3 files changed, 294 insertions, 0 deletions
diff --git a/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/CalculatorCallbackHandler.java b/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/CalculatorCallbackHandler.java
new file mode 100644
index 0000000000..4f063993a3
--- /dev/null
+++ b/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/CalculatorCallbackHandler.java
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package calculator.security;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class CalculatorCallbackHandler implements CallbackHandler {
+
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof NameCallback) {
+                NameCallback nc = (NameCallback)callbacks[i];
+                nc.setName("CalculatorUser");
+            } else if (callbacks[i] instanceof PasswordCallback) {
+                PasswordCallback pc = (PasswordCallback)callbacks[i];
+                pc.setPassword("CalculatorUserPasswd".toCharArray());
+            } else {
+                throw new UnsupportedCallbackException
+                 (callbacks[i], "Unsupported Callback!");
+            }
+          }
+    }
+
+}
diff --git a/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/JaasLoginModule.java b/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/JaasLoginModule.java
new file mode 100644
index 0000000000..b3ef6e7312
--- /dev/null
+++ b/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/JaasLoginModule.java
@@ -0,0 +1,178 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package calculator.security;
+
+import java.security.Principal;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class JaasLoginModule implements LoginModule {
+
+    private CallbackHandler callbackHandler;
+    private Subject subject;
+    private Principal userPrincipal;
+    private String userId;
+    private String password;
+    private boolean succeeded;
+    private boolean commitSucceeded;
+
+    public void initialize(Subject subject,
+                           CallbackHandler callbackHandler,
+                           Map<String, ?> sharedState,
+                           Map<String, ?> options) {
+        this.callbackHandler = callbackHandler;
+        this.subject = subject;
+    }
+
+    public boolean login() throws LoginException {
+        Callback[] callbacks = new Callback[2];
+        callbacks[0] = new NameCallback("UserId:");
+        callbacks[1] = new PasswordCallback("Password:", false);
+
+        try {
+            callbackHandler.handle(callbacks);
+            userId = ((NameCallback)callbacks[0]).getName();
+            password = new String(((PasswordCallback)callbacks[1]).getPassword());
+
+            if (userId.equals("CalculatorUser") && password.equals("CalculatorUserPasswd")) {
+                System.out.println("Successfully AUTHENTICATED!!");
+                succeeded = true;
+                return true;
+            } else {
+                System.out.println("Incorrect userId / password! AUTHENTICATION FAILED!!");
+                return false;
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+            return false;
+        }
+    }
+
+    /**
+     * <p> This method is called if the LoginContext's
+     * overall authentication succeeded
+     * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
+     * succeeded).
+     *
+     * <p> If this LoginModule's own authentication attempt
+     * succeeded (checked by retrieving the private state saved by the
+     * <code>login</code> method), then this method associates a
+     * <code>UserPrincipal</code>
+     * with the <code>Subject</code> located in the
+     * <code>LoginModule</code>.  If this LoginModule's own
+     * authentication attempted failed, then this method removes
+     * any state that was originally saved.
+     *
+     * <p>
+     *
+     * @exception LoginException if the commit fails.
+     *
+     * @return true if this LoginModule's own login and commit
+     *          attempts succeeded, or false otherwise.
+     */
+    public boolean commit() throws LoginException {
+        if (succeeded == false) {
+            return false;
+        } else {
+            // add a Principal (authenticated identity) to the Subject
+
+            // assume the user we authenticated is the UserPrincipal
+            userPrincipal = new UserPrincipal(userId);
+            if (!subject.getPrincipals().contains(userPrincipal))
+                subject.getPrincipals().add(userPrincipal);
+
+            // in any case, clean out state
+            userId = null;
+            password = null;
+            commitSucceeded = true;
+            return true;
+        }
+    }
+
+    /**
+     * <p> This method is called if the LoginContext's
+     * overall authentication failed.
+     * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
+     * did not succeed).
+     *
+     * <p> If this LoginModule's own authentication attempt
+     * succeeded (checked by retrieving the private state saved by the
+     * <code>login</code> and <code>commit</code> methods),
+     * then this method cleans up any state that was originally saved.
+     *
+     * <p>
+     *
+     * @exception LoginException if the abort fails.
+     *
+     * @return false if this LoginModule's own login and/or commit attempts
+     *          failed, and true otherwise.
+     */
+    public boolean abort() throws LoginException {
+        if (succeeded == false) {
+            return false;
+        } else if (succeeded == true && commitSucceeded == false) {
+            // login succeeded but overall authentication failed
+            succeeded = false;
+            userId = null;
+            password = null;
+            userPrincipal = null;
+        } else {
+            // overall authentication succeeded and commit succeeded,
+            // but someone else's commit failed
+            logout();
+        }
+        return true;
+    }
+
+    /**
+     * Logout the user.
+     *
+     * <p> This method removes the <code>SimplePrincipal</code>
+     * that was added by the <code>commit</code> method.
+     *
+     * <p>
+     *
+     * @exception LoginException if the logout fails.
+     *
+     * @return true in all cases since this <code>LoginModule</code>
+     *          should not be ignored.
+     */
+    public boolean logout() throws LoginException {
+        subject.getPrincipals().remove(userPrincipal);
+        succeeded = false;
+        succeeded = commitSucceeded;
+        userId = null;
+        if (password != null)
+            password = null;
+        userPrincipal = null;
+        return true;
+    }
+
+}
diff --git a/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/UserPrincipal.java b/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/UserPrincipal.java
new file mode 100644
index 0000000000..595626e672
--- /dev/null
+++ b/sca-java-2.x/tags/2.0.1-RC1/testing/itest/implementation-spring/src/main/java/calculator/security/UserPrincipal.java
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package calculator.security;
+
+import java.security.Principal;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class UserPrincipal implements Principal {
+
+    private final String name;
+
+    public UserPrincipal(String name) {
+        if (name == null)
+            throw new IllegalArgumentException("name cannot be null");
+        this.name = name;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public String toString() {
+        return name;
+    }
+
+    @Override
+    public int hashCode() {
+        final int prime = 31;
+        int result = 1;
+        result = prime * result + ((name == null) ? 0 : name.hashCode());
+        return result;
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (this == obj)
+            return true;
+        if (obj == null)
+            return false;
+        if (getClass() != obj.getClass())
+            return false;
+        final UserPrincipal other = (UserPrincipal)obj;
+        if (name == null) {
+            if (other.name != null)
+                return false;
+        } else if (!name.equals(other.name))
+            return false;
+        return true;
+    }
+}