geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changes to fix problems found while testing with the sample application.

Browse Source 
Also added a shell script to allow us to build and run the test
application.
This commit is contained in:
Juan Carlos Luciani 2006-05-24 00:53:03 +00:00
parent 51b08492a8
commit 452fabac62
6 changed files with 392 additions and 374 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
auth_token/server/JaasSupport/TODO
View File

@ -10,5 +10,4 @@ This file contains a list of the items still outstanding for JaasSupport.
OUTSTANDING ITEMS OUTSTANDING ITEMS
- Change the username that the login module checks to be CasaPrincipal. - Change printfs used for debugging into a suitable mechanism.
- Change the setting for checking usernames to be PerformUsernameCheck.

17
auth_token/server/JaasSupport/make_and_run_test.sh Executable file
View File

@ -0,0 +1,17 @@
#!/bin/bash
if [ ! -d build-test ]; then
mkdir build-test
mkdir build-test/classes
else
if [ ! -d build-test/classes ]; then
mkdir build-test/classes
fi
fi
echo "*** Compiling the test application ***"
javac -sourcepath src -classpath ../../../lib/java/CasaJaasSupport.jar:../../../lib/java/CasaAuthToken.jar -d build-test/classes src/com/novell/casa/jaas/sample/SampleApp.java src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java
echo "*** Done compiling ***"
echo ""
echo "*** Starting the test application ***"
java -classpath build-test/classes:../../../lib/java/CasaJaasSupport.jar:../../../lib/java/CasaAuthToken.jar:/usr/share/java/xerces-j2.jar -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf com.novell.casa.jaas.sample.SampleApp
#jdb -sourcepath src:../AuthTokenSvc/src -classpath build-test/classes:../../../lib/java/CasaJaasSupport.jar:../../../lib/java/CasaAuthToken.jar:/usr/share/java/xerces-j2.jar -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf com.novell.casa.jaas.sample.SampleApp

400
auth_token/server/JaasSupport/src/com/novell/casa/jaas/CasaLoginModule.java
View File

@ -49,209 +49,209 @@ import com.novell.casa.authtoksvc.CasaIdentityToken;
*/ */
public class CasaLoginModule implements LoginModule public class CasaLoginModule implements LoginModule
{ {
private final static String casaUsername = "CasaIdentityUser"; private final static String casaUsername = "CasaIdentityUser";
private Subject m_subject = null; private Subject m_subject = null;
private CasaPrincipal m_principal = null; private CasaPrincipal m_principal = null;
private CallbackHandler m_callbackHandler = null; private CallbackHandler m_callbackHandler = null;
private Map m_sharedState = null; private Map m_sharedState = null;
private Map m_options = null; private Map m_options = null;
/* /*
* (non-Javadoc) * (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#abort() * @see javax.security.auth.spi.LoginModule#abort()
*/ */
public boolean abort() throws LoginException public boolean abort() throws LoginException
{ {
// Clear out all of our state // Clear out all of our state
m_subject = null; m_subject = null;
m_principal = null; m_principal = null;
m_callbackHandler = null; m_callbackHandler = null;
m_sharedState = null; m_sharedState = null;
m_options = null; m_options = null;
return true; return true;
} }
/* /*
* (non-Javadoc) * (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#commit() * @see javax.security.auth.spi.LoginModule#commit()
*/ */
public boolean commit() throws LoginException public boolean commit() throws LoginException
{ {
// Check if we instantiated a principal to associate // Check if we instantiated a principal to associate
// with the subject. // with the subject.
if (m_principal != null) if (m_principal != null)
{ {
try try
{ {
// Add our principal to the set associated with // Add our principal to the set associated with
// the subject. // the subject.
m_subject.getPrincipals().add(m_principal); m_subject.getPrincipals().add(m_principal);
return true; return true;
} }
catch (Exception e) catch (Exception e)
{ {
System.err.println("CasaLoginModule.commit()- Exception caught associating principal, msg: " + e.getMessage()); System.err.println("CasaLoginModule.commit()- Exception caught associating principal, msg: " + e.getMessage());
throw new LoginException("Error encountered"); throw new LoginException("Error encountered");
} }
} }
else else
{ {
// Allways return since authentication failed or was not // Allways return since authentication failed or was not
// performed by us. // performed by us.
return false; return false;
} }
} }
/* /*
* (non-Javadoc) * (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#login() * @see javax.security.auth.spi.LoginModule#login()
*/ */
public boolean login() throws LoginException public boolean login() throws LoginException
{ {
// Verify that a CallbackHandler was specified // Verify that a CallbackHandler was specified
if (m_callbackHandler == null) if (m_callbackHandler == null)
{ {
System.err.println("CasaLoginModule.login()- Null CallbackHandler"); System.err.println("CasaLoginModule.login()- Null CallbackHandler");
throw new LoginException("Null CallbackHandler"); throw new LoginException("Null CallbackHandler");
} }
// Do not perform the username check unless configured to do it. // Do not perform the username check unless configured to do it.
boolean performUsernameCheck = false; boolean performUsernameCheck = false;
if (m_options != null if (m_options != null
&& m_options.containsKey((String) "performUsernameCheck") == true) && m_options.containsKey((String) "PerformUsernameCheck") == true)
{ {
String keyVal = (String) m_options.get("performUsernameCheck"); String keyVal = (String) m_options.get("PerformUsernameCheck");
if (keyVal != null && keyVal.equals("true")) if (keyVal != null && keyVal.equals("true"))
performUsernameCheck = true; performUsernameCheck = true;
} }
if (performUsernameCheck) if (performUsernameCheck)
{ {
// Verify that the username is CasaIdentityUser, for this // Verify that the username is CasaIdentityUser, for this
// we first need to obtain it. // we first need to obtain it.
// //
// Try to obtain the user name from the shared state // Try to obtain the user name from the shared state
String username = (String) m_sharedState.get("javax.security.auth.login.name"); String username = (String) m_sharedState.get("javax.security.auth.login.name");
if (username == null) if (username == null)
{ {
// The usename was not stored in the shared state, request it. // The usename was not stored in the shared state, request it.
try try
{ {
NameCallback nameCallback = new NameCallback("Enter username:"); NameCallback nameCallback = new NameCallback("Enter username:");
Callback[] callbacks = new Callback[1]; Callback[] callbacks = new Callback[1];
callbacks[0] = nameCallback; callbacks[0] = nameCallback;
m_callbackHandler.handle(callbacks); m_callbackHandler.handle(callbacks);
username = nameCallback.getName(); username = nameCallback.getName();
} }
catch (Exception e) catch (Exception e)
{ {
System.err.println("CasaLoginModule.login()- Exception caught during nameCallback, msg: " + e.getMessage()); System.err.println("CasaLoginModule.login()- Exception caught during nameCallback, msg: " + e.getMessage());
} }
// Check the username // Check the username
if (username == null) if (username == null)
return false; return false;
else else
{ {
// Save the retrieved username in the shared state and then check it. // Save the retrieved username in the shared state and then check it.
m_sharedState.put("javax.security.auth.login.name", username); m_sharedState.put("javax.security.auth.login.name", username);
if (username.equals(casaUsername) == false) if (username.equals(casaUsername) == false)
return false; return false;
} }
} }
else else
{ {
// Check the username // Check the username
if (username.equals(casaUsername) == false) if (username.equals(casaUsername) == false)
return false; return false;
} }
} }
// Obtain the CasaAuthenticationToken // Obtain the CasaAuthenticationToken
char[] authTokenChars = null; char[] authTokenChars = null;
try try
{ {
PasswordCallback passwordCallback = new PasswordCallback("Enter CasaAuthenticationToken:", false); PasswordCallback passwordCallback = new PasswordCallback("Enter CasaAuthenticationToken:", false);
Callback[] callbacks = new Callback[1]; Callback[] callbacks = new Callback[1];
callbacks[0] = passwordCallback; callbacks[0] = passwordCallback;
m_callbackHandler.handle(callbacks); m_callbackHandler.handle(callbacks);
authTokenChars = passwordCallback.getPassword(); authTokenChars = passwordCallback.getPassword();
} }
catch (Exception e) catch (Exception e)
{ {
System.err.println("CasaLoginModule.login()- Exception caught during passwordCallback, msg: " + e.getMessage()); System.err.println("CasaLoginModule.login()- Exception caught during passwordCallback, msg: " + e.getMessage());
} }
// Check the CasaAuthenticationToken // Check the CasaAuthenticationToken
if (authTokenChars != null) if (authTokenChars != null)
{ {
// Instantiate the AuthToken, this validates the token itself. // Instantiate the AuthToken, this validates the token itself.
try try
{ {
AuthToken authToken = new AuthToken(new String(authTokenChars)); AuthToken authToken = new AuthToken(new String(authTokenChars));
// Instantiate the appropriate IdentityToken based on the IdentityTokenProvider type // Instantiate the appropriate IdentityToken based on the IdentityTokenProvider type
// tbd - For now use the CasaIdentityToken // tbd - For now use the CasaIdentityToken
CasaIdentityToken identityToken = new CasaIdentityToken(); CasaIdentityToken identityToken = new CasaIdentityToken();
identityToken.initialize(authToken.getIdentityToken()); identityToken.initialize(authToken.getIdentityToken());
// Now instantiate the CasaPrincipal // Now instantiate the CasaPrincipal
m_principal = new CasaPrincipal(identityToken); m_principal = new CasaPrincipal(identityToken);
} }
catch (Exception e) catch (Exception e)
{ {
// The validation of one of the tokens failed // The validation of one of the tokens failed
// tbd - Log // tbd - Log
System.err.println("CasaLoginModule.login()- Exception caught during token processing, msg: " + e.getMessage()); System.err.println("CasaLoginModule.login()- Exception caught during token processing, msg: " + e.getMessage());
throw new FailedLoginException("Token validation failed"); throw new FailedLoginException("Token validation failed");
} }
} }
else else
{ {
// Token not provided // Token not provided
// tbd - Log // tbd - Log
System.err.println("CasaLoginModule.login()- Token not provided"); System.err.println("CasaLoginModule.login()- Token not provided");
throw new FailedLoginException("CasaAuthenticationToken not obtained"); throw new FailedLoginException("CasaAuthenticationToken not obtained");
} }
// User validated // User validated
// tbd - Log // tbd - Log
return true; return true;
} }
/* /*
* (non-Javadoc) * (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#logout() * @see javax.security.auth.spi.LoginModule#logout()
*/ */
public boolean logout() throws LoginException public boolean logout() throws LoginException
{ {
// Check if we must try to remove our principal // Check if we must try to remove our principal
// from the associated subject. // from the associated subject.
if (m_principal != null if (m_principal != null
&& m_subject.isReadOnly() == false) && m_subject.isReadOnly() == false)
{ {
Set principalSet = m_subject.getPrincipals(); Set principalSet = m_subject.getPrincipals();
principalSet.remove(m_principal); principalSet.remove(m_principal);
} }
return true; return true;
} }
/* /*
* (non-Javadoc) * (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map) * @see javax.security.auth.spi.LoginModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map)
*/ */
public void initialize( public void initialize(
Subject subject, Subject subject,
CallbackHandler callbackHandler, CallbackHandler callbackHandler,
Map sharedState, Map sharedState,
Map options) Map options)
{ {
// Save the input parameters for later use // Save the input parameters for later use
m_subject = subject; m_subject = subject;
m_callbackHandler = callbackHandler; m_callbackHandler = callbackHandler;
m_sharedState = sharedState; m_sharedState = sharedState;
m_options = options; m_options = options;
} }
} }

93
auth_token/server/JaasSupport/src/com/novell/casa/jaas/CasaPrincipal.java
View File

@ -35,52 +35,53 @@ import com.novell.casa.authtoksvc.IdentityToken;
*/ */
public class CasaPrincipal implements Principal public class CasaPrincipal implements Principal
{ {
private String m_name; private String m_name;
private String m_realm; private String m_realm;
private String m_identStoreUrl; private String m_identStoreUrl;
private javax.naming.directory.Attributes m_attributes; private javax.naming.directory.Attributes m_attributes;
/* /*
* Constructor * Constructor
*/ */
public CasaPrincipal(IdentityToken identityToken) throws Exception public CasaPrincipal(IdentityToken identityToken) throws Exception
{ {
// Get the necessary information from the identity token // Get the necessary information from the identity token
m_name = identityToken.getIdentityId(); m_name = identityToken.getIdentityId();
m_realm = identityToken.getSourceName(); m_realm = identityToken.getSourceName();
m_identStoreUrl = identityToken.getSourceUrl(); m_identStoreUrl = identityToken.getSourceUrl();
m_attributes = identityToken.getAttributes(); m_attributes = identityToken.getAttributes();
} }
/*
* (non-Javadoc)
* @see java.security.Principal#getName()
*/
public String getName()
{
return m_name;
}
/*
* Returns the name associated with the source of the identity data.
*/
public String getRealm()
{
return m_realm;
}
/* /*
* Returns the url associated with the source of the identity data. * (non-Javadoc)
*/ * @see java.security.Principal#getName()
public String getIdentStoreUrl() */
{ public String getName()
return m_identStoreUrl; {
} return m_name;
}
/*
* Returns the name associated with the source of the identity data.
*/
public String getRealm()
{
return m_realm;
}
/* /*
* Returns the identity attributes. * Returns the url associated with the source of the identity data.
*/ */
public javax.naming.directory.Attributes getAttributes() public String getIdentStoreUrl()
{ {
return m_attributes; return m_identStoreUrl;
} }
/*
* Returns the identity attributes.
*/
public javax.naming.directory.Attributes getAttributes()
{
return m_attributes;
}
} }

2
auth_token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.conf
View File

@ -1,3 +1,3 @@
SampleApp { testService {
com.novell.casa.jaas.CasaLoginModule Required debug=true; com.novell.casa.jaas.CasaLoginModule Required debug=true;
}; };

251
auth_token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.java
View File

@ -46,130 +46,131 @@ import com.novell.casa.jaas.CasaPrincipal;
*/ */
public class SampleApp public class SampleApp
{ {
/** /**
* @param args * @param args
*/ */
public static void main(String[] args) public static void main(String[] args)
{ {
Socket sock = null; Socket sock = null;
ServerSocket listenSock = null; ServerSocket listenSock = null;
try try
{ {
// Create a socket to listen for connections // Create a socket to listen for connections
int port = 4444; int port = 4444;
int queueLen = 6; int queueLen = 6;
listenSock = new ServerSocket(port, queueLen); System.out.println("Listen port = " + port);
listenSock = new ServerSocket(port, queueLen);
// Service connections // Service connections
while (true) while (true)
{ {
BufferedReader in = null; BufferedReader in = null;
try try
{ {
// Wait for the next connection // Wait for the next connection
System.out.println("Waiting for connection"); System.out.println("Waiting for connection");
sock = listenSock.accept(); sock = listenSock.accept();
System.out.println(); System.out.println();
System.out.println("********Connection received*********"); System.out.println("********Connection received*********");
// Get socket I/O streams // Get socket I/O streams
in = new BufferedReader(new InputStreamReader(sock.getInputStream())); in = new BufferedReader(new InputStreamReader(sock.getInputStream()));
//PrintStream out = new PrintStream(sock.getOutputStream()); //PrintStream out = new PrintStream(sock.getOutputStream());
// Get the authentication token from the client // Get the authentication token from the client
String authToken = in.readLine(); String authToken = in.readLine();
//System.out.println("Token received from client, length = " + authToken.length()); //System.out.println("Token received from client, length = " + authToken.length());
// Authenticate the token and print out the information available to our service // Authenticate the token and print out the information available to our service
// about the authenticated identity. // about the authenticated identity.
try LoginContext lc = new LoginContext("testService", new SampleAppCallbackHandler(authToken));
{ try
LoginContext lc = new LoginContext("testService", new SampleAppCallbackHandler(authToken)); {
System.out.println("Authenticating the user"); System.out.println("Authenticating the user");
lc.login(); lc.login();
System.out.println(" Authentication succeeded"); System.out.println(" Authentication succeeded");
// Now get the subject associated with the context // Now get the subject associated with the context
Subject subject = lc.getSubject(); Subject subject = lc.getSubject();
// Now get the CasaPrincipals that represent the authenticated // Now get the CasaPrincipals that represent the authenticated
// identity or identities. // identity or identities.
Set principalSet = subject.getPrincipals(CasaPrincipal.class); Set principalSet = subject.getPrincipals(CasaPrincipal.class);
//System.out.println("The number of CasaPrincipals is: " + principalSet.size()); //System.out.println("The number of CasaPrincipals is: " + principalSet.size());
Iterator principalIter = principalSet.iterator(); Iterator principalIter = principalSet.iterator();
System.out.println(); System.out.println();
System.out.println("Authenticated Identity Information"); System.out.println("Authenticated Identity Information");
System.out.println(); System.out.println();
while (principalIter.hasNext() == true) while (principalIter.hasNext() == true)
{ {
CasaPrincipal principal = (CasaPrincipal) principalIter.next(); CasaPrincipal principal = (CasaPrincipal) principalIter.next();
// Print out information about the principal // Print out information about the principal
System.out.println(" Source of the identity information: " + principal.getIdentStoreUrl()); System.out.println(" Source of the identity information: " + principal.getIdentStoreUrl());
System.out.println(" Realm name associated with identity source: " + principal.getRealm()); System.out.println(" Realm name associated with identity source: " + principal.getRealm());
System.out.println(" Principal name (unique within identity source realm): " + principal.getName()); System.out.println(" Principal name (unique within identity source realm): " + principal.getName());
System.out.println(); System.out.println();
System.out.println("Authenticated Identity Attributes"); System.out.println("Authenticated Identity Attributes");
System.out.println(); System.out.println();
javax.naming.directory.Attributes attrs = principal.getAttributes(); javax.naming.directory.Attributes attrs = principal.getAttributes();
for (NamingEnumeration ae = attrs.getAll(); ae.hasMore();) for (NamingEnumeration ae = attrs.getAll(); ae.hasMore();)
{ {
javax.naming.directory.Attribute attr = (javax.naming.directory.Attribute) ae.next(); javax.naming.directory.Attribute attr = (javax.naming.directory.Attribute) ae.next();
NamingEnumeration enumeration = attr.getAll(); NamingEnumeration enumeration = attr.getAll();
while (enumeration.hasMore()) while (enumeration.hasMore())
{ {
System.out.print(" Attribute Name: " + attr.getID()); System.out.print(" Attribute Name: " + attr.getID());
System.out.println(" :: Attribute Value: " + (String) enumeration.next()); System.out.println(" :: Attribute Value: " + (String) enumeration.next());
} }
} }
} }
System.out.println(); System.out.println();
} }
catch (LoginException e) catch (LoginException e)
{ {
System.out.println(" Authentication failed"); System.out.println(" Authentication failed, LoginException: " + e.getMessage());
} }
} }
finally finally
{ {
if (sock != null) if (sock != null)
{ {
sock.close(); sock.close();
sock = null; sock = null;
} }
if (in != null) if (in != null)
in.close(); in.close();
} }
} }
} }
catch (IOException e) catch (IOException e)
{ {
System.out.println("IOException: " + e.getMessage()); System.out.println("IOException: " + e.getMessage());
} }
catch (Exception e) catch (Exception e)
{ {
System.out.println("Exception: " + e.getMessage()); System.out.println("Exception: " + e.getMessage());
} }
finally finally
{ {
try try
{ {
if (sock != null) if (sock != null)
{ {
sock.close(); sock.close();
} }
if (listenSock != null) if (listenSock != null)
{ {
listenSock.close(); listenSock.close();
} }
} }
catch (Exception e) catch (Exception e)
{ {
System.out.println("Exception: " + e.getMessage()); System.out.println("Exception: " + e.getMessage());
} }
} }
} }
} }