/*
* $Id: AuthCmd.html,v 1.6 2003/09/01 20:28:03 suhrin Exp $
*
* Copyright (c) 1999-2003 Gnome Ltd. All Rights Reserved.
*
* This software is the confidential and proprietary information of
* Gnome Ltd. You shall not disclose such Confidential
* Information and shall use it only in accordance with the terms
* of the license agreement you entered into with Gnome Ltd.
*/
package SK.gnome.dwarf.sample;
import java.io.Writer;
import java.io.PrintWriter;
import java.security.Permission;
import java.security.AccessControlException;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import SK.gnome.dwarf.Service;
import SK.gnome.dwarf.main.Command;
import SK.gnome.dwarf.main.CommandException;
import SK.gnome.dwarf.auth.CheckPermissionAction;
import SK.gnome.dwarf.auth.login.BasicCallbackHandler;
/**
* Sample command for testing the authentication and authorization.
*
* <p>This command illustrates basic usage of the authentication and authorization
* methods found in the {@link Service} interface.
*
* <p>It may be invoked with these command-line arguments:
* <ul>
* <li><tt>username</tt> - checks whether the username is a valid user</li>
* <li><tt>username password</tt> - checks whether the password is valid for the given
* user (i.e. authenticates the user with the given password)
* <li><tt>username password permission</tt> - authenticates the user with the given password
* and checks whether the specified permission has
* been granted to the given user
* </ul>
* The permission used is an instance of the {@link SamplePermission} class with its name equal
* to the value of the <tt>permission</tt> argument.
*/
public class AuthCmd extends Command
{
/**
* Creates a new <tt>AuthCmd</tt>.
*/
public AuthCmd(String name)
{ super(name);
}
public String getDescription()
{ return "tests authentication and authorization facility";
}
public void printHelp(PrintWriter out)
{ out.println(getName() + " username - identifies the user");
out.println(getName() + " username password - authenticates the user with the password");
out.println(getName() + " username password permission - authenticates the user and tests the given permission");
}
protected void execute(Subject subject, Service service, String[] args, Writer out)
throws CommandException
{ PrintWriter pw = new PrintWriter(out, true);
if (args.length == 1)
{ Subject subj = new Subject();
try
{ login(subj, new BasicCallbackHandler(args[0]));
pw.println("The user is valid");
}
catch (LoginException e)
{ pw.println("The user is not valid");
}
}
else if (args.length == 2)
{ Subject subj = new Subject();
try
{ login(subj, new BasicCallbackHandler(args[0], args[1].toCharArray()));
pw.println("The user is authenticated");
}
catch (LoginException e)
{ pw.println("The user is not authenticated: " + e.getMessage());
}
}
else if (args.length == 3)
{ Subject subj = new Subject();
try
{ login(subj, new BasicCallbackHandler(args[0], args[1].toCharArray()));
pw.println("The user is authenticated");
}
catch (LoginException e)
{ pw.println("The user is not authenticated: " + e.getMessage());
}
Permission perm = new SamplePermission(args[2]);
try
{ Subject.doAs(subj, new CheckPermissionAction(perm));
pw.println("Permission is granted");
}
catch (AccessControlException e)
{ pw.println("Permission is not granted: " + e.getMessage());
}
}
else
throw new CommandException("Invalid number of arguments");
}
}
|