* failed to commit one folder in previous commit.

2008-11-11 02:05:15 +00:00 · 2008-11-11 02:05:15 +00:00 · 388288425f
parent f6865750c5
commit 388288425f
2 changed files with 209 additions and 0 deletions
--- a/jbossfacet/src/org/adempiere/as/jboss/AdempiereLoginModule.java
+++ b/jbossfacet/src/org/adempiere/as/jboss/AdempiereLoginModule.java
@ -0,0 +1,138 @@
+/******************************************************************************
+ * Product: Adempiere ERP & CRM Smart Business Solution                       *
+ * Copyright (C) 2007 Adempiere, Inc. All Rights Reserved.                *
+ * This program is free software; you can redistribute it and/or modify it    *
+ * under the terms version 2 of the GNU General Public License as published   *
+ * by the Free Software Foundation. This program is distributed in the hope   *
+ * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied *
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.           *
+ * See the GNU General Public License for more details.                       *
+ * You should have received a copy of the GNU General Public License along    *
+ * with this program; if not, write to the Free Software Foundation, Inc.,    *
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.                     *
+ *
+ * Copyright (C) 2007 Low Heng Sin hengsin@avantz.com
+ * _____________________________________________
+ *****************************************************************************/
+package org.adempiere.as.jboss;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.compiere.util.Env;
+import org.compiere.util.KeyNamePair;
+import org.compiere.util.Login;
+import org.jboss.security.SimpleGroup;
+import org.jboss.security.SimplePrincipal;
+
+/**
+ * JAAS login module for adempiere
+ * @author Low Heng Sin
+ */
+public class AdempiereLoginModule implements LoginModule {
+
+	private String unauthenticatedIdentity;
+	private CallbackHandler handler;
+	private Subject subject;
+	private KeyNamePair[] roles;
+	private String name;
+	
+	/**
+	 * abort authentication process, reset state
+	 */
+	public boolean abort() throws LoginException {
+		roles = null;
+		name = null;
+		return true;
+	}
+
+	/**
+	 * commit/complete the authentication project, add identity and roles to subject.
+	 */
+	public boolean commit() throws LoginException {
+		//note that jboss require all user role to be put under the group Roles
+		if (roles == null || roles.length == 0)
+		{
+			//not authenticated or authentication failed
+			subject.getPrincipals().add(new SimplePrincipal(unauthenticatedIdentity));
+			SimpleGroup roleGroup = new SimpleGroup("Roles");
+			subject.getPrincipals().add(roleGroup);
+		}
+		else
+		{
+			subject.getPrincipals().add(new SimplePrincipal(name));
+			SimpleGroup roleGroup = new SimpleGroup("Roles");
+			//fixed role use in ejb deployment descriptor
+			roleGroup.addMember(new SimplePrincipal("adempiereUsers"));
+			//dynamic role loaded from db, can be use with isCallerInRole for 
+			//additional security check
+			for(int i = 0; i < roles.length; i++)
+			{
+				roleGroup.addMember(new SimplePrincipal(roles[i].getName()));
+			}
+			subject.getPrincipals().add(roleGroup);
+		}
+		return true;
+	}
+
+	/**
+	 * Initialize the login module, get options from configuration
+	 */
+	public void initialize(Subject subject, CallbackHandler callbackHandler,
+			Map<String, ?> sharedState, Map<String, ?> options) {
+		unauthenticatedIdentity = (String)options.get("unauthenticatedIdentity");
+		handler = callbackHandler;
+		this.subject = subject;
+	}
+
+	/**
+	 * Perform login process
+	 */
+	public boolean login() throws LoginException {
+		//get username and password from standard callback
+		Callback callbacks[] = new Callback[]{new NameCallback("Login:"), new PasswordCallback("Password:", false)};
+		try {
+			handler.handle(callbacks);
+		} catch (IOException e) {
+		} catch (UnsupportedCallbackException e) {
+		}
+		name = ((NameCallback)callbacks[0]).getName();
+		char[] pass = ((PasswordCallback)callbacks[1]).getPassword();
+		String passwd = pass != null ? new String(pass) : null;
+		
+		//do authentication
+		if (name != null && passwd != null)
+		{
+			//perform db authentication
+			Login login = new Login(Env.getCtx());
+			roles = login.getRoles(name, passwd);
+		}
+		else
+		{
+			//no username or password
+			roles = null;
+		}
+		
+		return true;
+	}
+
+	/**
+	 * logout, reset state
+	 */
+	public boolean logout() throws LoginException {
+		roles = null;
+		name = null;
+		
+		return true;
+	}
+
+}
--- a/jbossfacet/src/org/adempiere/as/jboss/JBoss.java
+++ b/jbossfacet/src/org/adempiere/as/jboss/JBoss.java
@ -0,0 +1,71 @@
+/******************************************************************************
+ * Copyright (C) 2008 Low Heng Sin                                            *
+ * This program is free software; you can redistribute it and/or modify it    *
+ * under the terms version 2 of the GNU General Public License as published   *
+ * by the Free Software Foundation. This program is distributed in the hope   *
+ * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied *
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.           *
+ * See the GNU General Public License for more details.                       *
+ * You should have received a copy of the GNU General Public License along    *
+ * with this program; if not, write to the Free Software Foundation, Inc.,    *
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.                     *
+ *****************************************************************************/
+package org.adempiere.as.jboss;
+
+import java.util.Hashtable;
+
+import javax.naming.Context;
+
+import org.adempiere.as.IApplicationServer;
+
+/**
+ * 
+ * @author Low Heng Sin
+ *
+ */
+public class JBoss implements IApplicationServer {
+	
+	//ensure client library is installed
+	static {
+		try {
+			Class.forName("org.jboss.security.jndi.JndiLoginInitialContextFactory");
+		} catch (ClassNotFoundException e) {
+			throw new IllegalStateException(e);
+		}
+	}
+
+	/**
+	 * @see IApplicationServer#getInitialContextEnvironment(String, int, String, String)
+	 */
+	public Hashtable<String, String> getInitialContextEnvironment(
+			String AppsHost, int AppsPort, String principal, String credential) {
+		Hashtable<String,String> env = new Hashtable<String,String>();
+		String connect = AppsHost;
+		if (AppsHost.indexOf("://") == -1)
+			connect = "jnp://" + AppsHost + ":" + AppsPort;
+		env.put (Context.PROVIDER_URL, connect);		
+		env.put (Context.URL_PKG_PREFIXES, "org.jboss.naming.client");
+		//	HTTP - default timeout 0
+		env.put (org.jnp.interfaces.TimedSocketFactory.JNP_TIMEOUT, "5000");	//	timeout in ms
+		env.put (org.jnp.interfaces.TimedSocketFactory.JNP_SO_TIMEOUT, "5000");
+		//	JNP - default timeout 5 sec
+		env.put(org.jnp.interfaces.NamingContext.JNP_DISCOVERY_TIMEOUT, "5000");
+		
+		if (principal != null && credential != null)
+		{
+			env.put(Context.INITIAL_CONTEXT_FACTORY,"org.jboss.security.jndi.JndiLoginInitialContextFactory");
+			env.put(Context.SECURITY_PRINCIPAL, principal);
+			env.put(Context.SECURITY_CREDENTIALS, credential);
+		}
+		else
+		{
+			env.put (Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory");
+		}
+		
+		return env;
+	}
+
+	public int getDefaultNamingServicePort() {
+		return 1099;
+	}
+}