You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2010/09/22 00:31:23 UTC
svn commit: r999674 -
/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/realm/providers/CertificatePropertiesFileLoginModule.java
Author: djencks
Date: Tue Sep 21 22:31:23 2010
New Revision: 999674
URL: http://svn.apache.org/viewvc?rev=999674&view=rev
Log:
GERONIMO-5619 make CertificatePropertiesFileLoginModule work with jetty
Modified:
geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/realm/providers/CertificatePropertiesFileLoginModule.java
Modified: geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/realm/providers/CertificatePropertiesFileLoginModule.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/realm/providers/CertificatePropertiesFileLoginModule.java?rev=999674&r1=999673&r2=999674&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/realm/providers/CertificatePropertiesFileLoginModule.java (original)
+++ geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/realm/providers/CertificatePropertiesFileLoginModule.java Tue Sep 21 22:31:23 2010
@@ -35,6 +35,7 @@ import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.login.FailedLoginException;
@@ -157,26 +158,51 @@ public class CertificatePropertiesFileLo
callbacks[0] = new CertificateCallback();
try {
handler.handle(callbacks);
+ assert callbacks.length == 1;
+ X509Certificate certificate = ((CertificateCallback)callbacks[0]).getCertificate();
+ if (certificate == null) {
+ throw new FailedLoginException();
+ }
+ principal = certificate.getSubjectX500Principal();
+
+ if(!users.containsKey(principal.getName())) {
+ // Clear out the private state
+ principal = null;
+ throw new FailedLoginException();
+ }
+
+ loginSucceeded = true;
+ return true;
} catch (IOException ioe) {
throw (LoginException) new LoginException().initCause(ioe);
} catch (UnsupportedCallbackException uce) {
+ //try username/pw callbacks
+ callbacks[0] = new NameCallback("User name");
+ try {
+ handler.handle(callbacks);
+ assert callbacks.length == 1;
+ String name = ((NameCallback)callbacks[0]).getName();
+ if (name == null) {
+ throw new FailedLoginException();
+ }
+ principal = new X500Principal(name);
+ //this normalizes the name by removing spaces
+ name = principal.getName();
+ if(!users.containsKey(name)) {
+ // Clear out the private state
+ principal = null;
+ throw new FailedLoginException();
+ }
+ principal = new X500Principal(name);
+ loginSucceeded = true;
+ return true;
+ } catch (IOException ioe) {
+ throw (LoginException) new LoginException().initCause(ioe);
+ } catch (UnsupportedCallbackException uce2) {
+ //fall through
+ }
throw (LoginException) new LoginException().initCause(uce);
}
- assert callbacks.length == 1;
- X509Certificate certificate = ((CertificateCallback)callbacks[0]).getCertificate();
- if (certificate == null) {
- throw new FailedLoginException();
- }
- principal = certificate.getSubjectX500Principal();
-
- if(!users.containsKey(principal.getName())) {
- // Clear out the private state
- principal = null;
- throw new FailedLoginException();
- }
-
- loginSucceeded = true;
- return true;
}
/*