geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jdil...@apache.org
Subject svn commit: r580729 - in /geronimo/sandbox/gshell/trunk/gshell-remote: gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/ gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/ gshell-remote-client/s...
Date Sun, 30 Sep 2007 14:31:39 GMT
Author: jdillon
Date: Sun Sep 30 07:31:37 2007
New Revision: 580729

URL: http://svn.apache.org/viewvc?rev=580729&view=rev
Log:
Tidy up some more security things, still not really sure what I'm doing...

Added:
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/Identity.java
      - copied, changed from r580717, geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/GroupPrincipal.java
Modified:
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshClient.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshCommand.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/ClientPrincipal.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/RemoteLoginModule.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientMessageHandlerSupport.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientSessionContext.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/UsernamePasswordCallbackHandler.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/ConnectMessage.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/LoginMessage.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/RshServer.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/auth/BogusLoginModule.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ConnectHandler.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/LoginHandler.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerMessageHandlerSupport.java
    geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerSessionContext.java

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshClient.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshClient.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshClient.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshClient.java
Sun Sep 30 07:31:37 2007
@@ -22,10 +22,8 @@
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.net.URI;
-import java.security.PublicKey;
 import java.util.List;
 
-import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.LoginContext;
 
@@ -106,32 +104,44 @@
     }
 
     public void login(final String username, final String password) throws Exception {
-        assert username != null;
-        assert password != null;
+        doHandshake();
+        doLogin(username, password);
+    }
 
-        log.debug("Starting handshake", username);
+    private void doHandshake() throws Exception {
+        log.debug("Handshaking");
 
-        Message response;
+        ClientSessionContext context = ClientSessionContext.BINDER.lookup(transport.getSession());
 
-        response = transport.request(new ConnectMessage(crypto.getPublicKey()));
+        Message response = transport.request(new ConnectMessage(crypto.getPublicKey()));
 
-        PublicKey serverKey = ((ConnectMessage.Result)response).getPublicKey();
+        if (response instanceof ConnectMessage.Result) {
+            ConnectMessage.Result result = (ConnectMessage.Result)response;
+            context.pk = result.getPublicKey();
+        }
+        else {
+            throw new InternalError("Unexpected handshake response: " + response);
+        }
+    }
 
+    private void doLogin(final String username, final String password) throws Exception {
         log.debug("Logging in: {}", username);
-        
+
+        ClientSessionContext context = ClientSessionContext.BINDER.lookup(transport.getSession());
+
         CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler(username, password);
         LoginContext loginContext = new LoginContext("RshClient", callbackHandler);
 
         RemoteLoginModule.setTransport(transport);
         try {
             loginContext.login();
-
-            Subject subject = loginContext.getSubject();
-            log.debug("Subject: {}", subject);
         }
         finally {
             RemoteLoginModule.unsetTransport();
         }
+
+        context.subject = loginContext.getSubject();
+        log.debug("Subject: {}", context.subject);
     }
     
     public void echo(final String text) throws Exception {

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshCommand.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshCommand.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshCommand.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/RshCommand.java
Sun Sep 30 07:31:37 2007
@@ -19,19 +19,18 @@
 
 package org.apache.geronimo.gshell.remote.client;
 
+import java.io.PrintWriter;
 import java.net.URI;
 import java.util.ArrayList;
 import java.util.List;
-import java.io.PrintWriter;
 
-import jline.Terminal;
 import jline.ConsoleReader;
+import jline.Terminal;
 import org.apache.geronimo.gshell.ExitNotification;
 import org.apache.geronimo.gshell.clp.Argument;
 import org.apache.geronimo.gshell.clp.Option;
 import org.apache.geronimo.gshell.command.CommandSupport;
 import org.apache.geronimo.gshell.command.annotation.CommandComponent;
-import org.apache.geronimo.gshell.remote.message.EchoMessage;
 import org.codehaus.plexus.component.annotations.Requirement;
 
 /**

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/ClientPrincipal.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/ClientPrincipal.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/ClientPrincipal.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/ClientPrincipal.java
Sun Sep 30 07:31:37 2007
@@ -1,7 +1,7 @@
 package org.apache.geronimo.gshell.remote.client.auth;
 
-import java.security.Principal;
 import java.io.Serializable;
+import java.security.Principal;
 
 import org.apache.geronimo.gshell.common.tostring.ReflectionToStringBuilder;
 import org.apache.geronimo.gshell.common.tostring.ToStringStyle;

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/RemoteLoginModule.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/RemoteLoginModule.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/RemoteLoginModule.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/auth/RemoteLoginModule.java
Sun Sep 30 07:31:37 2007
@@ -63,15 +63,13 @@
         this.callbackHandler = callbackHandler;
     }
 
-    private void clear() {
+    private void reset() {
         username = null;
         clientIdentity = null;
         principal = null;
     }
 
     public boolean login() throws LoginException {
-        log.debug("Login");
-
         // Get a handle on our transport
         Transport transport = getTransport();
 
@@ -97,22 +95,16 @@
         // Send the login message
         Message response;
         try {
-            //
-            // TODO: Encrypt the username/password with our private key here?  Or should
that be done in the callback?
-            //
-
-            response = transport.request(new LoginMessage(username, new String(password)));
+            response = transport.request(new LoginMessage(username, password));
         }
         catch (Exception e) {
             throw new LoginException(e.getMessage());
         }
 
         if (response instanceof LoginMessage.Success) {
-            log.debug("Login successful");
-
             clientIdentity = ((LoginMessage.Success)response).getToken();
 
-            log.debug("Using client identity: {}", clientIdentity);
+            log.debug("Client identity: {}", clientIdentity);
         }
         else if (response instanceof LoginMessage.Failure) {
             LoginMessage.Failure failure = (LoginMessage.Failure)response;
@@ -124,11 +116,9 @@
     }
 
     public boolean commit() throws LoginException {
-        log.debug("Commit");
-
         principal = new ClientPrincipal(username, clientIdentity);
 
-        log.debug("Created principal: {}", principal);
+        log.debug("Principal: {}", principal);
 
         subject.getPrincipals().add(principal);
 
@@ -136,16 +126,12 @@
     }
 
     public boolean abort() throws LoginException {
-        log.debug("Abort");
-
-        clear();
+        reset();
 
         return true;
     }
 
     public boolean logout() throws LoginException {
-        log.debug("Logout");
-        
         subject.getPrincipals().remove(principal);
 
         return true;

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientMessageHandlerSupport.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientMessageHandlerSupport.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientMessageHandlerSupport.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientMessageHandlerSupport.java
Sun Sep 30 07:31:37 2007
@@ -37,8 +37,6 @@
     }
 
     public void messageReceived(final IoSession session, final T message) throws Exception
{
-        log.debug("Processing: {}", message);
-
         ClientSessionContext context = ClientSessionContext.BINDER.lookup(session);
 
         handle(session, context, message);

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientSessionContext.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientSessionContext.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientSessionContext.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-client/src/main/java/org/apache/geronimo/gshell/remote/client/handler/ClientSessionContext.java
Sun Sep 30 07:31:37 2007
@@ -19,6 +19,10 @@
 
 package org.apache.geronimo.gshell.remote.client.handler;
 
+import java.security.PublicKey;
+
+import javax.security.auth.Subject;
+
 import org.apache.geronimo.gshell.whisper.session.SessionAttributeBinder;
 
 /**
@@ -29,4 +33,9 @@
 public class ClientSessionContext
 {
     public static final SessionAttributeBinder<ClientSessionContext> BINDER = new SessionAttributeBinder<ClientSessionContext>(ClientSessionContext.class);
+
+    /** The server's public key. */
+    public PublicKey pk;
+
+    public Subject subject;
 }

Copied: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/Identity.java
(from r580717, geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/GroupPrincipal.java)
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/Identity.java?p2=geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/Identity.java&p1=geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/GroupPrincipal.java&r1=580717&r2=580729&rev=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/GroupPrincipal.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/Identity.java
Sun Sep 30 07:31:37 2007
@@ -19,7 +19,9 @@
 
 package org.apache.geronimo.gshell.remote.jaas;
 
-import java.security.Principal;
+import java.util.UUID;
+
+import javax.security.auth.Subject;
 
 import org.apache.geronimo.gshell.common.tostring.ReflectionToStringBuilder;
 import org.apache.geronimo.gshell.common.tostring.ToStringStyle;
@@ -29,32 +31,25 @@
  *
  * @version $Rev$ $Date$
  */
-public class GroupPrincipal
-    implements Principal
+public class Identity
 {
-    private final String name;
+    private final Subject subject;
 
-    public GroupPrincipal(final String name) {
-        assert name != null;
+    private final UUID token;
 
-        this.name = name;
-    }
+    public Identity(final Subject subject) {
+        assert subject != null;
 
-    public String getName() {
-        return name;
+        this.subject = subject;
+        this.token = UUID.randomUUID();
     }
 
-    public boolean equals(final Object obj) {
-        if (this == obj) return true;
-        if (obj == null || getClass() != obj.getClass()) return false;
-
-        final GroupPrincipal that = (GroupPrincipal) obj;
-
-        return name.equals(that.name);
+    public Subject getSubject() {
+        return subject;
     }
 
-    public int hashCode() {
-        return name.hashCode();
+    public UUID getToken() {
+        return token;
     }
 
     public String toString() {

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/UsernamePasswordCallbackHandler.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/UsernamePasswordCallbackHandler.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/UsernamePasswordCallbackHandler.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/jaas/UsernamePasswordCallbackHandler.java
Sun Sep 30 07:31:37 2007
@@ -37,13 +37,24 @@
 {
     private final String username;
 
-    private final String password;
+    private final char[] password;
 
-    public UsernamePasswordCallbackHandler(final String username, final String password)
{
+    public UsernamePasswordCallbackHandler(final String username, final char[] password)
{
         this.username = username;
         this.password = password;
     }
 
+    public UsernamePasswordCallbackHandler(final String username, final String password)
{
+        this.username = username;
+
+        if (password != null) {
+            this.password = password.toCharArray();
+        }
+        else {
+            this.password = null;
+        }
+    }
+
     public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
         for (Callback callback : callbacks) {
             if (callback instanceof NameCallback) {
@@ -55,7 +66,7 @@
                 PasswordCallback pc = (PasswordCallback)callback;
 
                 if (password != null) {
-                    pc.setPassword(password.toCharArray());
+                    pc.setPassword(password);
                 }
                 else {
                     pc.setPassword(null);

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/ConnectMessage.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/ConnectMessage.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/ConnectMessage.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/ConnectMessage.java
Sun Sep 30 07:31:37 2007
@@ -20,10 +20,9 @@
 package org.apache.geronimo.gshell.remote.message;
 
 import java.security.PublicKey;
-import java.util.UUID;
 
 /**
- * Initial client to server message to initiate the connection.
+ * ???
  *
  * @version $Rev$ $Date$
  */
@@ -58,68 +57,11 @@
         this.publicKey = publicKey;
     }
 
-    /*
-    public void readExternal(final ByteBuffer in) throws Exception {
-        assert in != null;
-
-        super.readExternal(in);
-
-        byte[] bytes = Marshaller.readBytes(in);
-        
-        if (bytes == null) {
-            throw new IllegalStateException();
-        }
-
-        publicKey = getCryptoContext().deserializePublicKey(bytes);
-    }
-
-    public void writeExternal(final ByteBuffer out) throws Exception {
-        assert out != null;
-
-        super.writeExternal(out);
-
-        Marshaller.writeBytes(out, getPublicKey().getEncoded());
-    }
-    */
-
-    /**
-     * Indicates the first part of the connection handshake was successful.
-     */
     public static class Result
         extends ConnectMessage
     {
-        private UUID clientId;
-
-        public Result(final UUID clientId, final PublicKey serverKey) {
+        public Result(final PublicKey serverKey) {
             super(Type.CONNECT_RESULT, serverKey);
-
-            this.clientId = clientId;
-        }
-
-        public Result() {
-            this(null, null);
-        }
-
-        public UUID getClientID() {
-            return clientId;
-        }
-
-        /*
-        public void readExternal(final ByteBuffer in) throws Exception {
-            assert in != null;
-
-            super.readExternal(in);
-
-            clientId = Marshaller.readUuid(in);
-        }
-
-        public void writeExternal(final ByteBuffer out) throws Exception {
-            assert out != null;
-
-            super.writeExternal(out);
-
-            Marshaller.writeUuid(out, clientId);
         }
-        */
     }
 }

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/LoginMessage.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/LoginMessage.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/LoginMessage.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-common/src/main/java/org/apache/geronimo/gshell/remote/message/LoginMessage.java
Sun Sep 30 07:31:37 2007
@@ -19,9 +19,11 @@
 
 package org.apache.geronimo.gshell.remote.message;
 
-import java.security.PublicKey;
 import java.io.Serializable;
 
+import org.apache.geronimo.gshell.common.tostring.ReflectionToStringBuilder;
+import org.apache.geronimo.gshell.common.tostring.ToStringStyle;
+
 /**
  * Contains the user authentication details which the client will pass to the server after
the
  * authetication of the connection has been established.
@@ -33,58 +35,41 @@
 {
     private String username;
 
-    private String password;
+    private char[] password;
 
-    public LoginMessage(final String username, final String password) {
+    private String realm;
+    
+    public LoginMessage(final String username, final char[] password, final String realm)
{
         super(Type.LOGIN);
 
         this.username = username;
         
         this.password = password;
+
+        this.realm = realm;
     }
 
-    /*
-    public String toString() {
-        return createToStringBuilder()
-                .append("username", username)
-                .append("password", StringUtils.repeat("*", password.length()))
-                .toString();
+    public LoginMessage(final String username, final char[] password) {
+        this(username, password, null);
     }
-    */
 
+    public String toString() {
+        return new ReflectionToStringBuilder(this, ToStringStyle.SHORT_PREFIX_STYLE)
+                .setExcludeFieldNames(new String[] { "password" }).toString();
+    }
+    
     public String getUsername() {
         return username;
     }
 
-    public String getPassword() {
+    public char[] getPassword() {
         return password;
     }
 
-    /*
-    public void readExternal(final ByteBuffer in) throws Exception {
-        assert in != null;
-
-        super.readExternal(in);
-
-        username = decryptString(in);
-
-        password = decryptString(in);
+    public String getRealm() {
+        return realm;
     }
 
-    public void writeExternal(final ByteBuffer out) throws Exception {
-        assert out != null;
-
-        super.writeExternal(out);
-
-        encryptString(out, serverKey, username);
-
-        encryptString(out, serverKey, password);
-    }
-    */
-
-    /**
-     * Response for login messages which were sucessful.
-     */
     public static class Success
         extends RshMessage
     {
@@ -101,9 +86,6 @@
         }
     }
 
-    /**
-     * Response for login messages which have failed.
-     */
     public static class Failure
         extends RshMessage
     {
@@ -122,23 +104,5 @@
         public String getReason() {
             return reason;
         }
-
-        /*
-        public void readExternal(final ByteBuffer in) throws Exception {
-            assert in != null;
-
-            super.readExternal(in);
-
-            reason = Marshaller.readString(in);
-        }
-
-        public void writeExternal(final ByteBuffer out) throws Exception {
-            assert out != null;
-
-            super.writeExternal(out);
-
-            Marshaller.writeString(out, reason);
-        }
-        */
     }
 }

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/RshServer.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/RshServer.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/RshServer.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/RshServer.java
Sun Sep 30 07:31:37 2007
@@ -126,7 +126,7 @@
 
             // Install the session context
             ServerSessionContext context = ServerSessionContext.BINDER.bind(session, new
ServerSessionContext());
-            log.debug("Created session context: {}", context.id);
+            log.debug("Created session context: {}", context);
             
             // Schedule a task to timeout the handshake process
             timeoutManager.scheduleTimeout(session, AUTH_TIMEOUT, new Runnable() {
@@ -143,7 +143,7 @@
             assert session != null;
 
             ServerSessionContext context = ServerSessionContext.BINDER.unbind(session);
-            log.debug("Removed session context: {}", context.id);
+            log.debug("Removed session context: {}", context);
         }
     }
 }

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/auth/BogusLoginModule.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/auth/BogusLoginModule.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/auth/BogusLoginModule.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/auth/BogusLoginModule.java
Sun Sep 30 07:31:37 2007
@@ -34,9 +34,9 @@
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
+import org.apache.geronimo.gshell.remote.jaas.UserPrincipal;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.apache.geronimo.gshell.remote.jaas.UserPrincipal;
 
 /**
  * ???
@@ -61,13 +61,11 @@
         this.callbackHandler = callbackHandler;
     }
 
-    private void clear() {
+    private void reset() {
         username = null;
     }
 
     public boolean login() throws LoginException {
-        log.debug("Login");
-
         // Process the username + password callbacks
         Callback[] callbacks = {
             new NameCallback("Username: "),
@@ -98,33 +96,27 @@
     }
 
     public boolean commit() throws LoginException {
-        log.debug("Commit");
-
         principals.add(new UserPrincipal(username));
 
         subject.getPrincipals().addAll(principals);
 
-        clear();
+        reset();
 
         return true;
     }
 
     public boolean abort() throws LoginException {
-        log.debug("Abort");
-
-        clear();
+        reset();
 
         return true;
     }
 
     public boolean logout() throws LoginException {
-        log.debug("Logout");
-
         subject.getPrincipals().removeAll(principals);
 
         principals.clear();
 
-        clear();
+        reset();
 
         return true;
     }

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ConnectHandler.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ConnectHandler.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ConnectHandler.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ConnectHandler.java
Sun Sep 30 07:31:37 2007
@@ -57,7 +57,7 @@
             context.pk = message.getPublicKey();
 
             // Reply to the client with some details about the connection
-            ConnectMessage.Result reply = new ConnectMessage.Result(context.id, crypto.getPublicKey());
+            ConnectMessage.Result reply = new ConnectMessage.Result(crypto.getPublicKey());
             reply.setCorrelationId(message.getId());
             session.write(reply);
 

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/LoginHandler.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/LoginHandler.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/LoginHandler.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/LoginHandler.java
Sun Sep 30 07:31:37 2007
@@ -19,15 +19,13 @@
 
 package org.apache.geronimo.gshell.remote.server.handler;
 
-import java.io.Serializable;
-import java.util.UUID;
-
 import javax.security.auth.Subject;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
-import org.apache.geronimo.gshell.remote.jaas.UsernamePasswordCallbackHandler;
+import org.apache.geronimo.gshell.remote.jaas.Identity;
 import org.apache.geronimo.gshell.remote.jaas.JaasConfigurationHelper;
+import org.apache.geronimo.gshell.remote.jaas.UsernamePasswordCallbackHandler;
 import org.apache.geronimo.gshell.remote.message.LoginMessage;
 import org.apache.geronimo.gshell.remote.message.RshMessage;
 import org.apache.geronimo.gshell.remote.server.timeout.TimeoutManager;
@@ -64,32 +62,30 @@
             log.warn("Aborting login processing; timeout has triggered");
         }
         else {
-            String realm = "BogusLogin";
+            String realm = message.getRealm();
+            if (realm == null) {
+                realm = "BogusLogin";
+            }
+
             String username = message.getUsername();
-            String password = message.getPassword();
+            char[] password = message.getPassword();
 
             try {
                 LoginContext loginContext = new LoginContext(realm, new UsernamePasswordCallbackHandler(username,
password));
                 loginContext.login();
-                
-                Subject subject = loginContext.getSubject();
-                Identity identity = new Identity(subject);
-
-                log.debug("Created client identity: {}", identity.getToken());
 
-                //
-                // TODO: Hold onto the subject, identity and username, blah, blah?
-                //
+                Subject subject = loginContext.getSubject();
+                context.identity = new Identity(subject);
 
-                log.info("Successfull authentication for user: {}", username);
+                log.debug("Username: {}, Identity: {}", context.getUsername(), context.identity);
 
-                LoginMessage.Success reply = new LoginMessage.Success(identity.getToken());
+                LoginMessage.Success reply = new LoginMessage.Success(context.identity.getToken());
                 reply.setCorrelationId(message.getId());
                 session.write(reply);
             }
             catch (LoginException e) {
                 String reason = e.toString();
-                log.info("Login failed for user: {}, cause: {}", username, reason);
+                log.debug("Login failed for user: {}, cause: {}", username, reason);
 
                 LoginMessage.Failure reply = new LoginMessage.Failure(reason);
                 reply.setCorrelationId(message.getId());
@@ -98,23 +94,4 @@
         }
     }
 
-    private static class Identity
-    {
-        private final Subject subject;
-
-        private final UUID token;
-
-        public Identity(final Subject subject) {
-            this.subject = subject;
-            this.token = UUID.randomUUID();
-        }
-
-        public Subject getSubject() {
-            return subject;
-        }
-
-        public Serializable getToken() {
-            return token;
-        }
-    }
 }

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerMessageHandlerSupport.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerMessageHandlerSupport.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerMessageHandlerSupport.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerMessageHandlerSupport.java
Sun Sep 30 07:31:37 2007
@@ -37,8 +37,6 @@
     }
 
     public void messageReceived(final IoSession session, final T message) throws Exception
{
-        log.debug("Processing: {}", message);
-
         ServerSessionContext context = ServerSessionContext.BINDER.lookup(session);
 
         handle(session, context, message);

Modified: geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerSessionContext.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerSessionContext.java?rev=580729&r1=580728&r2=580729&view=diff
==============================================================================
--- geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerSessionContext.java
(original)
+++ geronimo/sandbox/gshell/trunk/gshell-remote/gshell-remote-server/src/main/java/org/apache/geronimo/gshell/remote/server/handler/ServerSessionContext.java
Sun Sep 30 07:31:37 2007
@@ -20,11 +20,12 @@
 package org.apache.geronimo.gshell.remote.server.handler;
 
 import java.security.PublicKey;
-import java.util.UUID;
 
-import org.apache.geronimo.gshell.common.tostring.ToStringBuilder;
-import org.apache.geronimo.gshell.common.tostring.ToStringStyle;
+import javax.security.auth.Subject;
+
 import org.apache.geronimo.gshell.remote.RemoteShell;
+import org.apache.geronimo.gshell.remote.jaas.Identity;
+import org.apache.geronimo.gshell.remote.jaas.UserPrincipal;
 import org.apache.geronimo.gshell.remote.server.RemoteIO;
 import org.apache.geronimo.gshell.remote.server.RemoteShellContainer;
 import org.apache.geronimo.gshell.shell.Environment;
@@ -39,34 +40,19 @@
 {
     public static final SessionAttributeBinder<ServerSessionContext> BINDER = new SessionAttributeBinder<ServerSessionContext>(ServerSessionContext.class);
 
-    /** The session id. */
-    public final UUID id = UUID.randomUUID();
-
-    /** The remote client's public key. */
     public PublicKey pk;
 
-    /** The remote client's logged in username. */
-    public String username;
+    public Identity identity;
+
+    public String getUsername() {
+        return identity.getSubject().getPrincipals(UserPrincipal.class).iterator().next().getName();
+    }
 
-    /** The container which the remote shell is running in. */
     public RemoteShellContainer container;
 
-    /** The I/O context for the remote shell. */
     public RemoteIO io;
 
-    /** The environment for the remote shell. */
     public Environment env;
 
-    /** The remote shell instance. */
     public RemoteShell shell;
-
-    public int hashCode() {
-        return id.hashCode();
-    }
-
-    public String toString() {
-        return new ToStringBuilder(this, ToStringStyle.SHORT_PREFIX_STYLE)
-                .append("id", id)
-                .toString();
-    }
 }



Mime
View raw message