List of usage examples for javax.security.auth.callback PasswordCallback PasswordCallback
public PasswordCallback(String prompt, boolean echoOn)
From source file:org.josso.wls10.agent.jaas.SSOGatewayLoginModuleImpl.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.//from ww w .ja va 2s . co m * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { if (logger.isDebugEnabled()) logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser jossoUser = im.findUserInSession(_requester, ssoSessionId); WLSJOSSOUser wlsUser = new WLSJOSSOUser(jossoUser); if (logger.isDebugEnabled()) logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = wlsUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; return false; } catch (Exception e) { logger.error("Session login failed for Principal : " + _ssoUserPrincipal + e.getMessage()); // Only log if debug is enabled ... if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; clearCredentials(); throw new FailedLoginException( "Fatal error authenticating session : " + _ssoUserPrincipal + " : " + e.getMessage()); } return true; }
From source file:org.josso.jaspi.agent.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier./* w w w.j a v a2s . c o m*/ * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[3]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); callbacks[2] = new NameCallback("appID"); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ((NameCallback) callbacks[2]).getName(); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(_requester, ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.gl2.agent.jaas.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.//w w w. ja v a 2s .com * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("JOSSO Session Identifier"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Session requested authentication to gateway : " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) //if ( logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { // logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.tc55.agent.jaas.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier./* w ww .j ava2 s.c om*/ * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(_requester, ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.tc50.agent.jaas.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.// w w w . j a v a 2s. c o m * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(_requester, ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) //if ( logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { // logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.tc60.agent.jaas.SSOGatewayLoginModule.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier./* w w w . ja v a 2s.co m*/ * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser ssoUser = im.findUserInSession(_requester, ssoSessionId); logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = ssoUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; return false; } catch (Exception e) { logger.error("Session authentication failed : " + ssoSessionId, e); _succeeded = false; clearCredentials(); throw new FailedLoginException("Fatal error authenticating session : " + e); } return true; }
From source file:org.josso.wls10.agent.jaas.SSOGatewayLoginModuleNoCustomPrincipalsImpl.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.//from ww w . j a va 2 s . co m * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { if (logger.isDebugEnabled()) logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser jossoUser = im.findUserInSession(_requester, ssoSessionId); WLSUser wlsUser = new WLSUserImpl(jossoUser.getName()); if (logger.isDebugEnabled()) logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = wlsUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { logger.error("Session login failed for Principal : " + _ssoUserPrincipal + e.getMessage()); // Only log if debug is enabled ... if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; clearCredentials(); throw new FailedLoginException( "Fatal error authenticating session : " + _ssoUserPrincipal + " : " + e.getMessage()); } return true; }
From source file:org.josso.wls81.agent.jaas.SSOGatewayLoginModuleNoCustomPrincipalsImpl.java
/** * Authenticate the user by prompting for the SSO Session Identifier assigned by the SSO Gateway on logon. * * This method obtains from the gateway, using the provided session identifier, the user associated with * such session identifier.//from w ww. j av a 2 s. c o m * Only the NameCallBack is used, since its not a user/password pair but only one value containing the session * identifier. Any other callback type is ignored. * * @return true in all cases since this LoginModule * should not be ignored. * * @exception javax.security.auth.login.FailedLoginException if the authentication fails. * * @exception javax.security.auth.login.LoginException if this LoginModule * is unable to perform the authentication. */ public boolean login() throws LoginException { if (_callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[2]; // Just ask for the session identifier callbacks[0] = new NameCallback("ssoSessionId"); callbacks[1] = new PasswordCallback("password", false); String ssoSessionId; String ssoSessionId2 = null; try { _callbackHandler.handle(callbacks); ssoSessionId = ((NameCallback) callbacks[0]).getName(); if (((PasswordCallback) callbacks[1]).getPassword() != null) ssoSessionId2 = String.valueOf(((PasswordCallback) callbacks[1]).getPassword()); _requester = ""; // Check for nulls ? SSOAgentRequest request = (SSOAgentRequest) AbstractSSOAgent._currentRequest.get(); if (request != null) _requester = request.getRequester(); else logger.warn("No SSO Agent request found in thread local variable, can't identify requester"); } catch (java.io.IOException ioe) { throw new LoginException(ioe.toString()); } catch (UnsupportedCallbackException uce) { throw new LoginException("Error: " + uce.getCallback().toString() + " not available to garner authentication information " + "from the user"); } logger.debug("Requested authentication to gateway by " + _requester + " using sso session " + ssoSessionId + "/" + ssoSessionId2); try { if (ssoSessionId2 != null && !ssoSessionId2.equals(ssoSessionId)) ssoSessionId = ssoSessionId2; // If no session is found, ignore this module. if (ssoSessionId == null) { if (logger.isDebugEnabled()) logger.debug("Session authentication failed : " + ssoSessionId); _succeeded = false; return false; } _currentSSOSessionId = ssoSessionId; SSOIdentityManagerService im = Lookup.getInstance().lookupSSOAgent().getSSOIdentityManager(); SSOUser jossoUser = im.findUserInSession(_requester, ssoSessionId); WLSUser wlsUser = new WLSUserImpl(jossoUser.getName()); if (logger.isDebugEnabled()) logger.debug("Session authentication succeeded : " + ssoSessionId); _ssoUserPrincipal = wlsUser; _succeeded = true; } catch (SSOIdentityException e) { // Ignore this ... (user does not exist for this session) if (logger.isDebugEnabled()) logger.debug(e.getMessage()); _succeeded = false; return false; } catch (Exception e) { logger.error("Session login failed for Principal : " + _ssoUserPrincipal + e.getMessage()); // Only log if debug is enabled ... if (logger.isDebugEnabled()) logger.debug(e.getMessage(), e); _succeeded = false; clearCredentials(); throw new FailedLoginException( "Fatal error authenticating session : " + _ssoUserPrincipal + " : " + e.getMessage()); } return true; }
From source file:org.gatein.sso.saml.plugin.SAML2IdpLoginModule.java
public boolean login() throws LoginException { try {//www . j a v a 2s . c o m Callback[] callbacks = new Callback[2]; callbacks[0] = new NameCallback("Username"); callbacks[1] = new PasswordCallback("Password", false); callbackHandler.handle(callbacks); String username = ((NameCallback) callbacks[0]).getName(); String password = new String(((PasswordCallback) callbacks[1]).getPassword()); ((PasswordCallback) callbacks[1]).clearPassword(); if (username == null || password == null) { return false; } boolean authenticationSuccess = validateUser(username, password); if (authenticationSuccess) { log.debug("Successful REST login request for authentication of user " + username); sharedState.put("javax.security.auth.login.name", username); return true; } else { String message = "Remote login via REST failed for username " + username; log.warn(message); throw new LoginException(message); } } catch (LoginException le) { throw le; } catch (Exception e) { log.warn("Exception during login: " + e.getMessage(), e); throw new LoginException(e.getMessage()); } }
From source file:org.efaps.jaas.xml.XMLUserLoginModule.java
/** * Method to authenticate a <code>Subject</code> (phase 1). * * <p> The implementation of this method authenticates * a <code>Subject</code>. For example, it may prompt for * <code>Subject</code> information such * as a username and password and then attempt to verify the password. * This method saves the result of the authentication attempt * as private state within the LoginModule. * * <p>//from w w w . j ava2 s .co m * * @exception LoginException if the authentication fails * * @return true if the authentication succeeded, or false if this * <code>LoginModule</code> should be ignored. */ public final boolean login() throws LoginException { boolean ret = false; final Callback[] callbacks = new Callback[3]; callbacks[0] = new ActionCallback(); callbacks[1] = new NameCallback("Username: "); callbacks[2] = new PasswordCallback("Password: ", false); // Interact with the user to retrieve the username and password String userName = null; String password = null; try { this.callbackHandler.handle(callbacks); this.mode = ((ActionCallback) callbacks[0]).getMode(); userName = ((NameCallback) callbacks[1]).getName(); if (((PasswordCallback) callbacks[2]).getPassword() != null) { password = new String(((PasswordCallback) callbacks[2]).getPassword()); } } catch (final IOException e) { throw new LoginException(e.toString()); } catch (final UnsupportedCallbackException e) { throw new LoginException(e.toString()); } if (this.mode == ActionCallback.Mode.ALL_PERSONS) { ret = true; } else if (this.mode == ActionCallback.Mode.PERSON_INFORMATION) { this.person = this.allPersons.get(userName); if (this.person != null) { if (XMLUserLoginModule.LOG.isDebugEnabled()) { XMLUserLoginModule.LOG.debug("found '" + this.person + "'"); } ret = true; } } else { this.person = this.allPersons.get(userName); if (this.person != null) { if ((password == null) || ((password != null) && !password.equals(this.person.getPassword()))) { XMLUserLoginModule.LOG .error("person '" + this.person + "' tried to log in with wrong password"); this.person = null; throw new FailedLoginException("Username or password is incorrect"); } if (XMLUserLoginModule.LOG.isDebugEnabled()) { XMLUserLoginModule.LOG.debug("log in of '" + this.person + "'"); } this.mode = ActionCallback.Mode.LOGIN; ret = true; } } return ret; }