source: contrib/MailArchiver/sources/src/serpro/mailarchiver/util/SystemAuthenticator.java @ 6785

Revision 6785, 5.2 KB checked in by rafaelraymundo, 12 years ago (diff)

Ticket #2946 - Liberado codigo do MailArchiver?. Documentação na subpasta DOCS.
Line 
1/**
2 * MailArchiver is an application that provides services for storing and managing e-mail messages through a Web Services SOAP interface.
3 * Copyright (C) 2012  Marcio Andre Scholl Levien and Fernando Alberto Reuter Wendt and Jose Ronaldo Nogueira Fonseca Junior
4 *
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Affero General Public License as
7 * published by the Free Software Foundation, either version 3 of the
8 * License, or (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13 * GNU Affero General Public License for more details.
14 *
15 * You should have received a copy of the GNU Affero General Public License
16 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
17 */
18
19/******************************************************************************\
20*
21*  This product was developed by
22*
23*        SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO),
24*
25*  a government company established under Brazilian law (5.615/70),
26*  at Department of Development of Porto Alegre.
27*
28\******************************************************************************/
29
30package serpro.mailarchiver.util;
31
32import com.sun.jna.Platform;
33import com.sun.jna.platform.win32.Advapi32;
34import com.sun.jna.platform.win32.Kernel32;
35import com.sun.jna.platform.win32.W32Errors;
36import com.sun.jna.platform.win32.WinBase;
37import com.sun.jna.platform.win32.WinNT.HANDLE;
38import com.sun.jna.platform.win32.WinNT.HANDLEByReference;
39
40import org.jvnet.libpam.PAM;
41import org.jvnet.libpam.PAMException;
42import org.jvnet.libpam.UnixUser;
43
44public class SystemAuthenticator {
45
46    private static final Logger log = Logger.getLocalLogger();
47
48    public SystemAccount authenticate(String username, String password) {
49        return authenticate(username, password, null);
50    }
51
52    public SystemAccount authenticate(String username, String password, String domain) {
53
54        if(username == null) {
55            return null;
56        }
57        if(password == null) {
58            password = "";
59        }
60        if(domain == null) {
61            //domain = "";
62            domain = ""; // "." significa usar a estação local
63        }
64
65        if(Platform.isWindows()) {
66
67            HANDLE token = null;
68
69            try {
70                HANDLEByReference tokenRef = new HANDLEByReference();
71
72                boolean success = Advapi32.INSTANCE.LogonUser(
73                        username, domain, password,
74
75                        //Logon types e desc -> http://msdn.microsoft.com/en-us/library/windows/desktop/aa378184%28v=vs.85%29.aspx
76                        //WinBase.LOGON32_LOGON_BATCH,
77                        //WinBase.LOGON32_LOGON_NETWORK,
78                        //WinBase.LOGON32_LOGON_SERVICE,
79                        //WinBase.LOGON32_LOGON_INTERACTIVE,
80                        WinBase.LOGON32_LOGON_NETWORK_CLEARTEXT,
81                        WinBase.LOGON32_PROVIDER_DEFAULT,
82                        tokenRef);
83
84                if(success) {
85                    token = tokenRef.getValue();
86                    return new SystemAccount(token);
87                }
88                else {
89                    int error = Kernel32.INSTANCE.GetLastError();
90                    String errorDesc;
91                    switch(error) {
92                        case W32Errors.ERROR_LOGON_FAILURE:
93                            errorDesc = "logon failure";
94                            break;
95
96                        case W32Errors.ERROR_INVALID_PARAMETER:
97                            errorDesc = "invalid parameter";
98                            break;
99
100                        case W32Errors.ERROR_INVALID_PASSWORD:
101                            errorDesc = "invalid password";
102                            break;
103
104                        case W32Errors.ERROR_LOGON_NOT_GRANTED:
105                            errorDesc = "logon not granted";
106                            break;
107
108                        case W32Errors.ERROR_LOGON_TYPE_NOT_GRANTED:
109                            errorDesc = "logon type not granted";
110                            break;
111
112                        case W32Errors.ERROR_ACCOUNT_RESTRICTION:
113                            errorDesc = "account restriction";
114                            break;
115
116                        default:
117                            errorDesc = "" + error;
118                    }
119                    log.error("System authentication error: %s", errorDesc);
120                }
121            }
122            finally {
123                if(token != null) {
124                    Kernel32.INSTANCE.CloseHandle(token);
125                }
126            }
127        }
128        else {
129
130            PAM pam = null;
131
132            try {
133                pam = new PAM("common-auth");
134                UnixUser unixUser = pam.authenticate(username, password);
135                return new SystemAccount(unixUser);
136            }
137            catch(PAMException ex) {
138                log.error("System authentication error: %s" + ex.getMessage());
139            }
140            finally {
141                if(pam != null) {
142                    pam.dispose();
143                }
144            }
145        }
146        return null;
147    }
148}
Note: See TracBrowser for help on using the repository browser.