You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rm...@apache.org on 2012/02/09 11:16:30 UTC
svn commit: r1242260 - in
/openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh:
OpenEJBCommands.java OpenEJBJaasPasswordAuthenticator.java
OpenEJBShellFactory.java
Author: rmannibucau
Date: Thu Feb 9 10:16:29 2012
New Revision: 1242260
URL: http://svn.apache.org/viewvc?rev=1242260&view=rev
Log:
using a bit more jaas for ssh module
Modified:
openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBCommands.java
openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBJaasPasswordAuthenticator.java
openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBShellFactory.java
Modified: openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBCommands.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBCommands.java?rev=1242260&r1=1242259&r2=1242260&view=diff
==============================================================================
--- openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBCommands.java (original)
+++ openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBCommands.java Thu Feb 9 10:16:29 2012
@@ -21,15 +21,21 @@ import org.apache.sshd.server.Command;
import org.apache.sshd.server.Environment;
import org.apache.sshd.server.ExitCallback;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
+import java.security.PrivilegedAction;
public class OpenEJBCommands extends CliRunnable implements Command, Runnable {
private ExitCallback cbk;
+ private final LoginContext loginContext;
- public OpenEJBCommands(String bind, int port, String username) {
- super(bind, port, username, "\r\n"); // don't use os line.separator
+ public OpenEJBCommands(String bind, int port, String username, LoginContext lc) {
+ super(bind, port, username, "\r\n");
+ loginContext = lc;
}
@Override
@@ -65,8 +71,19 @@ public class OpenEJBCommands extends Cli
@Override
public void run() {
try {
- super.run();
+ Subject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>() {
+ @Override
+ public Object run() {
+ OpenEJBCommands.super.run();
+ return null;
+ }
+ });
} finally {
+ try {
+ loginContext.logout();
+ } catch (LoginException e) {
+ // ignored
+ }
cbk.onExit(0);
}
}
Modified: openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBJaasPasswordAuthenticator.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBJaasPasswordAuthenticator.java?rev=1242260&r1=1242259&r2=1242260&view=diff
==============================================================================
--- openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBJaasPasswordAuthenticator.java (original)
+++ openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBJaasPasswordAuthenticator.java Thu Feb 9 10:16:29 2012
@@ -18,6 +18,15 @@ package org.apache.openejb.server.ssh;
import org.apache.sshd.server.jaas.JaasPasswordAuthenticator;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginContext;
+import java.io.IOException;
+
public class OpenEJBJaasPasswordAuthenticator extends JaasPasswordAuthenticator {
private OpenEJBShellFactory shellFactory;
@@ -27,10 +36,27 @@ public class OpenEJBJaasPasswordAuthenti
@Override
public boolean authenticate(final String username, final String password) {
- if (super.authenticate(username, password)) {
+ try {
+ final Subject subject = new Subject();
+ final LoginContext loginContext = new LoginContext(getDomain(), subject, new CallbackHandler() {
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof NameCallback) {
+ ((NameCallback) callbacks[i]).setName(username);
+ } else if (callbacks[i] instanceof PasswordCallback) {
+ ((PasswordCallback) callbacks[i]).setPassword(password.toCharArray());
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i]);
+ }
+ }
+ }
+ });
+ loginContext.login();
shellFactory.setUsername(username);
+ shellFactory.setLoginContext(loginContext);
return true;
+ } catch (Exception e) {
+ return false;
}
- return false;
}
}
Modified: openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBShellFactory.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBShellFactory.java?rev=1242260&r1=1242259&r2=1242260&view=diff
==============================================================================
--- openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBShellFactory.java (original)
+++ openejb/trunk/openejb/server/openejb-ssh/src/main/java/org/apache/openejb/server/ssh/OpenEJBShellFactory.java Thu Feb 9 10:16:29 2012
@@ -19,10 +19,13 @@ package org.apache.openejb.server.ssh;
import org.apache.sshd.common.Factory;
import org.apache.sshd.server.Command;
+import javax.security.auth.login.LoginContext;
+
public class OpenEJBShellFactory implements Factory<Command> {
private String bind;
private int port;
private ThreadLocal<String> username = new ThreadLocal<String>();
+ private ThreadLocal<LoginContext> loginContext = new ThreadLocal<LoginContext>();
public OpenEJBShellFactory(String bind, int port) {
this.bind = bind;
@@ -31,10 +34,14 @@ public class OpenEJBShellFactory impleme
@Override
public Command create() {
- return new OpenEJBCommands(bind, port, username.get());
+ return new OpenEJBCommands(bind, port, username.get(), loginContext.get());
}
- public void setUsername(String username) {
+ public void setUsername(final String username) {
this.username.set(username);
}
+
+ public void setLoginContext(final LoginContext lc) {
+ loginContext.set(lc);
+ }
}