SMSAuthModule.java revision 365156d5428edc07eae024879829e586bbaf9d42
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: SMSAuthModule.java,v 1.9 2009/12/11 06:51:37 hengming Exp $
*
* Portions Copyrighted 2011-2016 ForgeRock AS.
*/
/**
* AM's internal user's authentication module
*/
public class SMSAuthModule implements LoginModule {
// Static variables
private static volatile boolean initialized = false;
private static volatile boolean loadedInternalUsers = false;
private static volatile boolean registeredCallbackHandler = false;
private static final Map<String, String> users = new ConcurrentSkipListMap<>(String.CASE_INSENSITIVE_ORDER);
private static final Map<String, String> userNameToDN = new ConcurrentSkipListMap<>(String.CASE_INSENSITIVE_ORDER);
// Instance variables
// Constants
public SMSAuthModule() {
// do nothing
if (debug.messageEnabled()) {
}
}
if (debug.messageEnabled()) {
// Copy the shared state and remove password for debugging
boolean passwordPresent = (ss
? false
: true;
+ "\nPrincipals: "
: "null")
+ "\nSharedState: "
+ ss
+ "\n"
+ (passwordPresent ? "<Password Present> "
}
if (!initialized) {
initialize();
}
}
public static void initialize() {
if (debug.messageEnabled()) {
+ "Username and password from serverconfig.xml");
}
// reset so that internal users set will be reloaded later in time.
loadedInternalUsers = false;
// initialize caches.
// Get internal user names and passwords from serverconfig.xml
// %%% Might have to get them directory from DSConfigMgr %%%
// if other than "default" needs to be used
.doPrivileged(new AdminDNAction());
.doPrivileged(new AdminPasswordAction());
if (debug.messageEnabled()) {
+ "serviceconfig.xml: " + name);
}
initialized = true;
}
public boolean login() throws LoginException {
// Check if the user is already present
if (debug.messageEnabled()) {
}
// Check if we have username and password, if not send callbacks
// Request for both username and password
try {
if (debug.messageEnabled()) {
+ "Name & Password Callback");
}
} catch (UnsupportedCallbackException e) {
throw (new LoginException(e.getMessage()));
} catch (IOException ioe) {
}
}
}
// Authenticate the user, return false is username or password is null
boolean authenticated = false;
if (debug.messageEnabled()) {
}
} else {
// Load the internal users and try to get userDN
}
}
// Need to make sure userDN is not null, since this
// be set in the subject
// Get the hashed password for the user
if (cachedUserDN != null) {
if ((normalizedUserDN == null) ||
normalizeDN(cachedUserDN))) {
return false;
}
}
// Compare the hashed password
boolean invalidPassword = false;
if (debug.messageEnabled()) {
}
authenticated = true;
} else if (!loadedInternalUsers) {
// Load the internal users and compare hashed passwords
if (debug.messageEnabled()) {
+ "Loading internal users");
}
if (cachedUserDN != null) {
if ((normalizedUserDN == null) ||
normalizeDN(cachedUserDN))) {
if (debug.messageEnabled()) {
+ "Invalid User DN");
}
return false;
}
} else {
return false;
}
if (debug.messageEnabled()) {
+ "Success AuthN");
}
authenticated = true;
// Password must be invalid
invalidPassword = true;
}
// Password must be invalid
invalidPassword = true;
}
if (invalidPassword) {
throw (new InvalidPasswordException("invalid password",
userDN));
}
}
}
return (authenticated);
}
public boolean abort() throws LoginException {
// do nothing
return (true);
}
public boolean commit() throws LoginException {
// add username to Subject
if (debug.messageEnabled()) {
+ " to Subject");
}
if (principals.isEmpty()) {
}
return (true);
}
public boolean logout() throws LoginException {
// do nothing
return (true);
}
private static synchronized void loadInternalUsers() {
if (loadedInternalUsers) {
return;
}
// Get AdminSSOToken
try {
ssoToken);
ssoToken);
.hasNext();) {
// Add root suffix, if revision is greater than 30
// In the case of upgrade the DN will have the suffix
// Hence check if it ends with SMS root suffix
// Replace only if the they are different
SMSEntry.getAMSdkBaseDN())) {
}
} else {
}
}
}
}
if (debug.messageEnabled()) {
+ "Added user: " + name);
}
}
loadedInternalUsers = true;
// Setup listeners
if (!registeredCallbackHandler) {
registeredCallbackHandler = true;
}
} catch (Exception e) {
// Handle the exception
}
}
// Add the DN
// Add the "name"
}
// Inner class for receiving SMS notifications
static class SMSAuthModuleListener implements ServiceListener {
// Do nothing
if (debug.messageEnabled()) {
}
}
// Ignore
if (debug.messageEnabled()) {
}
}
if (debug.messageEnabled()) {
}
// Force the loading of internal users
loadedInternalUsers = false;
}
}
// Ignore
if (debug.messageEnabled()) {
}
}
}
}