   * additional initialization
   *
   * @param subject the <code>Subject</code> to be authenticated.
   *     <p>
   * @param callbackHandler a <code>CallbackHandler</code> for communicating with the end user
   *     (prompting for usernames and passwords, for example).
   *     <p>
   * @param sharedState state shared with other configured LoginModules.
   *     <p>
   * @param options options specified in the login <code>Configuration</code> for this particular
   *     <code>LoginModule</code>.
   * @see LoginModule#initialize(Subject, CallbackHandler, Map, Map)
   * @see #doInit(CallbackHandler, Session, Map)
   * @see #isInitialized()
   */
  public void initialize(
      Subject subject,
      CallbackHandler callbackHandler,
      Map<String, ?> sharedState,
      Map<String, ?> options) {
    // common jaas state variables
    this.callbackHandler = callbackHandler;
    this.subject = subject;
    this.sharedState = sharedState;

    // initialize the login module
    try {
      log.debug("Initialize LoginModule: ");
      RepositoryCallback repositoryCb = new RepositoryCallback();
      callbackHandler.handle(new Callback[] {repositoryCb});

      PrincipalProviderRegistry registry = repositoryCb.getPrincipalProviderRegistry();
      // check if the class name of a PrincipalProvider implementation
      // is present with the module configuration.
      if (options.containsKey(LoginModuleConfig.PARAM_PRINCIPAL_PROVIDER_CLASS)) {
        Object pcOption = options.get(LoginModuleConfig.PARAM_PRINCIPAL_PROVIDER_CLASS);
        if (pcOption != null) {
          principalProviderClassName = pcOption.toString();
        }
      }
      if (principalProviderClassName == null) {
        // try compatibility parameters
        if (options.containsKey(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_NAME)) {
          principalProviderClassName =
              options.get(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_NAME).toString();
        } else if (options.containsKey(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_CLASS)) {
          principalProviderClassName =
              options.get(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_CLASS).toString();
        }
      }
      if (principalProviderClassName != null) {
        principalProvider = registry.getProvider(principalProviderClassName);
      }
      if (principalProvider == null) {
        principalProvider = registry.getDefault();
        if (principalProvider == null) {
          return; // abort. not even a default principal provider
        }
      }
      log.debug("- PrincipalProvider -> '" + principalProvider.getClass().getName() + "'");

      // call implementation for additional setup
      doInit(callbackHandler, repositoryCb.getSession(), options);

      // adminId: if not present in options -> retrieve from callback
      if (options.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
        adminId = (String) options.get(LoginModuleConfig.PARAM_ADMIN_ID);
      }
      if (adminId == null) {
        adminId = repositoryCb.getAdminId();
      }
      // anonymousId: if not present in options -> retrieve from callback
      if (options.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
        anonymousId = (String) options.get(LoginModuleConfig.PARAM_ANONYMOUS_ID);
      }
      if (anonymousId == null) {
        anonymousId = repositoryCb.getAnonymousId();
      }
      // trusted credentials attribute name (may be missing to not
      // support) (normalized to null aka missing aka unset if an empty
      // string)
      preAuthAttributeName = (String) options.get(PRE_AUTHENTICATED_ATTRIBUTE_OPTION);
      if (preAuthAttributeName != null && preAuthAttributeName.length() == 0) {
        preAuthAttributeName = null;
      }

      // log config values for debug
      if (log.isDebugEnabled()) {
        for (String option : options.keySet()) {
          log.debug("- Option: " + option + " -> '" + options.get(option) + "'");
        }
      }
      initialized = (this.subject != null);

    } catch (Exception e) {
      log.error("LoginModule failed to initialize.", e);
    }
  }