2 Copyright (C) 2004 Free Software Foundation, Inc.
4 This file is part of GNU Classpath.
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; see the file COPYING. If not, write to the
18 Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library. Thus, the terms and
23 conditions of the GNU General Public License cover the whole
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module. An independent module is a module which is not derived from
33 or based on this library. If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so. If you do not wish to do so, delete this
36 exception statement from your version. */
39 package javax
.security
.auth
.login
;
41 import gnu
.java
.security
.action
.GetSecurityPropertyAction
;
43 import java
.security
.AccessController
;
45 import java
.util
.HashMap
;
48 import javax
.security
.auth
.Subject
;
49 import javax
.security
.auth
.callback
.CallbackHandler
;
50 import javax
.security
.auth
.spi
.LoginModule
;
52 public class LoginContext
55 private static final String OTHER
= "other";
57 private final String name
;
58 private final CallbackHandler cbHandler
;
59 private final Subject subject
;
60 private final AppConfigurationEntry
[] entries
;
61 private final LoginModule
[] modules
;
62 private final Map sharedState
;
64 public LoginContext (final String name
) throws LoginException
66 this (name
, new Subject(), defaultHandler());
69 public LoginContext (final String name
, final CallbackHandler cbHandler
)
72 this (name
, new Subject(), cbHandler
);
75 public LoginContext (final String name
, final Subject subject
)
78 this (name
, subject
, defaultHandler());
81 public LoginContext (final String name
, final Subject subject
,
82 final CallbackHandler cbHandler
)
85 Configuration config
= Configuration
.getConfig();
86 AppConfigurationEntry
[] entries
= config
.getAppConfigurationEntry (name
);
88 entries
= config
.getAppConfigurationEntry (OTHER
);
90 throw new LoginException ("no configured modules for application "
92 this.entries
= entries
;
93 modules
= new LoginModule
[entries
.length
];
94 sharedState
= new HashMap();
95 for (int i
= 0; i
< entries
.length
; i
++)
96 modules
[i
] = lookupModule (entries
[i
], subject
, sharedState
);
98 this.subject
= subject
;
99 this.cbHandler
= cbHandler
;
103 * Returns the authenticated subject, or the parameter passed to one
104 * of the constructors. <code>null</code> is returned if the previous
105 * login attempt failed and there was no subject provided.
107 * @return The subject, or null.
109 public Subject
getSubject()
115 * Logs a subject in, using all login modules configured for this
116 * application. This method will call the {@link LoginModule#login()}
117 * method of each module configured for this application, stopping
118 * if a REQUISITE module fails or if a SUFFICIENT module succeeds. If
119 * the overall login attempt fails, a {@link LoginException} will be
122 * @throws LoginException If logging in fails.
124 public void login() throws LoginException
126 boolean failure
= false;
127 for (int i
= 0; i
< modules
.length
; i
++)
131 boolean result
= modules
[i
].login();
134 if (entries
[i
].getControlFlag() ==
135 AppConfigurationEntry
.LoginModuleControlFlag
.REQUISITE
)
136 throw new LoginException ("REQUISITE module " + entries
[i
].getLoginModuleName()
138 else if (entries
[i
].getControlFlag() ==
139 AppConfigurationEntry
.LoginModuleControlFlag
.REQUIRED
)
144 if (entries
[i
].getControlFlag() ==
145 AppConfigurationEntry
.LoginModuleControlFlag
.SUFFICIENT
)
149 catch (LoginException le
)
151 if (entries
[i
].getControlFlag() !=
152 AppConfigurationEntry
.LoginModuleControlFlag
.REQUISITE
)
154 for (int j
= 0; j
< modules
.length
; j
++)
160 throw new LoginException ("not all REQUIRED modules succeeded");
162 for (int i
= 0; i
< modules
.length
; i
++)
167 * Logs a subject out, cleaning up any state that may be in memory.
169 * @throws LoginException If logging out fails.
171 public void logout() throws LoginException
173 for (int i
= 0; i
< modules
.length
; i
++)
180 * Fetch the default callback handler, based on the
181 * auth.login.defaultCallbackHandler property, or null if it is not
184 private static CallbackHandler
defaultHandler()
186 GetSecurityPropertyAction act
=
187 new GetSecurityPropertyAction ("auth.login.defaultCallbackHandler");
188 String classname
= (String
) AccessController
.doPrivileged (act
);
189 if (classname
!= null)
193 return (CallbackHandler
) Class
.forName (classname
).newInstance();
195 catch (ClassNotFoundException cnfe
)
199 catch (ClassCastException cce
)
203 catch (IllegalAccessException iae
)
207 catch (InstantiationException ie
)
215 private LoginModule
lookupModule (AppConfigurationEntry entry
,
216 Subject subject
, Map sharedState
)
217 throws LoginException
219 LoginModule module
= null;
220 Exception cause
= null;
223 module
= (LoginModule
) Class
.forName (entry
.getLoginModuleName()).newInstance();
225 catch (ClassNotFoundException cnfe
)
229 catch (ClassCastException cce
)
233 catch (IllegalAccessException iae
)
237 catch (InstantiationException ie
)
244 LoginException le
= new LoginException ("could not load module "
245 + entry
.getLoginModuleName());
246 le
.initCause (cause
);
250 module
.initialize (subject
, cbHandler
, sharedState
, entry
.getOptions());