importjava.io.IOException;importjava.util.Map;importjavax.security.auth.Subject;importjavax.security.auth.callback.Callback;importjavax.security.auth.callback.CallbackHandler;importjavax.security.auth.callback.NameCallback;importjavax.security.auth.callback.PasswordCallback;importjavax.security.auth.callback.UnsupportedCallbackException;importjavax.security.auth.login.LoginException;importjavax.security.auth.spi.LoginModule;publicclassSampleLoginModuleimplementsLoginModule {privatebooleanisAuthenticated=false;privateCallbackHandler callbackHandler;privateSubject subject;privateSamplePrincipal principal;publicvoidinitialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {this.subject=subject;this.callbackHandler=callbackHandler;
}publicbooleanlogin()throwsLoginException {try{
NameCallback nameCallback=newNameCallback("username");
PasswordCallback passwordCallback=newPasswordCallback("password",false);finalCallback[] calls=newCallback[] { nameCallback, passwordCallback };//获取用户数据callbackHandler.handle(calls);
String username=nameCallback.getName();
String password=String.valueOf(passwordCallback.getPassword());//TODO 验证,如:查询数据库、LDAP。。。if(true) {//验证通过principal=newSamplePrincipal(username);
isAuthenticated=true;
}else{thrownewLoginException("user or password is wrong");
}
}catch(IOException e) {thrownewLoginException("no such user");
}catch(UnsupportedCallbackException e) {thrownewLoginException("login failure");
}returnisAuthenticated;
}/*** 验证后的处理,在Subject中加入用户对象*/publicbooleancommit()throwsLoginException {if(isAuthenticated) {
subject.getPrincipals().add(principal);
}else{thrownewLoginException("Authentication failure");
}returnisAuthenticated;
}publicbooleanabort()throwsLoginException {returnfalse;
}publicbooleanlogout()throwsLoginException {
subject.getPrincipals().remove(principal);
principal=null;returntrue;
}
}