📄 desktopssologinmodule.java
字号:
/*
* DesktopSSOLoginModule.java
*
* Created on 2006年1月23日, 下午4:52
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package desktopsso.share;
import java.security.*;
import javax.security.auth.*;
import javax.security.auth.spi.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import java.io.*;
import java.util.*;
import java.io.*;
import java.nio.*;
import java.nio.channels.*;
import org.apache.commons.httpclient.*;
import org.apache.commons.httpclient.methods.GetMethod;
/**
*
* @author wangyu
*/
public class DesktopSSOLoginModule implements LoginModule {
static private String cookieName = "WangYuDesktopSSOID";
static private String Action1 = "?action=authcookie&cookiename=";
static private String Action2 = "?action=authuser&username=";
static private String SSOServiceURL = "http://wangyu.prc.sun.com:6060/SSOAuth/SSOAuth";
static private String SSOLoginPage = "http://wangyu.prc.sun.com:6060/SSOAuth/login.jsp";
private static String cookiefilepath = "C:\\Documents and Settings\\yw137672\\Application Data\\Mozilla\\Profiles\\default\\hog6z1ji.slt\\cookies.txt";
private static String cookiesign = "wangyu";
private static final int BSIZE = 50*1024;
private static final int cookieValueSize = 19;
private Subject subject;
private Principal principal;
private CallbackHandler callbackHandler;
private String username;
private char[] password;
private boolean loginSuccess;
//
// Initialize sets up the login module. sharedState and options are
// advanced features not used here
public void initialize(Subject sub, CallbackHandler cbh,
Map sharedState,Map options) {
subject = sub;
callbackHandler = cbh;
loginSuccess = false;
username = null;
clearPassword();
}
public boolean login() throws LoginException{
try {
if (Cookielogin()) return true;
} catch (IOException ex) {
ex.printStackTrace();
}
if (passwordlogin()) return true;
throw new FailedLoginException();
}
public boolean Cookielogin() throws LoginException,IOException {
String cookieValue="";
int cookieIndex =foundCookie();
if (cookieIndex<0)
return false;
else
cookieValue = getCookieValue(cookieIndex);
username = cookieAuth(cookieValue);
if (! username.equals("failed")) {
loginSuccess = true;
return true;
}
return false;
}
// The login phase gets the userid and password from the user and
// compares them to the hardcoded values "joeuser" and "joeuserpw".
public boolean passwordlogin() throws LoginException {
//
// Since we need input from a user, we need a callback handler
if (callbackHandler == null) {
throw new LoginException("No CallbackHandler defined");
}
Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("Username");
callbacks[1] = new PasswordCallback("Password", false);
//
// Call the callback handler to get the username and password
try {
callbackHandler.handle(callbacks);
username = ((NameCallback)callbacks[0]).getName();
char[] temp = ((PasswordCallback)callbacks[1]).getPassword();
password = new char[temp.length];
System.arraycopy(temp, 0, password, 0, temp.length);
((PasswordCallback)callbacks[1]).clearPassword();
} catch (IOException ioe) {
throw new LoginException(ioe.toString());
} catch (UnsupportedCallbackException uce) {
throw new LoginException(uce.toString());
}
System.out.println();
String authresult ="";
try {
authresult = userAuth(username, password);
} catch (IOException ex) {
ex.printStackTrace();
}
if (! authresult.equals("failed")) {
loginSuccess= true;
clearPassword();
try {
updateCookie(authresult);
} catch (IOException ex) {
ex.printStackTrace();
}
return true;
}
loginSuccess = false;
username = null;
clearPassword();
System.out.println( "Login: PasswordLoginModule FAIL" );
throw new FailedLoginException();
}
//
// The commit phase adds the principal if both the overall authentication
// succeeds (which is why commit was called) as well as this particular
// login module
public boolean commit() throws LoginException {
//
// Check to see if this login module succeeded
if (loginSuccess == false) {
System.out.println( "Commit: PasswordLoginModule FAIL" );
return false;
}
// If this login module succeded too, then add the new principal
// to the subject (if it does not already exist)
principal = new PrincipalImpl(username);
if (!(subject.getPrincipals().contains(principal))) {
subject.getPrincipals().add(principal);
}
username = null;
System.out.println( "DesktopSSOLoginModule SUCCESS" );
return true;
}
//
// The abort phase is called if the overall authentication fails, so
// we have to cleanup the internal state
public boolean abort() throws LoginException {
if (loginSuccess == false) {
System.out.println( "Abort: PasswordLoginModule FAIL" );
principal = null;
username = null;
return false;
}
System.out.println( "Abort: PasswordLoginModule SUCCESS" );
logout();
return true;
}
//
// The logout phase cleans up the state
public boolean logout() throws LoginException {
subject.getPrincipals().remove(principal);
loginSuccess = false;
username = null;
principal = null;
System.out.println( "Logout: PasswordLoginModule SUCCESS" );
return true;
}
//
// Private helper function to clear the password, a good programming
// practice
private void clearPassword() {
if (password == null) {
return;
}
for (int i=0;i<password.length;i++) {
password[i] = ' ';
}
password = null;
}
private int foundCookie() throws IOException{
FileChannel fr = new FileInputStream(cookiefilepath).getChannel();
ByteBuffer buff = ByteBuffer.allocate(BSIZE);
fr.read(buff);
buff.flip();
String allfile = new String(buff.array());
int offset = allfile.indexOf(cookiesign);
return offset;
}
private String cookieAuth(String cookievalue) throws IOException{
String result = "failed";
HttpClient httpclient = new HttpClient();
GetMethod httpget = new GetMethod(SSOServiceURL+Action1+cookievalue);
try {
httpclient.executeMethod(httpget);
result = httpget.getResponseBodyAsString();
} finally {
httpget.releaseConnection();
}
return result;
}
private void updateCookie(String cookie) throws IOException{
int offset = foundCookie();
if (offset > 0) {
FileChannel fc = new RandomAccessFile(cookiefilepath, "rw").getChannel();
fc.position(offset);
fc.write(ByteBuffer.wrap(cookie.getBytes()));
fc.close();
}
}
private String getCookieValue(int cookieIndex) throws IOException{
FileChannel fc = new RandomAccessFile(cookiefilepath, "rw").getChannel();
ByteBuffer buff = ByteBuffer.allocate(cookieValueSize);
fc.position(cookieIndex);
fc.read(buff);
buff.flip();
String cookievalue = new String(buff.array());
return cookievalue;
}
private String userAuth(String username, char[] password) throws IOException{
String result = "failed";
String passwd= new String(password);
HttpClient httpclient = new HttpClient();
GetMethod httpget = new GetMethod(SSOServiceURL+Action2+username+"&password="+passwd);
passwd = null;
try {
httpclient.executeMethod(httpget);
result = httpget.getResponseBodyAsString();
} finally {
httpget.releaseConnection();
}
return result;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -