List of usage examples for javax.security.auth.callback NameCallback NameCallback
public NameCallback(String prompt)
From source file:org.josso.wls92.agent.jaas.SSOGatewayLoginModuleImpl.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.//from www .j a v a 2 s.c om * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser jossoUser = im.findUserInSession(_requester, ssoSessionId); WLSJOSSOUser wlsUser = new WLSJOSSOUser(jossoUser); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = wlsUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) logger.debug(e.getMessage()); // Only log if debug is enabled ... if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; return false; } catch (Exception e) { logger.error("Session login failed for Principal : " + _ssoUserPrincipal + e.getMessage()); // Only log if debug is enabled ... if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; clearCredentials(); throw new FailedLoginException( "Fatal error authenticating session : " + _ssoUserPrincipal + " : " + e.getMessage()); } return true; }
From source file:org.josso.wls10.agent.jaas.SSOGatewayLoginModuleImpl.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier./*from www . jav a 2s . c o m*/ * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { if (logger.isDebugEnabled()) logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser jossoUser = im.findUserInSession(_requester, ssoSessionId); WLSJOSSOUser wlsUser = new WLSJOSSOUser(jossoUser); if (logger.isDebugEnabled()) logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = wlsUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; return false; } catch (Exception e) { logger.error("Session login failed for Principal : " + _ssoUserPrincipal + e.getMessage()); // Only log if debug is enabled ... if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; clearCredentials(); throw new FailedLoginException( "Fatal error authenticating session : " + _ssoUserPrincipal + " : " + e.getMessage()); } return true; }
From source file:org.josso.jaspi.agent.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.// w ww. j a va 2 s . com * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[3]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); callbacks[2] = new NameCallback("appID"); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ((NameCallback) callbacks[2]).getName(); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(_requester, ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.marketcetera.modules.remote.receiver.ClientLoginModuleTest.java
/** * test unsupported callbacks//from w w w.j a v a2s.co m * @throws Exception if there was failure */ @Test public void unsupportedCallback() throws Exception { doNotHandleCallbacks = true; UnsupportedCallbackException uce = new UnsupportedCallbackException( new NameCallback(Messages.PROMPT_USERNAME.getText())); LoginException ex = attemptLogin(getTestUsername(), getTestPassword(), LoginException.class, uce.getMessage()); assertNotNull(ex.getCause()); assertTrue(ex.getCause() instanceof UnsupportedCallbackException); Callback callback = ((UnsupportedCallbackException) ex.getCause()).getCallback(); assertNotNull(callback); assertTrue(callback.getClass().toString(), callback instanceof NameCallback); org.junit.Assert.assertEquals(Messages.PROMPT_USERNAME.getText(), ((NameCallback) callback).getPrompt()); }
From source file:org.josso.gl2.agent.jaas.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.// www.java 2 s. com * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("JOSSO Session Identifier"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Session requested authentication to gateway : " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) //if ( logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { // logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.tc55.agent.jaas.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier./*w ww . j av a 2s. co m*/ * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(_requester, ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.tc50.agent.jaas.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier./*from w w w .j a v a 2 s . c om*/ * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(_requester, ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) //if ( logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { // logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.tc60.agent.jaas.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.//from w ww . j av a 2 s . c o m * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(_requester, ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; return false; } catch (Exception e) { logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.wls10.agent.jaas.SSOGatewayLoginModuleNoCustomPrincipalsImpl.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier./*from www.jav a2 s . c om*/ * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { if (logger.isDebugEnabled()) logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser jossoUser = im.findUserInSession(_requester, ssoSessionId); WLSUser wlsUser = new WLSUserImpl(jossoUser.getName()); if (logger.isDebugEnabled()) logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = wlsUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { logger.error("Session login failed for Principal : " + _ssoUserPrincipal + e.getMessage()); // Only log if debug is enabled ... if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; clearCredentials(); throw new FailedLoginException( "Fatal error authenticating session : " + _ssoUserPrincipal + " : " + e.getMessage()); } return true; }
From source file:org.josso.wls81.agent.jaas.SSOGatewayLoginModuleNoCustomPrincipalsImpl.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier./*w w w.j av a2 s. c o m*/ * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = (SSOAgentRequest) AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { if (logger.isDebugEnabled()) logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser jossoUser = im.findUserInSession(_requester, ssoSessionId); WLSUser wlsUser = new WLSUserImpl(jossoUser.getName()); if (logger.isDebugEnabled()) logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = wlsUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { logger.error("Session login failed for Principal : " + _ssoUserPrincipal + e.getMessage()); // Only log if debug is enabled ... if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; clearCredentials(); throw new FailedLoginException( "Fatal error authenticating session : " + _ssoUserPrincipal + " : " + e.getMessage()); } return true; }