From 68ee9aaabb5b5c9af01e46ffe2cd214f30928647 Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Sun, 28 Mar 2004 12:01:51 +0000
Subject: [PATCH] Enhanced error detection at startup time. Added support for
 handling null usernames and passwords.

---
 .../adapters/jboss/JbossAcegiLoginModule.java | 56 ++++++++++++-------
 1 file changed, 37 insertions(+), 19 deletions(-)

diff --git a/adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.java b/adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.java
index 77473fca6c..2c592010dd 100644
--- a/adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.java
+++ b/adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.java
@@ -12,7 +12,6 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
 package net.sf.acegisecurity.adapters.jboss;
 
 import net.sf.acegisecurity.Authentication;
@@ -45,7 +44,7 @@ import javax.security.auth.login.LoginException;
 /**
  * Adapter to enable JBoss to authenticate via the Acegi Security System for
  * Spring.
- * 
+ *
  * <p>
  * Returns a {@link PrincipalAcegiUserToken} to JBoss' authentication system,
  * which is subsequently available from
@@ -56,23 +55,34 @@ import javax.security.auth.login.LoginException;
  * @version $Id$
  */
 public class JbossAcegiLoginModule extends AbstractServerLoginModule {
-    //~ Instance fields ========================================================
-
     private AuthenticationManager authenticationManager;
     private Principal identity;
     private String key;
     private char[] credential;
 
-    //~ Methods ================================================================
-
     public void initialize(Subject subject, CallbackHandler callbackHandler,
         Map sharedState, Map options) {
         super.initialize(subject, callbackHandler, sharedState, options);
 
         this.key = (String) options.get("key");
 
-        ClassPathXmlApplicationContext ctx = new ClassPathXmlApplicationContext((String) options
-                .get("appContextLocation"));
+        if ((key == null) || "".equals(key)) {
+            throw new IllegalArgumentException("key must be defined");
+        }
+
+        String appContextLocation = (String) options.get("appContextLocation");
+
+        if ((appContextLocation == null) || "".equals(appContextLocation)) {
+            throw new IllegalArgumentException(
+                "appContextLocation must be defined");
+        }
+
+        if (Thread.currentThread().getContextClassLoader().getResource(appContextLocation) == null) {
+            throw new IllegalArgumentException("Cannot locate " +
+                appContextLocation);
+        }
+
+        ClassPathXmlApplicationContext ctx = new ClassPathXmlApplicationContext(appContextLocation);
         Map beans = ctx.getBeansOfType(AuthenticationManager.class, true, true);
 
         if (beans.size() == 0) {
@@ -94,8 +104,16 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
 
         if ((username == null) && (password == null)) {
             identity = null;
-            super.log.trace("Authenticating as unauthenticatedIdentity="
-                + identity);
+            super.log.trace("Authenticating as unauthenticatedIdentity=" +
+                identity);
+        }
+
+        if (username == null) {
+            username = "";
+        }
+
+        if (password == null) {
+            password = "";
         }
 
         if (identity == null) {
@@ -127,8 +145,8 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
         }
 
         super.loginOk = true;
-        super.log.trace("User '" + identity + "' authenticated, loginOk="
-            + loginOk);
+        super.log.trace("User '" + identity + "' authenticated, loginOk=" +
+            loginOk);
 
         return true;
     }
@@ -139,7 +157,7 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
 
     protected Group[] getRoleSets() throws LoginException {
         SimpleGroup roles = new SimpleGroup("Roles");
-        Group[] roleSets = {roles};
+        Group[] roleSets = { roles };
 
         if (this.identity instanceof Authentication) {
             Authentication user = (Authentication) this.identity;
@@ -154,17 +172,17 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
     }
 
     protected String[] getUsernameAndPassword() throws LoginException {
-        String[] info = {null, null};
+        String[] info = { null, null };
 
         // prompt for a username and password
         if (callbackHandler == null) {
-            throw new LoginException("Error: no CallbackHandler available "
-                + "to collect authentication information");
+            throw new LoginException("Error: no CallbackHandler available " +
+                "to collect authentication information");
         }
 
         NameCallback nc = new NameCallback("User name: ", "guest");
         PasswordCallback pc = new PasswordCallback("Password: ", false);
-        Callback[] callbacks = {nc, pc};
+        Callback[] callbacks = { nc, pc };
         String username = null;
         String password = null;
 
@@ -184,8 +202,8 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
         } catch (java.io.IOException ioe) {
             throw new LoginException(ioe.toString());
         } catch (UnsupportedCallbackException uce) {
-            throw new LoginException("CallbackHandler does not support: "
-                + uce.getCallback());
+            throw new LoginException("CallbackHandler does not support: " +
+                uce.getCallback());
         }
 
         info[0] = username;