CJDBCversion1.0.4: src/org/objectweb/cjdbc/controller/authentication/PasswordAuthenticator.java ソースファイル

00001 00025 package org.objectweb.cjdbc.controller.authentication; 00026 00027 import javax.management.remote.JMXAuthenticator; 00028 import javax.security.auth.Subject; 00029 00030 import org.objectweb.cjdbc.common.log.Trace; 00031 00038 public class PasswordAuthenticator implements JMXAuthenticator 00039 00040 { 00041 00046 public static final PasswordAuthenticator NO_AUTHENICATION = new PasswordAuthenticator( 00047 null, null); 00048 00049 static Trace logger = Trace 00050 .getLogger("org.objectweb.cjdbc.controller.authentication"); 00051 00052 private String username; 00053 private String password; 00054 00061 public PasswordAuthenticator(String username, String password) 00062 { 00063 this.username = username; 00064 this.password = password; 00065 } 00066 00074 public static Object createCredentials(String username, String password) 00075 { 00076 return new String[]{username, password}; 00077 } 00078 00082 public Subject authenticate(Object credentials) throws SecurityException 00083 { 00084 try 00085 { 00086 if (username == null && password == null) 00087 { 00088 // no authentication is required we return 00089 return new Subject(); 00090 } 00091 00092 if (credentials == null) 00093 { 00094 throw new SecurityException("credentials are required"); 00095 } 00096 00097 try 00098 { 00099 String[] credentialsArray = (String[]) credentials; 00100 if (username.equals(credentialsArray[0]) 00101 && password.equals(credentialsArray[1])) 00102 { 00103 // username and password are ok 00104 if (logger.isDebugEnabled()) 00105 { 00106 logger.debug("successfully authenitcated "); 00107 } 00108 return new Subject(); 00109 } 00110 } 00111 catch (Exception e) 00112 { 00113 // the credentials object makes problems, is was probably not created 00114 // with the createCredentials method 00115 throw new SecurityException("problems with credentials object : " 00116 + e.getMessage()); 00117 } 00118 00119 // username and password do not match 00120 throw new SecurityException("invalid credentials"); 00121 } 00122 catch (SecurityException e) 00123 { 00124 logger.error(e.getMessage()); 00125 try 00126 { 00127 String clientId = java.rmi.server.RemoteServer.getClientHost(); 00128 logger.warn("refused unauthorized access for client " + clientId); 00129 } 00130 catch (Exception ex) 00131 { 00132 00133 } 00134 throw e; 00135 } 00136 } 00137 }