From 0f58c826032a08f1f03921787740062fd263ff48 Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Tue, 9 Jan 2007 05:05:37 +0000 Subject: [PATCH] More changes as a result of project code review. --- .../com/novell/casa/jaas/CasaLoginModule.java | 52 +++++++++++-------- .../novell/casa/jaas/sample/SampleApp.java | 2 +- .../jaas/sample/SampleAppCallbackHandler.java | 3 +- CASA-auth-token/server-java/Svc/linux/envvars | 1 + .../casa/authtoksvc/EnabledSvcsConfig.java | 14 +++-- 5 files changed, 40 insertions(+), 32 deletions(-) diff --git a/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/CasaLoginModule.java b/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/CasaLoginModule.java index ab9aa626..f2d61bb8 100644 --- a/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/CasaLoginModule.java +++ b/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/CasaLoginModule.java @@ -39,9 +39,9 @@ import javax.security.auth.spi.LoginModule; import com.novell.casa.authtoksvc.AuthToken; import com.novell.casa.authtoksvc.CasaIdentityToken; -/* +/** * CasaLoginModule Class. - * + *

* This class implements a LoginModule which performs * authentication via the Casa Authentication Token * infrastructure. @@ -57,8 +57,10 @@ public final class CasaLoginModule implements LoginModule private Map m_sharedState = null; private Map m_options = null; - /* - * (non-Javadoc) + /** + * Aborts the subject authentication operation. + * + * @throws LoginException * @see javax.security.auth.spi.LoginModule#abort() */ public boolean abort() throws LoginException @@ -73,8 +75,10 @@ public final class CasaLoginModule implements LoginModule return true; } - /* - * (non-Javadoc) + /** + * Commit the results of the subject authentication operation. + * + * @throws LoginException * @see javax.security.auth.spi.LoginModule#commit() */ public boolean commit() throws LoginException @@ -104,8 +108,10 @@ public final class CasaLoginModule implements LoginModule } } - /* - * (non-Javadoc) + /** + * Authenticate subject. + * + * @throws LoginException * @see javax.security.auth.spi.LoginModule#login() */ public boolean login() throws LoginException @@ -120,7 +126,7 @@ public final class CasaLoginModule implements LoginModule // Do not perform the username check unless configured to do it. boolean performUsernameCheck = false; if (m_options != null - && m_options.containsKey((String) "PerformUsernameCheck") == true) + && m_options.containsKey("PerformUsernameCheck") == true) { String keyVal = (String) m_options.get("PerformUsernameCheck"); if (keyVal != null && keyVal.equals("true")) @@ -211,18 +217,18 @@ public final class CasaLoginModule implements LoginModule else { // Token not provided - // tbd - Log System.err.println("CasaLoginModule.login()- Token not provided"); throw new FailedLoginException("CasaAuthenticationToken not obtained"); } // User validated - // tbd - Log return true; } - /* - * (non-Javadoc) + /** + * Logout subject. + * + * @throws LoginException * @see javax.security.auth.spi.LoginModule#logout() */ public boolean logout() throws LoginException @@ -230,7 +236,7 @@ public final class CasaLoginModule implements LoginModule // Check if we must try to remove our principal // from the associated subject. if (m_principal != null - && m_subject.isReadOnly() == false) + && m_subject.isReadOnly() == false) { Set principalSet = m_subject.getPrincipals(); principalSet.remove(m_principal); @@ -238,15 +244,19 @@ public final class CasaLoginModule implements LoginModule return true; } - /* - * (non-Javadoc) + /** + * Initialize CasaLoginModule instance. + * + * @param subject The subject to be authenticated. + * @param callbackHandler Callback handler for communicating with end-user. + * @param sharedState State shared between login modules. + * @param options Module configuration options. * @see javax.security.auth.spi.LoginModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map) */ - public void initialize( - Subject subject, - CallbackHandler callbackHandler, - Map sharedState, - Map options) + public void initialize(Subject subject, + CallbackHandler callbackHandler, + Map sharedState, + Map options) { // Save the input parameters for later use m_subject = subject; diff --git a/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/sample/SampleApp.java b/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/sample/SampleApp.java index 3f1f85e8..f2292cce 100644 --- a/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/sample/SampleApp.java +++ b/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/sample/SampleApp.java @@ -139,7 +139,7 @@ public final class SampleApp else { // The attribute value is contained in a string - System.out.println(" :: Attribute Value: " + (String) attrValue); + System.out.println(" :: Attribute Value: " + attrValue); } } } diff --git a/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java b/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java index b7f644b3..dbe01a4b 100644 --- a/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java +++ b/CASA-auth-token/server-java/Jaas/src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java @@ -60,8 +60,7 @@ public final class SampleAppCallbackHandler implements CallbackHandler // Remove the null terminator char[] tokenChars = new char[allChars.length - 1]; - for (int ii = 0; ii < tokenChars.length; ii++) - tokenChars[ii] = allChars[ii]; + System.arraycopy(allChars, 0, tokenChars, 0, tokenChars.length); pc.setPassword(tokenChars); } else { throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); diff --git a/CASA-auth-token/server-java/Svc/linux/envvars b/CASA-auth-token/server-java/Svc/linux/envvars index 2a5f9bb7..a3a9021c 100644 --- a/CASA-auth-token/server-java/Svc/linux/envvars +++ b/CASA-auth-token/server-java/Svc/linux/envvars @@ -14,6 +14,7 @@ fi CATALINA_BASE="/srv/www/casaats" CATALINA_HOME="/usr/share/tomcat5" +CATALINA_PID="/var/lib/CASA/authtoken/svc/casaatsd.pid" JAVA_HOME="/usr/$LIB/jvm/jre-1.5.0" JAVA_OPTS="-Dcom.novell.casa.authtoksvc.config=/etc/CASA/authtoken/svc" export CATALINA_BASE CATALINA_HOME JAVA_HOME JAVA_OPTS diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java index f51ba66f..1da711bf 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java @@ -34,6 +34,7 @@ import java.util.*; * the services enabled to use Authentication Tokens. * */ +@SuppressWarnings({"ALL"}) public final class EnabledSvcsConfig { private static final String m_authPolicyFileName = "auth.policy"; @@ -172,7 +173,7 @@ public final class EnabledSvcsConfig // Now go through the configured hosts. Note that the services config folder // contains folders for each host for which there are enabled services. The folders // in the services config folder must match the DNS name of the hosts where - // the enabled services reside. + // the enabled services reside except in the localhost case. File servicesConfigFolder = new File(svcConfigPath, "enabled_services"); try { @@ -296,7 +297,7 @@ public final class EnabledSvcsConfig } // Add this hosts enabled services configuration map to the hosts map - m_hostsMap.put(servicesConfigFolderObjs[i], enabledSvcsConfigMap); + m_hostsMap.put(servicesConfigFolderObjs[i].toUpperCase(), enabledSvcsConfigMap); } } else @@ -372,8 +373,7 @@ public final class EnabledSvcsConfig byte[] authPolicyData = null; // First try to obtain the Map of enabled services for the host - // tbd - Should we make this case insensitive? - Map enabledSvcsConfigMap = m_hostsMap.get(hostName); + Map enabledSvcsConfigMap = m_hostsMap.get(hostName.toUpperCase()); if (enabledSvcsConfigMap != null) { // Retrieve SvcConfigEntry for the service from the map for the host @@ -409,8 +409,7 @@ public final class EnabledSvcsConfig AuthTokenConfig authTokenConfig = null; // First try to obtain the Map of enabled services for the host - // tbd - Should we make this case insensitive? - Map enabledSvcsConfigMap = m_hostsMap.get(hostName); + Map enabledSvcsConfigMap = m_hostsMap.get(hostName.toUpperCase()); if (enabledSvcsConfigMap != null) { // Retrieve SvcConfigEntry for the service from the map for the host @@ -445,8 +444,7 @@ public final class EnabledSvcsConfig IdenTokenConfig idenTokenConfig = null; // First try to obtain the Map of enabled services for the host - // tbd - Should we make this case insensitive? - Map enabledSvcsConfigMap = m_hostsMap.get(hostName); + Map enabledSvcsConfigMap = m_hostsMap.get(hostName.toUpperCase()); if (enabledSvcsConfigMap != null) { // Retrieve SvcConfigEntry for the service from the map for the host