Source Code of org.jboss.errai.bus.server.security.auth.PropertyFileLoginModule

/*
 * Copyright 2010 JBoss, a divison Red Hat, Inc
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.jboss.errai.bus.server.security.auth;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import java.security.Principal;
import java.util.Map;
import java.util.ResourceBundle;

/**
 * This simple Login Module provides a simple authentication mechanism using property files to define users and groups.<br/>
 * <br/>
 * When in use, this LoginModule will search for <tt>users.properties</tt> and <tt>roles.properties</tt>.<br/>
 * <br/>
 * <strong>Example users.properties:</strong>
 * <tt><pre>
 * john=foo123
 * mary=abc
 * </pre></tt>
 * The left-hand value is the <em>user name</em> and the right-hand value is the <em>password</em><br/>
 * <br/>
 * <strong>Example roles.properties:</strong>
 * <tt><pre>
 * john=admin,users,finance
 * mary=users,humanResources
 * </pre></tt>
 * The left-hand value is the <em>user name</em> corresponding with the user defined in the <tt>user.properties</tt> file, and
 * the right-hand value are the roles assigned to each user.
 */
public class PropertyFileLoginModule implements LoginModule {
  private String login;
  private String password;
  private Subject subject;

  public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) {
    NameCallback name = new NameCallback("Login");
    PasswordCallback password = new PasswordCallback("Password", false);
    this.subject = subject;

    try {
      callbackHandler.handle(new Callback[]{name, password});
      this.login = name.getName();
      this.password = new String(password.getPassword() == null ? new char[0] : password.getPassword());

      loadRoles();

    }
    catch (Exception e) {
      throw new RuntimeException("could not login", e);
    }
  }

  public boolean login() throws LoginException {
    ResourceBundle bundle = ResourceBundle.getBundle("users");
    String password = bundle.getString(login);
    return password != null && this.password.equals(password);
  }

  public void loadRoles() {
    ResourceBundle bundle = ResourceBundle.getBundle("roles");
    String[] roles = bundle.getString(login).split(",");

    for (final String role : roles) {
      subject.getPrincipals().add(new Principal() {
        private String name = role.trim();

        public String getName() {
          return name;
        }

        @Override
        public boolean equals(Object obj) {
          return name.equals(obj);
        }

        @Override
        public String toString() {
          return name;
        }
      });
    }


  }

  public boolean commit() throws LoginException {
    return true;
  }

  public boolean abort() throws LoginException {
    return true;
  }

  public boolean logout() throws LoginException {
    return false;  //To change body of implemented methods use File | Settings | File Templates.
  }
}