New LoginExceptionResolver interface and base implementation to handle LoginExceptions thrown in the Jaas API. I am commiting this now so that it isn't lost, while a PropertyEditor based solution is investigated.

2004-12-09 22:09:35 +00:00 · 2004-12-09 22:09:35 +00:00 · 3eb6149877
parent 07f3d1558f
commit 3eb6149877
3 changed files with 105 additions and 9 deletions
--- a/core/src/main/java/org/acegisecurity/providers/jaas/DefaultLoginExceptionResolver.java
+++ b/core/src/main/java/org/acegisecurity/providers/jaas/DefaultLoginExceptionResolver.java
@ -0,0 +1,37 @@
+/* Copyright 2004 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.sf.acegisecurity.providers.jaas;
+
+import net.sf.acegisecurity.AcegiSecurityException;
+import net.sf.acegisecurity.AuthenticationServiceException;
+
+import javax.security.auth.login.LoginException;
+
+
+/**
+ * This LoginExceptionResolver simply wraps the LoginException with an
+ * AuthenticationServiceException.
+ *
+ * @author $author$
+ * @version $Revision$
+ */
+public class DefaultLoginExceptionResolver implements LoginExceptionResolver {
+    //~ Methods ================================================================
+
+    public AcegiSecurityException resolveException(LoginException e) {
+        return new AuthenticationServiceException(e.getMessage(), e);
+    }
+}
--- a/core/src/main/java/org/acegisecurity/providers/jaas/JaasAuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/jaas/JaasAuthenticationProvider.java
@ -15,9 +15,9 @@

 package net.sf.acegisecurity.providers.jaas;

+import net.sf.acegisecurity.AcegiSecurityException;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.AuthenticationException;
-import net.sf.acegisecurity.AuthenticationServiceException;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.providers.AuthenticationProvider;
 import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
@ -159,6 +159,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
    //~ Instance fields ========================================================

    private ApplicationContext context;
+    private LoginExceptionResolver loginExceptionResolver = new DefaultLoginExceptionResolver();
    private Resource loginConfig;
    private String loginContextName = "ACEGI";
    private AuthorityGranter[] authorityGranters;
@ -184,9 +185,11 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
    }

    /**
-     * DOCUMENT ME!
+     * Returns the AuthorityGrannter array that was passed to the {@link
+     * #setAuthorityGranters(AuthorityGranter[])} method, or null if it none
+     * were ever set.
     *
-     * @return The AuthorityGranter array
+     * @return The AuthorityGranter array, or null
     *
     * @see #setAuthorityGranters(net.sf.acegisecurity.providers.jaas.AuthorityGranter[])
     */
@ -249,6 +252,15 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
        return loginContextName;
    }

+    public void setLoginExceptionResolver(
+        LoginExceptionResolver loginExceptionResolver) {
+        this.loginExceptionResolver = loginExceptionResolver;
+    }
+
+    public LoginExceptionResolver getLoginExceptionResolver() {
+        return loginExceptionResolver;
+    }
+
    public void afterPropertiesSet() throws Exception {
        if (loginConfig == null) {
            throw new ApplicationContextException("loginConfig must be set on "
@ -284,7 +296,6 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
     *         AuthenticationServiceException, with the message of the
     *         LoginException that will be thrown, should the
     *         loginContext.login() method fail.
-     * @throws AuthenticationServiceException DOCUMENT ME!
     */
    public Authentication authenticate(Authentication auth)
        throws AuthenticationException {
@ -334,12 +345,12 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,

                //we're done, return the token.
                return token;
-            } catch (LoginException e) {
-                context.publishEvent(new JaasAuthenticationFailedEvent(auth, e));
+            } catch (LoginException loginException) {
+                AcegiSecurityException ase = loginExceptionResolver
+                    .resolveException(loginException);

-                //We have no way of knowing what caused the exception, so we cannot throw BadCredentialsException, DisabledException, or LockedException.
-                //So we'll just throw an AuthenticationServiceException
-                throw new AuthenticationServiceException(e.toString());
+                context.publishEvent(new JaasAuthenticationFailedEvent(auth, ase));
+                throw ase;
            }
        }

@ -366,10 +377,12 @@ public class JaasAuthenticationProvider implements AuthenticationProvider,
            throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackHandlers.length; i++) {
                JaasAuthenticationCallbackHandler handler = callbackHandlers[i];
+
                handler.setAuthentication(authentication);

                for (int j = 0; j < callbacks.length; j++) {
                    Callback callback = callbacks[j];
+
                    handler.handle(callback);
                }
            }
--- a/core/src/main/java/org/acegisecurity/providers/jaas/LoginExceptionResolver.java
+++ b/core/src/main/java/org/acegisecurity/providers/jaas/LoginExceptionResolver.java
@ -0,0 +1,46 @@
+/* Copyright 2004 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.sf.acegisecurity.providers.jaas;
+
+import net.sf.acegisecurity.AcegiSecurityException;
+
+import javax.security.auth.login.LoginException;
+
+
+/**
+ * The JaasAuthenticationProvider takes an instance of LoginExceptionResolver
+ * to resolve LoginModule specific exceptions to Acegi exceptions.  For
+ * instance, a configured login module could throw a
+ * ScrewedUpPasswordException that extends LoginException, in this instance
+ * the LoginExceptionResolver implementation would return a {@link
+ * net.sf.acegisecurity.BadCredentialsException}.
+ *
+ * @author $author$
+ * @version $Revision$
+ */
+public interface LoginExceptionResolver {
+    //~ Methods ================================================================
+
+    /**
+     * Translates a Jaas LoginException to an AcegiSecurityException.
+     *
+     * @param e The LoginException thrown by the configured LoginModule.
+     *
+     * @return The AcegiSecurityException that the JaasAuthenticationProvider
+     *         should throw.
+     */
+    public AcegiSecurityException resolveException(LoginException e);
+}