| /*=============================================================================# |
| # Copyright (c) 2009, 2018 Stephan Wahlbrink and others. |
| # |
| # This program and the accompanying materials are made available under the |
| # terms of the Eclipse Public License 2.0 which is available at |
| # https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 |
| # which is available at https://www.apache.org/licenses/LICENSE-2.0. |
| # |
| # SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 |
| # |
| # Contributors: |
| # Stephan Wahlbrink <sw@wahlbrink.eu> - initial API and implementation |
| #=============================================================================*/ |
| |
| package org.eclipse.statet.rj.server.srvext.auth; |
| |
| import javax.security.auth.callback.Callback; |
| import javax.security.auth.callback.NameCallback; |
| import javax.security.auth.callback.PasswordCallback; |
| import javax.security.auth.login.FailedLoginException; |
| import javax.security.auth.login.LoginException; |
| |
| import com.cenqua.shaj.Shaj; |
| |
| import org.eclipse.statet.rj.RjException; |
| import org.eclipse.statet.rj.server.srvext.ServerAuthMethod; |
| |
| |
| /** |
| * Authentication method 'local-shaj' |
| * to authenticate against local user account. |
| */ |
| public class LocalShajAuthMethod extends ServerAuthMethod { |
| |
| |
| private String[] users; |
| |
| |
| public LocalShajAuthMethod() { |
| super("local-shaj", true); |
| } |
| |
| |
| @Override |
| public void doInit(final String arg) throws RjException { |
| if (!Shaj.init()) { |
| throw new RjException("Initializing authentication failed:\n" + |
| "Initializing 'shaj'-library failed"); |
| } |
| this.users = new String[] { System.getProperty("user.name") }; |
| } |
| |
| @Override |
| protected Callback[] doCreateLogin() throws RjException { |
| return new Callback[] { |
| new NameCallback("Username"), |
| new PasswordCallback("Password", false), |
| }; |
| } |
| |
| @Override |
| protected String doPerformLogin(final Callback[] callbacks) throws LoginException, RjException { |
| final String loginName = ((NameCallback) callbacks[0]).getName(); |
| if (isValidUser(loginName)) { |
| final char[] loginPassword = ((PasswordCallback) callbacks[1]).getPassword(); |
| if (Shaj.checkPassword(null, loginName, new String(loginPassword))) { |
| return loginName; |
| } |
| } |
| throw new FailedLoginException("Invalid username or password"); |
| } |
| |
| private boolean isValidUser(final String user) { |
| for (final String s : this.users) { |
| if (s.equals(user)) { |
| return true; |
| } |
| } |
| return false; |
| } |
| |
| } |