2 * Copyright 2005, 2008, 2009 Electronic Business Systems Ltd.
\r
4 * This file is part of GSS.
\r
6 * GSS is free software: you can redistribute it and/or modify
\r
7 * it under the terms of the GNU General Public License as published by
\r
8 * the Free Software Foundation, either version 3 of the License, or
\r
9 * (at your option) any later version.
\r
11 * GSS is distributed in the hope that it will be useful,
\r
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
\r
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
\r
14 * GNU General Public License for more details.
\r
16 * You should have received a copy of the GNU General Public License
\r
17 * along with GSS. If not, see <http://www.gnu.org/licenses/>.
\r
19 package gr.ebs.gss.server.webdav.login;
\r
21 import static gr.ebs.gss.server.configuration.GSSConfigurationFactory.getConfiguration;
\r
22 import gr.ebs.gss.client.exceptions.RpcException;
\r
23 import gr.ebs.gss.server.domain.User;
\r
24 import gr.ebs.gss.server.ejb.ExternalAPI;
\r
26 import java.io.UnsupportedEncodingException;
\r
27 import java.security.Principal;
\r
28 import java.security.acl.Group;
\r
29 import java.util.HashSet;
\r
31 import javax.naming.Context;
\r
32 import javax.naming.InitialContext;
\r
33 import javax.naming.NamingException;
\r
34 import javax.rmi.PortableRemoteObject;
\r
35 import javax.security.auth.login.FailedLoginException;
\r
36 import javax.security.auth.login.LoginException;
\r
38 import org.apache.commons.codec.binary.Base64;
\r
39 import org.apache.commons.logging.Log;
\r
40 import org.apache.commons.logging.LogFactory;
\r
41 import org.jboss.security.auth.spi.UsernamePasswordLoginModule;
\r
45 * The custom login module for the GSS WebDAV implementation.
\r
47 public class GssWebDAVLoginModule extends UsernamePasswordLoginModule {
\r
50 * Logger for this class
\r
52 private static final Log logger = LogFactory.getLog(GssWebDAVLoginModule.class);
\r
55 * A helper method that retrieves a reference to the ExternalAPI bean and
\r
56 * stores it for future use.
\r
58 * @return an ExternalAPI instance
\r
59 * @throws RpcException in case an error occurs
\r
61 private ExternalAPI getService() throws RpcException {
\r
63 final Context ctx = new InitialContext();
\r
64 final Object ref = ctx.lookup(getConfiguration().getString("externalApiPath"));
\r
65 return (ExternalAPI) PortableRemoteObject.narrow(ref, ExternalAPI.class);
\r
66 } catch (final NamingException e) {
\r
67 logger.error("Unable to retrieve the ExternalAPI EJB", e);
\r
68 throw new RpcException("An error occurred while contacting the naming service");
\r
73 protected String getUsersPassword() throws LoginException {
\r
74 String username = getUsername();
\r
76 User user = getService().findUser(username);
\r
77 if (user==null) throw new FailedLoginException("User '"+username+"' not found.");
\r
78 String tokenEncoded = new String(Base64.encodeBase64(user.getAuthToken()), "US-ASCII");
\r
79 return tokenEncoded;
\r
80 } catch (RpcException e) {
\r
81 String error = "An error occurred while communicating with the service";
\r
82 logger.error(error, e);
\r
83 throw new LoginException(e.getMessage());
\r
84 } catch (UnsupportedEncodingException e) {
\r
85 logger.error("", e);
\r
86 throw new LoginException(e.getMessage());
\r
91 * Overrides parent's implementation by returning only the simpleUser
\r
92 * role for any successful login.
\r
94 * @return Group[] that contains only the authenticatedUser group (role)
\r
95 * @throws LoginException
\r
96 * @see org.jboss.security.auth.spi.AbstractServerLoginModule#getRoleSets()
\r
99 protected Group[] getRoleSets() throws LoginException {
\r
100 Principal principal;
\r
102 principal = createIdentity("simpleUser");
\r
103 } catch (Exception e) {
\r
104 logger.error("", e);
\r
105 throw new LoginException(e.getMessage());
\r
107 Group rolesGroup = null;
\r
108 rolesGroup = createGroup("Roles", new HashSet());
\r
109 rolesGroup.addMember(principal);
\r
110 Group[] roles = new Group[1];
\r
111 roles[0] = rolesGroup;
\r