logincontext.java
来自「java jdk 1.4的源码」· Java 代码 · 共 840 行 · 第 1/3 页
JAVA
840 行
* that <code>Requisite</code> and <code>Sufficient</code> semantics are * ignored for this method. This guarantees that proper cleanup * and state restoration can take place. * * <p> * * @exception LoginException if the logout fails. */ public void logout() throws LoginException { if (subject == null) { throw new LoginException(ResourcesMgr.getString ("null subject - logout called before login")); } invokeModule(LOGOUT_METHOD); } /** * Return the authenticated Subject. * * <p> * * @return the authenticated Subject. If authentication fails * and a Subject was not provided to this LoginContext's * constructor, this method returns <code>null</code>. * Otherwise, this method returns the provided Subject. */ public Subject getSubject() { if (!loginSucceeded && !subjectProvided) return null; return subject; } private void throwException(LoginException originalError, LoginException le) throws LoginException { LoginException error = (originalError != null) ? originalError : le; throw error; } /** * Invokes the login, commit, and logout methods * from a LoginModule inside a doPrivileged block. */ private void invokeModule(String methodName) throws LoginException { try { final String finalName = methodName; java.security.AccessController.doPrivileged (new java.security.PrivilegedExceptionAction() { public Object run() throws LoginException { invoke(finalName); return null; } }); } catch (java.security.PrivilegedActionException pae) { throw (LoginException)pae.getException(); } } private void invoke(String methodName) throws LoginException { LoginException firstError = null; LoginException firstRequiredError = null; boolean success = false; for (int i = 0; i < moduleStack.length; i++) { try { int mIndex = 0; Method[] methods = null; if (moduleStack[i].module != null) { methods = moduleStack[i].module.getClass().getMethods(); } else { // instantiate the LoginModule Class c = Class.forName (moduleStack[i].entry.getLoginModuleName(), true, contextClassLoader); Constructor constructor = c.getConstructor(PARAMS); Object[] args = { }; // allow any object to be a LoginModule // as long as it conforms to the interface moduleStack[i].module = constructor.newInstance(args); methods = moduleStack[i].module.getClass().getMethods(); // call the LoginModule's initialize method for (mIndex = 0; mIndex < methods.length; mIndex++) { if (methods[mIndex].getName().equals(INIT_METHOD)) break; } Object[] initArgs = {subject, callbackHandler, state, moduleStack[i].entry.getOptions() }; // invoke the LoginModule initialize method methods[mIndex].invoke(moduleStack[i].module, initArgs); } // find the requested method in the LoginModule for (mIndex = 0; mIndex < methods.length; mIndex++) { if (methods[mIndex].getName().equals(methodName)) break; } // set up the arguments to be passed to the LoginModule method Object[] args = { }; // invoke the LoginModule method boolean status = ((Boolean)methods[mIndex].invoke (moduleStack[i].module, args)).booleanValue(); if (status == true) { // if SUFFICIENT, return if no prior REQUIRED errors if (!methodName.equals(ABORT_METHOD) && !methodName.equals(LOGOUT_METHOD) && moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT && firstRequiredError == null) { if (debug != null) debug.println(methodName + " SUFFICIENT success"); return; } if (debug != null) debug.println(methodName + " success"); success = true; } else { if (debug != null) debug.println(methodName + " ignored"); } } catch (NoSuchMethodException nsme) { MessageFormat form = new MessageFormat(ResourcesMgr.getString ("unable to instantiate LoginModule, module, because " + "it does not provide a no-argument constructor")); Object[] source = {moduleStack[i].entry.getLoginModuleName()}; throw new LoginException(form.format(source)); } catch (InstantiationException ie) { throw new LoginException(ResourcesMgr.getString ("unable to instantiate LoginModule: ") + ie.getMessage()); } catch (ClassNotFoundException cnfe) { throw new LoginException(ResourcesMgr.getString ("unable to find LoginModule class: ") + cnfe.getMessage()); } catch (IllegalAccessException iae) { throw new LoginException(ResourcesMgr.getString ("unable to access LoginModule: ") + iae.getMessage()); } catch (InvocationTargetException ite) { // failure cases LoginException le; if (ite.getTargetException() instanceof LoginException) { le = (LoginException)ite.getCause(); } else { // capture an unexpected LoginModule exception java.io.StringWriter sw = new java.io.StringWriter(); ite.getCause().printStackTrace (new java.io.PrintWriter(sw)); sw.flush(); le = new LoginException(sw.toString()); } if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUISITE) { if (debug != null) debug.println(methodName + " REQUISITE failure"); // if REQUISITE, then immediately throw an exception if (methodName.equals(ABORT_METHOD) || methodName.equals(LOGOUT_METHOD)) { if (firstRequiredError == null) firstRequiredError = le; } else { throwException(firstRequiredError, le); } } else if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) { if (debug != null) debug.println(methodName + " REQUIRED failure"); // mark down that a REQUIRED module failed if (firstRequiredError == null) firstRequiredError = le; } else { if (debug != null) debug.println(methodName + " OPTIONAL failure"); // mark down that an OPTIONAL module failed if (firstError == null) firstError = le; } } } // we went thru all the LoginModules. if (firstRequiredError != null) { // a REQUIRED module failed -- return the error throwException(firstRequiredError, null); } else if (success == false && firstError != null) { // no module succeeded -- return the first error throwException(firstError, null); } else if (success == false) { // no module succeeded -- all modules were IGNORED throwException(new LoginException (ResourcesMgr.getString("Login Failure: all modules ignored")), null); } else { // success return; } } /** * Wrap the application-provided CallbackHandler in our own * and invoke it within a privileged block, constrained by * the caller's AccessControlContext. */ private static class SecureCallbackHandler implements CallbackHandler { private final java.security.AccessControlContext acc; private final CallbackHandler ch; SecureCallbackHandler(java.security.AccessControlContext acc, CallbackHandler ch) { this.acc = acc; this.ch = ch; } public void handle(Callback[] callbacks) throws java.io.IOException, UnsupportedCallbackException { try { final Callback[] finalCallbacks = callbacks; java.security.AccessController.doPrivileged (new java.security.PrivilegedExceptionAction() { public Object run() throws java.io.IOException, UnsupportedCallbackException { ch.handle(finalCallbacks); return null; } }, acc); } catch (java.security.PrivilegedActionException pae) { if (pae.getException() instanceof java.io.IOException) { throw (java.io.IOException)pae.getException(); } else { throw (UnsupportedCallbackException)pae.getException(); } } } } /** * LoginModule information - * incapsulates Configuration info and actual module instances */ private static class ModuleInfo { AppConfigurationEntry entry; Object module; ModuleInfo(AppConfigurationEntry newEntry, Object newModule) { this.entry = newEntry; this.module = newModule; } }}
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?