Main Page | Packages | Class Hierarchy | Alphabetical List | Class List | File List | Class Members | Related Pages
src / org / objectweb / cjdbc / controller / authentication

PasswordAuthenticator.java

00001 /**
00002  * C-JDBC: Clustered JDBC.
00003  * Copyright (C) 2002-2004 French National Institute For Research In Computer
00004  * Science And Control (INRIA).
00005  * Contact: c-jdbc@objectweb.org
00006  * 
00007  * This library is free software; you can redistribute it and/or modify it
00008  * under the terms of the GNU Lesser General Public License as published by the
00009  * Free Software Foundation; either version 2.1 of the License, or any later
00010  * version.
00011  * 
00012  * This library is distributed in the hope that it will be useful, but WITHOUT
00013  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
00014  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
00015  * for more details.
00016  * 
00017  * You should have received a copy of the GNU Lesser General Public License
00018  * along with this library; if not, write to the Free Software Foundation,
00019  * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
00020  *
00021  * Initial developer(s): Marc Wick.
00022  * Contributor(s): ______________________.
00023  */
00024 
00025 package org.objectweb.cjdbc.controller.authentication;
00026 
00027 import javax.management.remote.JMXAuthenticator;
00028 import javax.security.auth.Subject;
00029 
00030 import org.objectweb.cjdbc.common.log.Trace;
00031 
00032 /**
00033  * This class defines a PasswordAuthenticator
00034  * 
00035  * @author <a href="mailto:marc.wick@monte-bre.ch">Marc Wick </a>
00036  * @version 1.0
00037  */
00038 public class PasswordAuthenticator implements JMXAuthenticator
00039 
00040 {
00041 
00042   /**
00043    * to enable subject delegation we use a dummy authentication even if none is
00044    * configured
00045    */
00046   public static final PasswordAuthenticator NO_AUTHENICATION = new PasswordAuthenticator(
00047                                                                  null, null);
00048 
00049   static Trace                              logger           = Trace
00050                                                                  .getLogger("org.objectweb.cjdbc.controller.authentication");
00051 
00052   private String                            username;
00053   private String                            password;
00054 
00055   /**
00056    * Creates a new <code>PasswordAuthenticator.java</code> object
00057    * 
00058    * @param username username/loginname
00059    * @param password password
00060    */
00061   public PasswordAuthenticator(String username, String password)
00062   {
00063     this.username = username;
00064     this.password = password;
00065   }
00066 
00067   /**
00068    * create a credentials object with the supplied username and password
00069    * 
00070    * @param username username
00071    * @param password password
00072    * @return credentials Object to be used for authentication,
00073    */
00074   public static Object createCredentials(String username, String password)
00075   {
00076     return new String[]{username, password};
00077   }
00078 
00079   /**
00080    * @see javax.management.remote.JMXAuthenticator#authenticate(java.lang.Object)
00081    */
00082   public Subject authenticate(Object credentials) throws SecurityException
00083   {
00084     try
00085     {
00086       if (username == null && password == null)
00087       {
00088         // no authentication is required we return
00089         return new Subject();
00090       }
00091 
00092       if (credentials == null)
00093       {
00094         throw new SecurityException("credentials are required");
00095       }
00096 
00097       try
00098       {
00099         String[] credentialsArray = (String[]) credentials;
00100         if (username.equals(credentialsArray[0])
00101             && password.equals(credentialsArray[1]))
00102         {
00103           // username and password are ok
00104           if (logger.isDebugEnabled())
00105           {
00106             logger.debug("successfully authenitcated ");
00107           }
00108           return new Subject();
00109         }
00110       }
00111       catch (Exception e)
00112       {
00113         // the credentials object makes problems, is was probably not created
00114         // with the createCredentials method
00115         throw new SecurityException("problems with credentials object : "
00116             + e.getMessage());
00117       }
00118 
00119       // username and password do not match
00120       throw new SecurityException("invalid credentials");
00121     }
00122     catch (SecurityException e)
00123     {
00124       logger.error(e.getMessage());
00125       try
00126       {
00127         String clientId = java.rmi.server.RemoteServer.getClientHost();
00128         logger.warn("refused unauthorized access for client " + clientId);
00129       }
00130       catch (Exception ex)
00131       {
00132 
00133       }
00134       throw e;
00135     }
00136   }
00137 }
Generated on Mon Apr 11 22:01:33 2005 for C-JDBC by  doxygen 1.3.9.1