-
Notifications
You must be signed in to change notification settings - Fork 3.4k
Expand file tree
/
Copy pathAuthenticationManager.java
More file actions
71 lines (62 loc) · 2.73 KB
/
AuthenticationManager.java
File metadata and controls
71 lines (62 loc) · 2.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package security;
import com.google.common.base.Preconditions;
import java.util.Collections;
import javax.annotation.Nonnull;
import javax.naming.AuthenticationException;
import javax.naming.NamingException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.jaas.JAASLoginService;
import org.eclipse.jetty.jaas.PropertyUserStoreManager;
import play.Logger;
public class AuthenticationManager {
private AuthenticationManager() {
}
public static void authenticateJaasUser(@Nonnull String userName, @Nonnull String password) throws NamingException {
Preconditions.checkArgument(!StringUtils.isAnyEmpty(userName), "Username cannot be empty");
try {
JAASLoginService jaasLoginService = new JAASLoginService("WHZ-Authentication");
PropertyUserStoreManager propertyUserStoreManager = new PropertyUserStoreManager();
propertyUserStoreManager.start();
jaasLoginService.setBeans(Collections.singletonList(propertyUserStoreManager));
JAASLoginService.INSTANCE.set(jaasLoginService);
LoginContext lc = new LoginContext("WHZ-Authentication", new WHZCallbackHandler(userName, password));
lc.login();
} catch (LoginException le) {
throw new AuthenticationException(le.toString());
} catch (Exception e) {
// Bad abstract class design, empty doStart that has throws Exception in the signature and subclass that also
// does not throw any checked exceptions. This should never happen, all it does is create an empty HashMap...
}
}
private static class WHZCallbackHandler implements CallbackHandler {
private String password;
private String username;
private WHZCallbackHandler(@Nonnull String username, @Nonnull String password) {
this.username = username;
this.password = password;
}
@Override
public void handle(@Nonnull Callback[] callbacks) {
NameCallback nc = null;
PasswordCallback pc = null;
for (Callback callback : callbacks) {
Logger.error("The submitted callback is of type: " + callback.getClass() + " : " + callback);
if (callback instanceof NameCallback) {
nc = (NameCallback) callback;
nc.setName(this.username);
} else if (callback instanceof PasswordCallback) {
pc = (PasswordCallback) callback;
pc.setPassword(this.password.toCharArray());
} else {
Logger.warn("The submitted callback is unsupported! ", callback);
}
}
}
}
}