WebSphere Portal Server - My Example Code

This is Interesting: Free IT Magazines  
Home > Archive > WebSphere Portal Server > December 2005 > My Example Code





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author My Example Code

2005-12-18, 2:49 am

Hi All!
This has been a very read thread. I guess that IBM should think about how to provide this for version 5. I have experieced some problems with the WSSubject that the credentials are not stored. However this seems to vary depending on installation - even if
all the versions are the same.

As I described in my previous post there are two ways to do this. Jaas login och replacing the WPS login command. The JAAS way is extendable and there fore the best choice. Register it under JAAS Configuration -> Application Logins PORTAL_LTPA with

proxy classname: com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy

OK. First this is how to read from WSSubject:
This is how you read the credential from the WSSubject. Note that
security must enabled with LTPA and add the loginmodule for
portal_ltpa. Don't change any property file...



Subject subj = null;
Credential element = null;
try {
subj = WSSubject.getCallerSubject();
} catch (WSSecurityException e) {
throw new NoCurrentUserException("Could not get WSSubject got exception", e);
}
System.out.println("WSSubject caller subject is " + subj);
if (subj != null) {
Set credSet = subj.getPrivateCredentials(MyCredential.class);
if (credSet == null) {
throw new NoCurrentUserException("PRIVATE CREDENTIALS are NULL"); // My own exception
}
if (credSet.size() < 1) {
throw new NoCurrentUserException(
"No private credentials on WSSubject. Size is "+ credSet.size());
}
for (Iterator iterator = credSet.iterator(); iterator.hasNext();) {
element = (Credential) iterator.next();
}
} else {
throw new NoCurrentUserException("WSSUbject is null");
}

if (element == null) {
throw new NoCurrentUserException(
"Credential was not found in WSSubject");
}
return element;
}

________________________________________
__________


Login module

import java.util.Map;
import java.util.Set;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/**
* @author Karin
*
* Jaas login module for retrieving the user's password and the userid.
* This module gets the password the user used to login and saves it in
* the WSSubject.
*/
public class PwdLoginModule implements LoginModule {
private Subject subject;
private CallbackHandler callbackHandler;
private Map sharedState;
private Map options;
private boolean loggedIn;
// configurable option
private boolean debug = false;

/**
*
*/

public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
System.out.println(" LoginModule Initialize");

this.subject = subject;
this.callbackHandler = callbackHandler;
this.sharedState = sharedState;
this.options = options;

// initialize any configured options
debug = "true".equalsIgnoreCase((String)options.get("debug"));
System.out.println(debug);
//System.out.println(callbackHandler.getClass().getName());
}

public PwdLoginModule() {
loggedIn = false;
sharedState = null;
callbackHandler = null;
subject = null;
options = null;
}

/* (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#abort()
*/
public boolean abort() throws LoginException {
//if(debug)
System.out.println("abort - Calling logout() to handle this. . .");
return logout();
}
/* (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#commit()
*/
public boolean commit() throws LoginException {
System.out.println(" LoginModule commit");
Callback[] callBacks =
(Callback [])sharedState.get("MY_PWD_CALLBACK");
Credential credential = new Credential(callBacks);
Set credentials = subject.getPrivateCredentials();
credentials.add(credential);
System.out.println("commit - PasswordCredential Successfully added to the Private Credential set.");
return true;
}

/* (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#login()
*/
public boolean login() throws LoginException {
Callback callbacks[] = new Callback[2];
try
{
System.out.println(" LoginModule login");
callbacks[0] = new NameCallback("Username: ");
//callbacks[0] =
callbacks[1] = new PasswordCallback("Password: ", false);
callbackHandler.handle(callbacks);
String userName = new String(((NameCallback) callbacks[0]).getName());
String tmpPassword = new String(((PasswordCallback) callbacks[1]).getPassword());
System.out.println("In JAAS Module -> USERNAME = " + userName + " PASSWORD " + tmpPassword);
//if(debug)
System.out.println("login - Callback request fulfilled. . . Results: ");
}
catch(Exception ioe)
{
//if(debug)
System.out.println("login - IOException from the CallbackHandler, how possible?");
loggedIn = false;
ioe.printStackTrace();
//throw new FailedLoginException("Unable to retrieve the Password Information from the CallbackHandler");
}
System.out.println(" Map Size -> " + sharedState.size());
try
{
sharedState.put("MY_PWD_CALLBACK", callbacks);
loggedIn = true;
}
catch(RuntimeException e)
{
//if(debug)
System.out.println("login - Runtime Exception adding the Password Info to the shared state, how possible?");
loggedIn = false;
throw new FailedLoginException("Unable to add the WebSeal Request Information to the shared state");
}

System.out.println(" login - Exit");
return loggedIn;
}


/* (non-Javadoc)
* @see javax.security.auth.spi.LoginModule#logout()
*/
public boolean logout() throws LoginException {
System.out.println("logout");
if(!loggedIn)
{
System.out.println("logout - Exit");
return false;
}
try
{
sharedState.remove("MY_PWD_CALLBACK");
}
catch(UnsupportedOperationException e)
{
System.out.println("logout - Could not remove the Password Callback from the shared state, the operation is not supported!");
throw new FailedLoginException("Unable to remove the Password Callback from the shared state.");
}
return true;
}
}

_______________________

Help class for credentials

package default;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.Callback;


/**
* Credentials used to store userid and password from LoginModule.
* @author karin
*
*/
public class Credential {
String userName = null;
String password = null;

public Credential(Callback[] callbacks) {
System.out.println("Credential init");
userName = new String(((NameCallback) callbacks[0]).getName());
password = new String(((PasswordCallback) callbacks[1]).getPassword());
}

/**
* Gets the user's login name.
* @return user's login id
*/
public String getUserName() {
return userName;
}
/**
* The password that was used to login.
* @return password
*/
public String getPassword() {
return password;
}
}
________________________________

That's it!
If you feel that this has helped you. Please take the time to answer posts on this forum and to share your solutions. It would also be nice if you took extra care of my posts ;-).

I would like us to be able to share more advanced issues and it all depends on if we take the time of our buzy schedules to help eachother out.

Good luck!
/Karin from Stockholm
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com