src/org/ibex/crypto/KerberosAuth.java

   1 // Copyright 2006 the Contributors, as shown in the revision logs.
   2 // Licensed under the Apache Public Source License 2.0 ("the License").
   3 // You may not use this file except in compliance with the License.
   4
   5 package org.ibex.crypto;
   6 import javax.security.auth.*;
   7 import javax.security.auth.login.*;
   8 import javax.security.auth.callback.*;
   9 import java.util.*;
  10 import java.io.*;
  11 import org.ibex.util.*;
  12 import java.util.*;
  13 import java.io.*;
  14
  15 /**
  16  *  Another big, gross hack.
  17  */
  18 public class KerberosAuth {
  19
  20     private final String realm;
  21     private final String kdc;
  22
  23     /** JAAS doesn't know how to do KDC discovery via DNS */
  24     public KerberosAuth(String realm, String kdc) {
  25         this.realm = realm;
  26         this.kdc = kdc;
  27     }
  28
  29     public boolean auth(final String name, final String pass) {
  30         try {
  31             synchronized(KerberosAuth.class) {
  32                 System.setProperty("java.security.krb5.realm", realm);
  33                 System.setProperty("java.security.krb5.kdc", kdc);
  34                 Configuration.setConfiguration(new Configuration() {
  35                         public AppConfigurationEntry[] getAppConfigurationEntry(String appName) {
  36                             Map map = new HashMap<String,String>();
  37                             return new AppConfigurationEntry[] {
  38                                 new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule",
  39                                                           AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, map)
  40                             };
  41                         }
  42                         public void refresh() { }
  43                     });
  44                 LoginContext lc =
  45                     new LoginContext(name,
  46                                      new CallbackHandler() {
  47                                          public void handle(Callback[] callbacks)
  48                                              throws IOException, UnsupportedCallbackException {
  49                                              for (int i = 0; i < callbacks.length; i++) {
  50                                                  if (callbacks[i] instanceof TextOutputCallback) {
  51                                                      TextOutputCallback toc = (TextOutputCallback)callbacks[i];
  52                                                      switch (toc.getMessageType()) {
  53                                                          case TextOutputCallback.INFORMATION: break;
  54                                                          case TextOutputCallback.ERROR: throw new RuntimeException(toc.getMessage());
  55                                                          case TextOutputCallback.WARNING:
  56                                                              Log.warn(this, toc.getMessage());
  57                                                              break;
  58                                                          default:
  59                                                              throw new RuntimeException("Unsupported message type: " +
  60                                                                                         toc.getMessageType());
  61                                                      }
  62
  63                                                  } else if (callbacks[i] instanceof NameCallback) {
  64                                                      NameCallback nc = (NameCallback)callbacks[i];
  65                                                      nc.setName(name);
  66
  67                                                  } else if (callbacks[i] instanceof PasswordCallback) {
  68                                                      PasswordCallback pc = (PasswordCallback)callbacks[i];
  69                                                      pc.setPassword(pass.toCharArray());
  70
  71                                                  } else {
  72                                                      throw new UnsupportedCallbackException
  73                                                          (callbacks[i], "Unrecognized Callback");
  74                                                  }
  75                                              }
  76                                          }
  77                                      });
  78                 lc.login();
  79                 return lc.getSubject()!=null;
  80             }
  81         } catch (Exception e) {
  82             Log.warn(this, e);
  83             return false;
  84         }
  85     }
  86 }