passwordloginmodule.java

《Master EJB 第二版》

package examples;

import java.util.*;
import javax.naming.Context;
import javax.security.auth.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.*;

/**
 * Sample login module that performs password authentication.
 *
 * The purpose of this class is to actually go out and perform
 * the authentication.
 */
public class PasswordLoginModule implements LoginModule {
 private Subject subject = null;

 /**
  * Initializes us.  We set ourselves to the particular
  * subject which we will later authenticate.
  */
 public void initialize(Subject subject,
                        CallbackHandler callbackHandler,
                        Map sharedState,
                        Map options) 
 {
  this.subject = subject;
 }

 /**
  * This method authenticates the user.  It is called when
  * the client tries to login in.
  *
  * Our method implementation contains the vendor-specific way
  * to access our permanent storage of usernames and passwords.
  *
  * Note that while this code is not portable, it is 100%
  * hidden from your application code behind the LoginModule.
  * The intention is that you develop a different LoginModule
  * for each J2EE server.
  *
  * In this case, BEA has provided us with a helper class that
  * talks JNDI to the Weblogic server, and the server then goes
  * to whatever the currently configured security realm is,
  * such as a file, RDBMS, or LDAP server.
  */
 public boolean login() throws LoginException 
 {
  try {
   /*
    * Authenticate the user's credentials, populating Subject
    *
    * Note: In a real application, we would not hardcode the
    * username and password.  Rather, we would write a reusable
    * LoginModule that would work with any username and password.
    * We would then write a special callback handler that knows
    * how to interact with the user, such as prompting the user
    * for a password.  We would then call that callback handler
    * here.
    */
   weblogic.jndi.Environment env =
    new weblogic.jndi.Environment(System.getProperties());
   env.setSecurityPrincipal("guest");
   env.setSecurityCredentials("guest");
   
   weblogic.security.auth.Authenticate.authenticate(
    env, subject);

   /*
    * Return that we have successfully authenticated
    * the subject
    */
   return true;
  }
  catch (Exception e) {
   throw new LoginException(e.toString());
  }
 }

 /**
  * This method is called if the overall authentication
  * succeeded (even if this particular login module
  * failed).  This could happen if there are other login
  * modules involved with the authentication process.
  *
  * This is our chance to perform additional operations,
  * but since we are so simple, we don't do anything.
  *
  * @return true if this method executes properly
  */
 public boolean commit() throws LoginException {
  return true;
 }

 /**
  * This method is called if the overall authentication
  * failed (even if this particular login module
  * succeeded).  This could happen if there are other
  * login modules involved with the authentication
  * process.
  *
  * This is our chance to perform additional operations,
  * but since we are so simple, we don't do anything.
  *
  * @return true if this method executes properly
  */
 public boolean abort() throws LoginException {
  return true;
 }

 /**
  * Logout the user.
  *
  * @return true if this method executes properly
  */
 public boolean logout() throws LoginException {
  return true;
 }
}