* minor - license header, javadoc and comments.

2007-05-25 10:47:19 +00:00 · 2007-05-25 10:47:19 +00:00 · a8a3123964
parent e9b32a3312
commit a8a3123964
1 changed files with 46 additions and 1 deletions
--- a/serverRoot/src/main/ejb/org/compiere/session/AdempiereLoginModule.java
+++ b/serverRoot/src/main/ejb/org/compiere/session/AdempiereLoginModule.java
@ -1,3 +1,19 @@
+/******************************************************************************
+ * Product: Adempiere ERP & CRM Smart Business Solution                       *
+ * Copyright (C) 2007 Adempiere, Inc. All Rights Reserved.                *
+ * This program is free software; you can redistribute it and/or modify it    *
+ * under the terms version 2 of the GNU General Public License as published   *
+ * by the Free Software Foundation. This program is distributed in the hope   *
+ * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied *
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.           *
+ * See the GNU General Public License for more details.                       *
+ * You should have received a copy of the GNU General Public License along    *
+ * with this program; if not, write to the Free Software Foundation, Inc.,    *
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.                     *
+ *
+ * Copyright (C) 2007 Low Heng Sin hengsin@avantz.com
+ * _____________________________________________
+ *****************************************************************************/
 package org.compiere.session;

 import java.io.IOException;
@ -20,6 +36,10 @@ import org.compiere.util.Login;
 import org.jboss.security.SimpleGroup;
 import org.jboss.security.SimplePrincipal;

+/**
+ * JAAS login module for adempiere
+ * @author Low Heng Sin
+ */
 public class AdempiereLoginModule implements LoginModule {

 	private String unauthenticatedIdentity;
@ -28,15 +48,23 @@ public class AdempiereLoginModule implements LoginModule {
 	private KeyNamePair[] roles;
 	private String name;
 	
+	/**
+	 * abort authentication process, reset state
+	 */
 	public boolean abort() throws LoginException {
 		roles = null;
 		name = null;
-		return false;
+		return true;
 	}

+	/**
+	 * commit/complete the authentication project, add identity and roles to subject.
+	 */
 	public boolean commit() throws LoginException {
+		//note that jboss require all user role to be put under the group Roles
 		if (roles == null || roles.length == 0)
 		{
+			//not authenticated or authentication failed
 			subject.getPrincipals().add(new SimplePrincipal(unauthenticatedIdentity));
 			SimpleGroup roleGroup = new SimpleGroup("Roles");
 			subject.getPrincipals().add(roleGroup);
@ -45,7 +73,10 @@ public class AdempiereLoginModule implements LoginModule {
 		{
 			subject.getPrincipals().add(new SimplePrincipal(name));
 			SimpleGroup roleGroup = new SimpleGroup("Roles");
+			//fixed role use in ejb deployment descriptor
 			roleGroup.addMember(new SimplePrincipal("adempiereUsers"));
+			//dynamic role loaded from db, can be use with isCallerInRole for 
+			//additional security check
 			for(int i = 0; i < roles.length; i++)
 			{
 				roleGroup.addMember(new SimplePrincipal(roles[i].getName()));
@ -55,6 +86,9 @@ public class AdempiereLoginModule implements LoginModule {
 		return true;
 	}

+	/**
+	 * Initialize the login module, get options from configuration
+	 */
 	public void initialize(Subject subject, CallbackHandler callbackHandler,
 			Map<String, ?> sharedState, Map<String, ?> options) {
 		unauthenticatedIdentity = (String)options.get("unauthenticatedIdentity");
@ -62,7 +96,11 @@ public class AdempiereLoginModule implements LoginModule {
 		this.subject = subject;
 	}

+	/**
+	 * Perform login process
+	 */
 	public boolean login() throws LoginException {
+		//get username and password from standard callback
 		Callback callbacks[] = new Callback[]{new NameCallback("Login:"), new PasswordCallback("Password:", false)};
 		try {
 			handler.handle(callbacks);
@ -72,19 +110,26 @@ public class AdempiereLoginModule implements LoginModule {
 		name = ((NameCallback)callbacks[0]).getName();
 		char[] pass = ((PasswordCallback)callbacks[1]).getPassword();
 		String passwd = pass != null ? new String(pass) : null;
+		
+		//do authentication
 		if (name != null && passwd != null)
 		{
+			//perform db authentication
 			Login login = new Login(Env.getCtx());
 			roles = login.getRoles(name, passwd);
 		}
 		else
 		{
+			//no username or password
 			roles = null;
 		}
 		
 		return true;
 	}

+	/**
+	 * logout, reset state
+	 */
 	public boolean logout() throws LoginException {
 		roles = null;
 		name = null;