Examples with PasswordCredential com.sun.enterprise.security.auth.login.common.PasswordCredential used on opensource projects

Example 16 with PasswordCredential

use of com.sun.enterprise.security.auth.login.common.PasswordCredential in project Payara by payara.

the class LoginContextDriver method doPasswordLogin.

/**
 * Log in subject with PasswordCredential. This is a generic login
 * which applies to all login mechanisms which process PasswordCredential.
 * In other words, any mechanism which receives an actual username, realm
 * and password set from the client.
 *
 * <P>The realm contained in the credential is checked, and a JAAS
 * LoginContext is created using a context name obtained from the
 * appropriate Realm instance. The applicable JAAS LoginModule
 * is initialized (based on the jaas login configuration) and login()
 * is invoked on it.
 *
 * <P>RI code makes several assumptions which are retained here:
 * <ul>
 *  <li>The PasswordCredential is stored as a private credential of
 *      the subject.
 *  <li>There is only one such credential present (actually, only
 *      the first one is relevant if more are present).
 * </ui>
 *
 * @param s Subject to be authenticated.
 * @throws LoginException Thrown if the login fails.
 */
private static void doPasswordLogin(Subject subject) throws LoginException {
    final Subject s = subject;
    Object obj = getPrivateCredentials(s, PasswordCredential.class);
    assert obj != null;
    PasswordCredential p = (PasswordCredential) obj;
    String user = p.getUser();
    char[] pwd = p.getPassword();
    String realm = p.getRealm();
    String jaasCtx = null;
    try {
        jaasCtx = Realm.getInstance(realm).getJAASContext();
    } catch (Exception ex) {
        if (ex instanceof LoginException)
            throw (LoginException) ex;
        else
            throw (LoginException) new LoginException(ex.toString()).initCause(ex);
    }
    assert user != null;
    assert pwd != null;
    assert realm != null;
    assert jaasCtx != null;
    if (_logger.isLoggable(Level.FINE)) {
        _logger.fine("Logging in user [" + user + "] into realm: " + realm + " using JAAS module: " + jaasCtx);
    }
    try {
        // A dummyCallback is used to satisfy JAAS but it is never used.
        // name/pwd info is already contained in Subject's Credential
        LoginContext lg = new LoginContext(jaasCtx, s, dummyCallback);
        lg.login();
    } catch (Exception e) {
        if (_logger.isLoggable(Level.FINEST)) {
            _logger.log(Level.FINEST, "doPasswordLogin fails", e);
        }
        if (getAuditManager() != null && getAuditManager().isAuditOn()) {
            getAuditManager().authentication(user, realm, false);
        }
        if (e instanceof LoginException)
            throw (LoginException) e;
        else
            throw (LoginException) new LoginException("Login failed: " + e.getMessage()).initCause(e);
    }
    if (getAuditManager() != null && getAuditManager().isAuditOn()) {
        getAuditManager().authentication(user, realm, true);
    }
    if (_logger.isLoggable(Level.FINE)) {
        _logger.fine("Password login succeeded for : " + user);
    }
    setSecurityContext(user, s, realm);
    if (_logger.isLoggable(Level.FINE)) {
        _logger.log(Level.FINE, "Set security context as user: " + user);
    }
}