Created
February 9, 2014 15:00
-
-
Save seraphy/8900268 to your computer and use it in GitHub Desktop.
JAASを単純なログインとして用いる例。(セキュリティの機能はない。)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package jp.seraphyware.authtest; | |
import java.io.IOException; | |
import java.util.HashMap; | |
import javax.security.auth.callback.Callback; | |
import javax.security.auth.callback.CallbackHandler; | |
import javax.security.auth.callback.NameCallback; | |
import javax.security.auth.callback.PasswordCallback; | |
import javax.security.auth.callback.UnsupportedCallbackException; | |
import javax.security.auth.login.AppConfigurationEntry; | |
import javax.security.auth.login.Configuration; | |
import javax.security.auth.login.LoginContext; | |
public class Main { | |
/** | |
* プログラム側からJAASを構築する.<br> | |
* policy.jaasファイル等は使用しない.<br> | |
*/ | |
private static void initAuthConfiguration() { | |
final AppConfigurationEntry[] entries = new AppConfigurationEntry[] { | |
new AppConfigurationEntry( | |
SimpleLoginModule.class.getCanonicalName(), | |
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, | |
new HashMap<String, Object>()) | |
}; | |
final Configuration authConf = new Configuration() { | |
@Override | |
public AppConfigurationEntry[] getAppConfigurationEntry(String configurationName) { | |
System.out.println("getAppConfigurationEntry name=" + configurationName); | |
return entries; | |
} | |
}; | |
Configuration.setConfiguration(authConf); | |
} | |
public static final void main(final String[] args) throws Exception { | |
initAuthConfiguration(); | |
final String userName = "system"; | |
final String password = "manager"; | |
final CallbackHandler handler = new CallbackHandler() { | |
@Override | |
public void handle(Callback[] v_callbacks) throws IOException, UnsupportedCallbackException { | |
if (v_callbacks != null) { | |
for (final Callback callback : v_callbacks) { | |
if (callback != null) { | |
System.out.println(callback); | |
if (callback instanceof NameCallback) { | |
((NameCallback) callback).setName(userName); | |
} else if (callback instanceof PasswordCallback) { | |
((PasswordCallback) callback).setPassword(password.toCharArray()); | |
} else { | |
throw new UnsupportedCallbackException(callback); | |
} | |
} | |
} | |
} | |
} | |
}; | |
final LoginContext ctx = new LoginContext( | |
"SimpleLoginModule", // Configuration#getAppConfigurationEntryに渡す名前 | |
handler); // loginなどのイベントでname、パスワードなどを必要に応じて問い合わせるハンドラ | |
System.out.println("before login!(" + ctx.getSubject() + ")"); | |
ctx.login(); | |
System.out.println("login-ok!(" + ctx.getSubject() + ")"); | |
ctx.logout(); | |
System.out.println("after logout!(" + ctx.getSubject() + ")"); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package jp.seraphyware.authtest; | |
import java.security.Principal; | |
import java.util.Map; | |
import javax.security.auth.Subject; | |
import javax.security.auth.callback.Callback; | |
import javax.security.auth.callback.CallbackHandler; | |
import javax.security.auth.callback.NameCallback; | |
import javax.security.auth.callback.PasswordCallback; | |
import javax.security.auth.login.LoginException; | |
import javax.security.auth.spi.LoginModule; | |
public class SimpleLoginModule implements LoginModule { | |
private CallbackHandler _callbackHandler; | |
private Subject _subject; | |
private Principal _principal; | |
private boolean _prepared; | |
@Override | |
public boolean abort() throws LoginException { | |
System.out.println("abort"); | |
this._prepared = false; | |
this._subject = null; | |
this._principal = null; | |
this._callbackHandler = null; | |
return true; | |
} | |
@Override | |
public boolean commit() throws LoginException { | |
System.out.println("commit"); | |
return this._prepared; | |
} | |
@Override | |
public void initialize(Subject v_subject, | |
CallbackHandler v_callbackHandler, | |
Map<String, ?> v_sharedState, | |
Map<String, ?> v_options) { | |
this._subject = v_subject; | |
this._callbackHandler = v_callbackHandler; | |
} | |
@Override | |
public boolean login() throws LoginException { | |
System.out.println("login"); | |
final NameCallback nameCallback = new NameCallback("userName:"); | |
final PasswordCallback passwordCallback = new PasswordCallback("password:", false); | |
final Callback[] callbacks = new Callback[] { nameCallback, passwordCallback }; | |
try { | |
this._callbackHandler.handle(callbacks); | |
} catch (final Exception exception) { | |
final LoginException loginException = new LoginException(exception.toString()); | |
loginException.initCause(exception); | |
throw loginException; | |
} | |
this._prepared = nameCallback.getName().equals("system") | |
&& new String(passwordCallback.getPassword()).equals("manager"); | |
if (this._prepared) { | |
this._principal = new Principal() { | |
@Override | |
public String getName() { | |
return nameCallback.getName(); | |
} | |
@Override | |
public String toString() { | |
return nameCallback.getName(); | |
} | |
}; | |
this._subject.getPrincipals().add(this._principal); | |
} | |
return this._prepared; | |
} | |
@Override | |
public boolean logout() throws LoginException { | |
System.out.println("logout"); | |
if (!this._subject.isReadOnly()) { | |
this._subject.getPrincipals().remove(this._principal); | |
} | |
this._prepared = false; | |
return true; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment