authmodule.java

一个用struts tiles的在线影院web系统

package com.blue.web.security.jaas;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

public class AuthModule implements LoginModule {

	private Subject subject;
	private CallbackHandler callbackHandler;
	private boolean debug = false;
	private boolean committed = false;

	protected Map sharedState;
	protected Map options;
	protected Principal principal;

	// User database provider.
	private DataProvider provider = null;

	/**
	 * Get current instance of <code>DataProvider</code>
	 * 
	 * @return instance of <code>DataProvider</code>
	 */
	public DataProvider getDataProvider() {
		if (provider == null) {
			String driver = "net.sourceforge.jtds.jdbc.Driver";
			String url = "jdbc:jtds:sqlserver://127.0.0.1:1433/MoviesDB";
			String username = "lucifer";
			String password = "19751003";

			// Attempt to load parameters from configuration file.
			String authDbConfigFile = System.getProperty("java.security.auth.db.config");
			Properties config = new Properties();
			if (authDbConfigFile != null) {
				URL configURL;
				try {
					if (authDbConfigFile.indexOf(":/") < 0)
						authDbConfigFile = "file:/" + authDbConfigFile;
					configURL = new URL(authDbConfigFile);
					config.load(configURL.openStream());

					if (config.getProperty("driver") != null)
						driver = config.getProperty("driver");
					if (config.getProperty("url") != null)
						url = config.getProperty("url");
					if (config.getProperty("username") != null)
						username = config.getProperty("username");
					if (config.getProperty("password") != null)
						password = config.getProperty("password");
				} catch (MalformedURLException e) {
					System.err.println("ERROR: open configuration file." + e);
				} catch (IOException e) {
					System.err.println("ERROR: load configuration file." + e);
				}
			}
			provider = new DataProvider(driver, url, username, password);
		}
		return provider;
	}

	/**
	 * Initializes the <code>LoginModule</code>.
	 * 
	 * @param subject
	 *            the <code>Subject</code> to be authenticated.
	 * @param callbackHandler
	 *            a <code>CallbackHandler</code> for prompting and retrieving
	 *            the userid and password from the user.
	 * @param sharedState
	 *            shared <code>LoginModule</code> state.
	 * @param options
	 *            options specified in the login configuration file for this
	 *            <code>LoginModule</code>.
	 * 
	 */
	public void initialize(Subject subject, CallbackHandler callbackHandler,
			Map sharedState, Map options) {
		System.out.println("AuthModule.initialize()");

		this.subject = subject;
		this.callbackHandler = callbackHandler;
		this.sharedState = sharedState;
		this.options = options;
		// initialize configuration options
		debug = "true".equalsIgnoreCase((String)options.get("debug"));
	}

	/**
	 * Prompts the user for a userid and password.
	 * 
	 * @return true if the authentication succeeded, or false if this
	 *         LoginModule should be ignored
	 * @exception FailedLoginException
	 *                if the authentication fails.
	 * @exception LoginException
	 *                if the <code>LoginModule</code> is unable to
	 *                authenticate.
	 */
	public boolean login() throws LoginException {
		System.out.println("AuthModule.login()");
		if (callbackHandler == null)
			throw new LoginException("Error: CallbackHandler cannot be null");
		Callback[] callbacks = { new NameCallback("userid: "),
				new PasswordCallback("password: ", false) };
		String username = null;
		String password = null;

		try {
			callbackHandler.handle(callbacks);
			username = ((NameCallback) callbacks[0]).getName();
			password = new String(((PasswordCallback)callbacks[1]).getPassword());
			// ((PasswordCallback) callbacks[1]).clearPassword();
		} catch (IOException e) {
			throw new LoginException(e.getMessage());
		} catch (UnsupportedCallbackException e) {
			throw new LoginException("Unsupported callback. " + e.getMessage());
		}
		// Debug trace.
		if(debug) {
			System.out.println("AuthModule: username = " + username);
			System.out.println("AuthModule: password = " + new String(password));
		}
		// Check the userid and password
		principal = authenticate(username, password);
		if(debug)
			System.out.println("AuthModule: login " + username + " " + principal);

        if(principal != null)
            return true;
        else
            throw new FailedLoginException("Username or password is incorrect");
	}
	
	protected Principal authenticate(String username, String password) {
		boolean validUser = false;
		try {
			validUser = this.getDataProvider().validateUser(username, password);
		} catch (Exception e) {
			e.printStackTrace();
		}
		if (validUser) {
			GenericPrincipal principal = new GenericPrincipal(username, password, getUserRoles(username));
			return principal;
		}
		return null;
	}

	public boolean commit() throws LoginException {
		System.out.println("AuthModule.commit()");
		
		if(principal == null)
			return false;
		Iterator iter = subject.getPrincipals().iterator();
		if (iter.hasNext()) {
			Principal item = (Principal)iter.next();
			System.out.println("item=" + item);
		}
		if(!subject.getPrincipals().contains(principal)) {
			subject.getPrincipals().add(principal);
		}
		committed = true;
		return true;
	}

	public boolean abort() throws LoginException {
		System.out.println("AuthModule.abort()");
	
		if(principal == null)
			// login succeeded but overall authentication failed
			return false;
		if(committed) {
			// overall authentication succeeded and commit
			// succeeded, but someone else's commit failed.
			logout();
		} else {
			committed = false;
			principal = null;
		}
		return true;
	}

	public boolean logout() throws LoginException {
		System.out.println("AuthModule.logout()");

        subject.getPrincipals().remove(principal);
        committed = false;
        principal = null;
        return true;
	}

	protected List getUserRoles(String username) {
		List roles = new ArrayList();
		try {
			roles = this.getDataProvider().getRolesForUser(username);
		} catch (Exception e) {
			e.printStackTrace();
			throw new RuntimeException(e.getMessage());
		}
		return roles;
	}
}