Example

This is an example of a PAM module that performs a callback.

Manifest-Version: 1.0

cisext-name: example

cisext-annotation: disqualification or callback

cisext-version: 2

cisext-introspectAll: true

package com.tibco.cis.pam.example;

import java.util.Map;

import java.io.IOException;

import com.compositesw.extension.sdk.annotations.CisExtensionProvider;

import javax.security.auth.Subject;

import javax.security.auth.callback.Callback;

import javax.security.auth.callback.CallbackHandler;

import javax.security.auth.callback.NameCallback;

import javax.security.auth.callback.PasswordCallback;

import javax.security.auth.callback.UnsupportedCallbackException;

import javax.security.auth.login.LoginException;

import javax.security.auth.spi.LoginModule;

import com.compositesw.extension.ds.Logger;

import com.compositesw.extension.ds.impl.LoggerImpl;

@CisExtensionProvider(

	name = "TDV7CallbackExamplePAM", 

	annotation = "PAM Module that performs a callback")

public class TDV7CallbackExamplePAM implements LoginModule {

	protected static Logger logger = LoggerImpl.getLogger(TDV7CallbackExamplePAM.class);

	private CallbackHandler handler;

	private String user;

	private String pass;

	public void initialize(Subject subject, CallbackHandler callbackHandler, 

		Map<String, ?> sharedState, Map<String, ?> options) {

		logger.info("Method: " + this.getClass() + ".initialize() called...");

		handler = callbackHandler;

	}

	public boolean abort() throws LoginException {

		logger.info("Method: " + this.getClass() + ".abort() called...");

		return true;

	}

	public boolean commit() throws LoginException {

		logger.info("Method: " + this.getClass() + ".commit() called...");

		logger.info("User " + user + " signed on using password: ************");

		return true;

	}

	public boolean login() throws LoginException {

		logger.info("Method: " + this.getClass() + ".login() called...");

		NameCallback nameCallback = new NameCallback(" ");

		PasswordCallback passwordCallback = new PasswordCallback(" ", false);

		Callback[] callbacks = new Callback[] { nameCallback, passwordCallback };

		try {

			handler.handle(callbacks);

			user = nameCallback.getName();

			pass = String.copyValueOf(passwordCallback.getPassword());

			pass = "***********"; // mask password

		} catch (IOException | UnsupportedCallbackException e) {

			logger.error("Error during PAM login of user: " + user, e);

			throw new LoginException("Error during PAM login of user: " + user);

		}

		return true;

	}

	public boolean logout() throws LoginException {

		logger.info("Method: " + this.getClass() + ".logout() called...");

		return true;

	}

}