/** * The instance method checks if for the given user the password is correct and the person is * active (status equals 10001).<br> * All exceptions which could be thrown from the test are catched. Instead a <i>false</i> is * returned. * * @param _name name of the person name to check * @param _passwd password of the person to check * @return <i>true</i> if user name and password is correct and exists, otherwise <i>false</i> is * returned * @return <i>true</i> if login is allowed and user name with password is correct * @throws FailedLoginException if login is not allowed with given user name and password (if user * does not exists or password is not correct) * @throws LoginException if an error occurs while calling the callback handler or the {@link * #checkLogin} method * @throws LoginException if user or password could not be get from the callback handler */ public final boolean login() throws LoginException { boolean ret = false; Callback[] callbacks = new Callback[2]; callbacks[0] = new NameCallback("Username: "******"Password: "******"login failed for user '" + userName + "'", e); throw new LoginException(e.toString()); } catch (UnsupportedCallbackException e) { LOG.error("login failed for user '" + userName + "'", e); throw new LoginException(e.toString()); } if (userName != null) { try { Person person = Person.getWithJAASKey(JAASSystem.getJAASSystem(this.jaasSystem), userName); if (person != null) { if (!person.checkPassword(password)) { throw new FailedLoginException("Username or password is incorrect"); } ret = true; this.principal = new PersonPrincipal(userName); if (LOG.isDebugEnabled()) { LOG.debug("login " + userName + " " + this.principal); } } } catch (EFapsException e) { LOG.error("login failed for user '" + userName + "'", e); throw new LoginException(e.toString()); } } return ret; }
/** * Adds the principal person and all found roles for the given JAAS system {@link #jaasSystem} * related to the person. * * @return <i>true</i> if authentification was successful, otherwise <i>false</i> */ public final boolean commit() throws LoginException { boolean ret = true; // If authentication was not successful, just return false if (this.principal == null) { return (false); } // Add our Principal and Related Roles to the Subject if needed if (!this.subject.getPrincipals().contains(this.principal)) { this.subject.getPrincipals().add(this.principal); try { JAASSystem jaasSystem = JAASSystem.getJAASSystem(this.jaasSystem); Person person = Person.getWithJAASKey(jaasSystem, this.principal.getName()); if (person != null) { Set<Role> roles = person.getRolesFromDB(jaasSystem); for (Role role : roles) { this.subject.getPrincipals().add(new RolePrincipal(role.getName())); } Set<Group> groups = person.getGroupsFromDB(jaasSystem); for (Group group : groups) { this.subject.getPrincipals().add(new GroupPrincipal(group.getName())); } } } catch (EFapsException e) { e.printStackTrace(); LOG.error("assign of roles to user '" + this.principal.getName() + "' not possible", e); // TODO: throw LoginException // throw new LoginException(e); } } this.committed = true; return ret; }