00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025 package org.objectweb.cjdbc.controller.authentication;
00026
00027 import javax.management.remote.JMXAuthenticator;
00028 import javax.security.auth.Subject;
00029
00030 import org.objectweb.cjdbc.common.log.Trace;
00031
00032
00033
00034
00035
00036
00037
00038 public class PasswordAuthenticator implements JMXAuthenticator
00039
00040 {
00041
00042
00043
00044
00045
00046 public static final PasswordAuthenticator NO_AUTHENICATION = new PasswordAuthenticator(
00047 null, null);
00048
00049 static Trace logger = Trace
00050 .getLogger("org.objectweb.cjdbc.controller.authentication");
00051
00052 private String username;
00053 private String password;
00054
00055
00056
00057
00058
00059
00060
00061 public PasswordAuthenticator(String username, String password)
00062 {
00063 this.username = username;
00064 this.password = password;
00065 }
00066
00067
00068
00069
00070
00071
00072
00073
00074 public static Object createCredentials(String username, String password)
00075 {
00076 return new String[]{username, password};
00077 }
00078
00079
00080
00081
00082 public Subject authenticate(Object credentials) throws SecurityException
00083 {
00084 try
00085 {
00086 if (username == null && password == null)
00087 {
00088
00089 return new Subject();
00090 }
00091
00092 if (credentials == null)
00093 {
00094 throw new SecurityException("credentials are required");
00095 }
00096
00097 try
00098 {
00099 String[] credentialsArray = (String[]) credentials;
00100 if (username.equals(credentialsArray[0])
00101 && password.equals(credentialsArray[1]))
00102 {
00103
00104 if (logger.isDebugEnabled())
00105 {
00106 logger.debug("successfully authenitcated ");
00107 }
00108 return new Subject();
00109 }
00110 }
00111 catch (Exception e)
00112 {
00113
00114
00115 throw new SecurityException("problems with credentials object : "
00116 + e.getMessage());
00117 }
00118
00119
00120 throw new SecurityException("invalid credentials");
00121 }
00122 catch (SecurityException e)
00123 {
00124 logger.error(e.getMessage());
00125 try
00126 {
00127 String clientId = java.rmi.server.RemoteServer.getClientHost();
00128 logger.warn("refused unauthorized access for client " + clientId);
00129 }
00130 catch (Exception ex)
00131 {
00132
00133 }
00134 throw e;
00135 }
00136 }
00137 }