📄 jaasrealm.java
字号:
*/
protected String userClassNames = null;
public String getUserClassNames() {
return (this.userClassNames);
}
public void setUserClassNames(String userClassNames) {
this.userClassNames = userClassNames;
userClasses.clear();
String temp = this.userClassNames;
if (temp == null) {
return;
}
while (true) {
int comma = temp.indexOf(',');
if (comma < 0) {
break;
}
userClasses.add(temp.substring(0, comma).trim());
temp = temp.substring(comma + 1);
}
temp = temp.trim();
if (temp.length() > 0) {
userClasses.add(temp);
}
}
// --------------------------------------------------------- Public Methods
/**
* Return the Principal associated with the specified username and
* credentials, if there is one; otherwise return <code>null</code>.
*
* If there are any errors with the JDBC connection, executing
* the query or anything we return null (don't authenticate). This
* event is also logged, and the connection will be closed so that
* a subsequent request will automatically re-open it.
*
* @param username Username of the Principal to look up
* @param credentials Password or other credentials to use in
* authenticating this username
*/
public Principal authenticate(String username, String credentials) {
// Establish a LoginContext to use for authentication
try {
LoginContext loginContext = null;
if( appName==null ) appName="Tomcat";
if( log.isDebugEnabled())
log.debug("Authenticating " + appName + " " + username);
// What if the LoginModule is in the container class loader ?
//
ClassLoader ocl=Thread.currentThread().getContextClassLoader();
Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader());
try {
loginContext = new LoginContext
(appName, new JAASCallbackHandler(this, username,
credentials));
} catch (Throwable e) {
log.error(sm.getString("jaasRealm.unexpectedError"), e);
return (null);
} finally {
Thread.currentThread().setContextClassLoader(ocl);
}
if( log.isDebugEnabled())
log.debug("Login context created " + username);
// Negotiate a login via this LoginContext
Subject subject = null;
try {
loginContext.login();
subject = loginContext.getSubject();
if (subject == null) {
if( log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.failedLogin", username));
return (null);
}
} catch (AccountExpiredException e) {
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.accountExpired", username));
return (null);
} catch (CredentialExpiredException e) {
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.credentialExpired", username));
return (null);
} catch (FailedLoginException e) {
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.failedLogin", username));
return (null);
} catch (LoginException e) {
log.warn(sm.getString("jaasRealm.loginException", username), e);
return (null);
} catch (Throwable e) {
log.error(sm.getString("jaasRealm.unexpectedError"), e);
return (null);
}
if( log.isDebugEnabled())
log.debug("Getting principal " + subject);
// Return the appropriate Principal for this authenticated Subject
Principal principal = createPrincipal(username, subject);
if (principal == null) {
log.debug(sm.getString("jaasRealm.authenticateFailure", username));
return (null);
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.authenticateSuccess", username));
}
return (principal);
} catch( Throwable t) {
log.error( "error ", t);
return null;
}
}
// -------------------------------------------------------- Package Methods
// ------------------------------------------------------ Protected Methods
/**
* Return a short name for this Realm implementation.
*/
protected String getName() {
return (name);
}
/**
* Return the password associated with the given principal's user name.
*/
protected String getPassword(String username) {
return (null);
}
/**
* Return the Principal associated with the given user name.
*/
protected Principal getPrincipal(String username) {
return (null);
}
/**
* Construct and return a <code>java.security.Principal</code> instance
* representing the authenticated user for the specified Subject. If no
* such Principal can be constructed, return <code>null</code>.
*
* @param subject The Subject representing the logged in user
*/
protected Principal createPrincipal(String username, Subject subject) {
// Prepare to scan the Principals for this Subject
String password = null; // Will not be carried forward
ArrayList roles = new ArrayList();
// Scan the Principals for this Subject
Iterator principals = subject.getPrincipals().iterator();
while (principals.hasNext()) {
Principal principal = (Principal) principals.next();
// No need to look further - that's our own stuff
if( principal instanceof GenericPrincipal ) {
if( log.isDebugEnabled() )
log.debug("Found old GenericPrincipal " + principal );
return principal;
}
String principalClass = principal.getClass().getName();
if( log.isDebugEnabled() )
log.info("Principal: " + principalClass + " " + principal);
if (userClasses.contains(principalClass)) {
// Override the default - which is the original user, accepted by
// the friendly LoginManager
username = principal.getName();
}
if (roleClasses.contains(principalClass)) {
roles.add(principal.getName());
}
// Same as Jboss - that's a pretty clean solution
if( (principal instanceof Group) &&
"Roles".equals( principal.getName())) {
Group grp=(Group)principal;
Enumeration en=grp.members();
while( en.hasMoreElements() ) {
Principal roleP=(Principal)en.nextElement();
roles.add( roleP.getName());
}
}
}
// Create the resulting Principal for our authenticated user
if (username != null) {
return (new GenericPrincipal(this, username, password, roles));
} else {
return (null);
}
}
// ------------------------------------------------------ Lifecycle Methods
/**
*
* Prepare for active use of the public methods of this Component.
*
* @exception LifecycleException if this component detects a fatal error
* that prevents it from being started
*/
public void start() throws LifecycleException {
// Perform normal superclass initialization
super.start();
}
/**
* Gracefully shut down active use of the public methods of this Component.
*
* @exception LifecycleException if this component detects a fatal error
* that needs to be reported
*/
public void stop() throws LifecycleException {
// Perform normal superclass finalization
super.stop();
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -