initial commit

This commit is contained in:
ale 2022-09-09 19:35:34 +02:00
commit b0eae68de5
15 changed files with 308 additions and 0 deletions

4
.gitignore vendored Normal file
View File

@ -0,0 +1,4 @@
build/classes
.settings/
.classpath
.project

16
README.md Normal file
View File

@ -0,0 +1,16 @@
# PruebaJAAS
Implementación de prueba del sistema nativo de seguridad de Java [JAAS](https://www.oracle.com/java/technologies/javase/javase-tech-security.html) (Java Authentication and Authorization Service)
Prueba realizada con `Java 11` y despliegue con `Tomcat 10`
### Credenciales de acceso
```
Usuario: user
Password: pass
```
### Licencia
MIT

0
build/.gitkeep Normal file
View File

3
src/main/java/jaas.conf Normal file
View File

@ -0,0 +1,3 @@
PruebaJAAS {
jaas.JAASLoginModule required;
};

View File

@ -0,0 +1,27 @@
package jaas;
import javax.security.auth.login.Configuration;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
/**
* Servlet implementation class InitialServlet
*/
public class InitialServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public InitialServlet() {
super();
}
@Override
public void init() throws ServletException {
super.init();
System.setProperty("java.security.auth.login.config", "classpath:jaas.conf");
Configuration.getConfiguration().refresh();
}
}

View File

@ -0,0 +1,100 @@
package jaas;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
public class JAASLoginModule implements LoginModule {
private CallbackHandler handler;
private Subject subject;
private UserPrincipal userPrincipal;
private RolePrincipal rolePrincipal;
private String login;
private List<String> userGroups;
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
Map<String, ?> options) {
handler = callbackHandler;
this.subject = subject;
}
@Override
public boolean login() throws LoginException {
Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("login");
callbacks[1] = new PasswordCallback("password", true);
try {
handler.handle(callbacks);
String name = ((NameCallback) callbacks[0]).getName();
String password = String.valueOf(((PasswordCallback) callbacks[1]).getPassword());
// Here we validate the credentials against some
// authentication/authorization provider.
// It can be a Database, an external LDAP,
// a Web Service, etc.
if (name != null && name.equals("user") && password != null && password.equals("pass")) {
// We store the username and roles
// fetched from the credentials provider
// to be used later in commit() method.
login = name;
userGroups = new ArrayList<String>();
userGroups.add("admin");
return true;
}
// If credentials are NOT OK we throw a LoginException
throw new LoginException("Authentication failed");
} catch (IOException e) {
throw new LoginException(e.getMessage());
} catch (UnsupportedCallbackException e) {
throw new LoginException(e.getMessage());
}
}
@Override
public boolean commit() throws LoginException {
userPrincipal = new UserPrincipal(login);
subject.getPrincipals().add(userPrincipal);
if (userGroups != null && userGroups.size() > 0) {
for (String groupName : userGroups) {
rolePrincipal = new RolePrincipal(groupName);
subject.getPrincipals().add(rolePrincipal);
}
}
return true;
}
@Override
public boolean abort() throws LoginException {
return false;
}
@Override
public boolean logout() throws LoginException {
subject.getPrincipals().remove(userPrincipal);
subject.getPrincipals().remove(rolePrincipal);
return true;
}
}

View File

@ -0,0 +1,22 @@
package jaas;
import java.security.Principal;
public class RolePrincipal implements Principal {
private String name;
public RolePrincipal(String name) {
super();
this.name = name;
}
public void setName(String name) {
this.name = name;
}
@Override
public String getName() {
return name;
}
}

View File

@ -0,0 +1,22 @@
package jaas;
import java.security.Principal;
public class UserPrincipal implements Principal {
private String name;
public UserPrincipal(String name) {
super();
this.name = name;
}
public void setName(String name) {
this.name = name;
}
@Override
public String getName() {
return name;
}
}

View File

@ -0,0 +1,3 @@
Manifest-Version: 1.0
Class-Path:

View File

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="PruebaJAAS" userClassNames="jaas.UserPrincipal"
roleClassNames="jaas.RolePrincipal" />
</Context>

View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="https://jakarta.ee/xml/ns/jakartaee"
xmlns:web="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://jakarta.ee/xml/ns/jakartaee/web-app_5_0.xsd http://xmlns.jcp.org/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="5.0">
<display-name>PruebaJAAS</display-name>
<servlet>
<display-name>InitialServlet</display-name>
<servlet-name>InitialServlet</servlet-name>
<servlet-class>jaas.InitialServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>Auth</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>admin</role-name>
</security-role>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
</web-app>

15
src/main/webapp/error.jsp Normal file
View File

@ -0,0 +1,15 @@
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Error</title>
</head>
<body>
<h2>Error</h2>
<p>
Try <a href="login.jsp">again</a>.
</p>
</body>
</html>

15
src/main/webapp/index.jsp Normal file
View File

@ -0,0 +1,15 @@
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Index</title>
</head>
<body>
<h2>Index</h2>
<p>
Logged in as <b><%=request.getRemoteUser()%></b>. <a href="logout.jsp">Logout</a>
</p>
</body>
</html>

24
src/main/webapp/login.jsp Normal file
View File

@ -0,0 +1,24 @@
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>JAAS Login</title>
</head>
<body>
<h2>Login</h2>
<form method=post action="j_security_check">
<p>
<span>Username:</span> <br /> <input type="text" name="j_username">
</p>
<p>
<span>Password:</span> <br /> <input type="password"
name="j_password">
</p>
<p>
<input type="submit" value="Login">
</p>
</form>
</body>
</html>

View File

@ -0,0 +1,15 @@
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Logout</title>
</head>
<body>
<%
request.getSession().invalidate();
%>
<p>Logged out.</p>
</body>
</html>