geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hogst...@apache.org
Subject svn commit: r357439 - in /geronimo/trunk/modules: jetty/src/java/org/apache/geronimo/jetty/ security/src/java/org/apache/geronimo/security/jaas/client/ tomcat/src/java/org/apache/geronimo/tomcat/realm/
Date Sun, 18 Dec 2005 05:36:35 GMT
Author: hogstrom
Date: Sat Dec 17 21:36:22 2005
New Revision: 357439

URL: http://svn.apache.org/viewcvs?rev=357439&view=rev
Log:
GERONIMO-1375 Login should not produce stack trace

Modified:
    geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JAASJettyRealm.java
    geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/ServerLoginProxy.java
    geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java

Modified: geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JAASJettyRealm.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JAASJettyRealm.java?rev=357439&r1=357438&r2=357439&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JAASJettyRealm.java (original)
+++ geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JAASJettyRealm.java Sat
Dec 17 21:36:22 2005
@@ -62,48 +62,57 @@
 
     public Principal authenticate(String username, Object credentials, HttpRequest request)
{
         try {
-            JAASJettyPrincipal userPrincipal = (JAASJettyPrincipal) userMap.get(username);
+            if ( (username!=null) && (!username.equals("")) ) {
 
-            //user has been previously authenticated, but
-            //re-authentication has been requested, so remove them
-            if (userPrincipal != null) {
-                userMap.remove(username);
-            }
+                JAASJettyPrincipal userPrincipal = (JAASJettyPrincipal) userMap.get(username);
 
-            ClearableCallbackHandler callbackHandler;
-            if (credentials instanceof char[]) {
-                char[] password = (char[]) credentials;
-                callbackHandler = new PasswordCallbackHandler(username, password);
-            } else if (credentials instanceof String) {
-                char[] password = ((String) credentials).toCharArray();
-                callbackHandler = new PasswordCallbackHandler(username, password);
-            } else if (credentials instanceof X509Certificate[]) {
-                X509Certificate[] certs = (X509Certificate[]) credentials;
-                if (certs.length < 1) {
-                    throw new LoginException("no certificates supplied");
+                //user has been previously authenticated, but
+                //re-authentication has been requested, so remove them
+                if (userPrincipal != null) {
+                    userMap.remove(username);
+                }
+
+                ClearableCallbackHandler callbackHandler;
+                if (credentials instanceof char[]) {
+                    char[] password = (char[]) credentials;
+                    callbackHandler = new PasswordCallbackHandler(username, password);
+                } else if (credentials instanceof String) {
+                    char[] password = ((String) credentials).toCharArray();
+                    callbackHandler = new PasswordCallbackHandler(username, password);
+                } else if (credentials instanceof X509Certificate[]) {
+                    X509Certificate[] certs = (X509Certificate[]) credentials;
+                    if (certs.length < 1) {
+                        throw new LoginException("no certificates supplied");
+                    }
+                    callbackHandler = new CertificateCallbackHandler(certs[0]);
+                } else {
+                    throw new LoginException("Cannot extract credentials from class: " +
credentials.getClass().getName());
                 }
-                callbackHandler = new CertificateCallbackHandler(certs[0]);
-            } else {
-                throw new LoginException("Cannot extract credentials from class: " + credentials.getClass().getName());
-            }
 
-            //set up the login context
-            LoginContext loginContext = new LoginContext(loginDomainName, callbackHandler);
-            loginContext.login();
-            callbackHandler.clear();
+                //set up the login context
+                LoginContext loginContext = new LoginContext(loginDomainName, callbackHandler);
+                loginContext.login();
+                callbackHandler.clear();
 
-            Subject subject = ContextManager.getServerSideSubject(loginContext.getSubject());
-            ContextManager.setCurrentCaller(subject);
+                Subject subject = ContextManager.getServerSideSubject(loginContext.getSubject());
+                ContextManager.setCurrentCaller(subject);
 
-            //login success
-            userPrincipal = new JAASJettyPrincipal(username);
-            userPrincipal.setSubject(subject);
+                //login success
+                userPrincipal = new JAASJettyPrincipal(username);
+                userPrincipal.setSubject(subject);
 
-            userMap.put(username, userPrincipal);
+                userMap.put(username, userPrincipal);
+
+                return userPrincipal;
+            }
+            else {
+                log.debug("Login Failed - null userID");
+                return null;
+            }
 
-            return userPrincipal;
         } catch (LoginException e) {
-            log.warn("Login Failed", e);
+//          log.warn("Login Failed", e);
+            log.debug("Login Failed", e);
             return null;
         }
     }

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/ServerLoginProxy.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/ServerLoginProxy.java?rev=357439&r1=357438&r2=357439&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/ServerLoginProxy.java
(original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/ServerLoginProxy.java
Sat Dec 17 21:36:22 2005
@@ -21,6 +21,7 @@
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.LoginException;
+import javax.security.auth.login.FailedLoginException;
 
 import org.apache.geronimo.security.jaas.server.JaasSessionId;
 import org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean;
@@ -71,6 +72,8 @@
                 System.err.println("No callback handler available for " + callbacks.length
+ " callbacks!");
             }
             return service.performLogin(sessionHandle, lmIndex, callbacks);
+        } catch (FailedLoginException e) {
+            throw e;
         } catch (Exception e) {
             LoginException le = new LoginException("Error filling callback list");
             le.initCause(e);

Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java?rev=357439&r1=357438&r2=357439&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
(original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
Sat Dec 17 21:36:22 2005
@@ -337,92 +337,100 @@
 
         // Establish a LoginContext to use for authentication
         try {
-            LoginContext loginContext = null;
-            if (appName == null)
-                appName = "Tomcat";
-
-            if (log.isDebugEnabled())
-                log.debug(sm.getString("jaasRealm.beginLogin", principalName, appName));
-
-            // What if the LoginModule is in the container class loader ?
-            ClassLoader ocl = null;
-
-            if (isUseContextClassLoader()) {
-                ocl = Thread.currentThread().getContextClassLoader();
-                Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader());
-            }
-
-            try {
-                loginContext = new LoginContext(appName, callbackHandler);
-            } catch (Throwable e) {
-                log.error(sm.getString("jaasRealm.unexpectedError"), e);
-                return (null);
-            } finally {
-                if (isUseContextClassLoader()) {
-                    Thread.currentThread().setContextClassLoader(ocl);
-                }
-            }
-
-            if (log.isDebugEnabled())
-                log.debug("Login context created " + principalName);
 
-            // Negotiate a login via this LoginContext
-            Subject subject = null;
-            try {
-                loginContext.login();
-                Subject tempSubject = loginContext.getSubject();
-                if (tempSubject == null) {
-                    if (log.isDebugEnabled())
-                        log.debug(sm.getString("jaasRealm.failedLogin", principalName));
-                    return (null);
-                }
-
-                subject = ContextManager.getServerSideSubject(tempSubject);
-                if (subject == null) {
-                    if (log.isDebugEnabled())
-                        log.debug(sm.getString("jaasRealm.failedLogin", principalName));
-                    return (null);
-                }
+            if ( (principalName!=null) && (!principalName.equals("")) ) {
+              LoginContext loginContext = null;
+              if (appName == null)
+                  appName = "Tomcat";
+
+              if (log.isDebugEnabled())
+                  log.debug(sm.getString("jaasRealm.beginLogin", principalName, appName));
+
+              // What if the LoginModule is in the container class loader ?
+              ClassLoader ocl = null;
+
+              if (isUseContextClassLoader()) {
+                  ocl = Thread.currentThread().getContextClassLoader();
+                  Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader());
+              }
+
+              try {
+                  loginContext = new LoginContext(appName, callbackHandler);
+              } catch (Throwable e) {
+                  log.error(sm.getString("jaasRealm.unexpectedError"), e);
+                  return (null);
+              } finally {
+                  if (isUseContextClassLoader()) {
+                      Thread.currentThread().setContextClassLoader(ocl);
+                  }
+              }
+
+              if (log.isDebugEnabled())
+                  log.debug("Login context created " + principalName);
+
+              // Negotiate a login via this LoginContext
+              Subject subject = null;
+              try {
+                  loginContext.login();
+                  Subject tempSubject = loginContext.getSubject();
+                  if (tempSubject == null) {
+                      if (log.isDebugEnabled())
+                          log.debug(sm.getString("jaasRealm.failedLogin", principalName));
+                      return (null);
+                  }
+
+                  subject = ContextManager.getServerSideSubject(tempSubject);
+                  if (subject == null) {
+                      if (log.isDebugEnabled())
+                          log.debug(sm.getString("jaasRealm.failedLogin", principalName));
+                      return (null);
+                  }
+
+                  ContextManager.setCurrentCaller(subject);
+
+              } catch (AccountExpiredException e) {
+                  if (log.isDebugEnabled())
+                      log.debug(sm.getString("jaasRealm.accountExpired", principalName));
+                  return (null);
+              } catch (CredentialExpiredException e) {
+                  if (log.isDebugEnabled())
+                      log.debug(sm.getString("jaasRealm.credentialExpired", principalName));
+                  return (null);
+              } catch (FailedLoginException e) {
+                  if (log.isDebugEnabled())
+                      log.debug(sm.getString("jaasRealm.failedLogin", principalName));
+                  return (null);
+              } catch (LoginException e) {
+                  log.warn(sm.getString("jaasRealm.loginException", principalName), e);
+                  return (null);
+              } catch (Throwable e) {
+                  log.error(sm.getString("jaasRealm.unexpectedError"), e);
+                  return (null);
+              }
+
+              if (log.isDebugEnabled())
+                  log.debug(sm.getString("jaasRealm.loginContextCreated", principalName));
+
+              // Return the appropriate Principal for this authenticated Subject
+  /*            Principal principal = createPrincipal(username, subject);
+              if (principal == null) {
+                  log.debug(sm.getString("jaasRealm.authenticateFailure", username));
+                  return (null);
+              }
+              if (log.isDebugEnabled()) {
+                  log.debug(sm.getString("jaasRealm.authenticateSuccess", username));
+              }
+  */
+              JAASTomcatPrincipal jaasPrincipal = new JAASTomcatPrincipal(principalName);
+              jaasPrincipal.setSubject(subject);
 
-                ContextManager.setCurrentCaller(subject);
-
-            } catch (AccountExpiredException e) {
-                if (log.isDebugEnabled())
-                    log.debug(sm.getString("jaasRealm.accountExpired", principalName));
-                return (null);
-            } catch (CredentialExpiredException e) {
-                if (log.isDebugEnabled())
-                    log.debug(sm.getString("jaasRealm.credentialExpired", principalName));
-                return (null);
-            } catch (FailedLoginException e) {
-                if (log.isDebugEnabled())
-                    log.debug(sm.getString("jaasRealm.failedLogin", principalName));
-                return (null);
-            } catch (LoginException e) {
-                log.warn(sm.getString("jaasRealm.loginException", principalName), e);
-                return (null);
-            } catch (Throwable e) {
-                log.error(sm.getString("jaasRealm.unexpectedError"), e);
-                return (null);
-            }
-
-            if (log.isDebugEnabled())
-                log.debug(sm.getString("jaasRealm.loginContextCreated", principalName));
-
-            // Return the appropriate Principal for this authenticated Subject
-/*            Principal principal = createPrincipal(username, subject);
-            if (principal == null) {
-                log.debug(sm.getString("jaasRealm.authenticateFailure", username));
-                return (null);
+              return (jaasPrincipal);
             }
-            if (log.isDebugEnabled()) {
-                log.debug(sm.getString("jaasRealm.authenticateSuccess", username));
+            else {
+                if (log.isDebugEnabled())
+                    log.debug("Login Failed - null userID");
+                return null;
             }
-*/
-            JAASTomcatPrincipal jaasPrincipal = new JAASTomcatPrincipal(principalName);
-            jaasPrincipal.setSubject(subject);
-
-            return (jaasPrincipal);
 
         } catch (Throwable t) {
             log.error("error ", t);



Mime
View raw message