This Sample application attempts to authenticate a user + * and reports whether or not the authentication was successful. + */ +public class SampleAcn { + + /** + * Attempt to authenticate the user. + * + *
+ * + * @param args input arguments for this application. These are ignored. + */ + public static void main(String[] args) { + + // Obtain a LoginContext, needed for authentication. Tell it + // to use the LoginModule implementation specified by the + // entry named "Sample" in the JAAS login configuration + // file and to also use the specified CallbackHandler. + LoginContext lc = null; + try { + lc = new LoginContext("Sample", new MyCallbackHandler()); + } catch (LoginException le) { + System.err.println("Cannot create LoginContext. " + + le.getMessage()); + System.exit(-1); + } catch (SecurityException se) { + System.err.println("Cannot create LoginContext. " + + se.getMessage()); + System.exit(-1); + } + + // the user has 3 attempts to authenticate successfully + int i; + for (i = 0; i < 3; i++) { + try { + + // attempt authentication + lc.login(); + + // if we return with no exception, authentication succeeded + break; + + } catch (LoginException le) { + + System.err.println("Authentication failed:"); + System.err.println(" " + le.getMessage()); + try { + Thread.currentThread().sleep(3000); + } catch (Exception e) { + // ignore + } + + } + } + + // did they fail three times? + if (i == 3) { + System.out.println("Sorry"); + System.exit(-1); + } + + System.out.println("Authentication succeeded!"); + + } +} + + +/** + * The application implements the CallbackHandler. + * + *
This application is text-based. Therefore it displays information + * to the user using the OutputStreams System.out and System.err, + * and gathers input from the user using the InputStream System.in. + */ +class MyCallbackHandler implements CallbackHandler { + + /** + * Invoke an array of Callbacks. + * + *
+ *
+ * @param callbacks an array of Callback objects which contain
+ * the information requested by an underlying security
+ * service to be retrieved or displayed.
+ *
+ * @exception java.io.IOException if an input or output error occurs.
+ *
+ * @exception UnsupportedCallbackException if the implementation of this
+ * method does not support one or more of the Callbacks
+ * specified in the callbacks parameter.
+ */
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof TextOutputCallback) {
+
+ // display the message according to the specified type
+ TextOutputCallback toc = (TextOutputCallback)callbacks[i];
+ switch (toc.getMessageType()) {
+ case TextOutputCallback.INFORMATION:
+ System.out.println(toc.getMessage());
+ break;
+ case TextOutputCallback.ERROR:
+ System.out.println("ERROR: " + toc.getMessage());
+ break;
+ case TextOutputCallback.WARNING:
+ System.out.println("WARNING: " + toc.getMessage());
+ break;
+ default:
+ throw new IOException("Unsupported message type: " +
+ toc.getMessageType());
+ }
+
+ } else if (callbacks[i] instanceof NameCallback) {
+
+ // prompt the user for a username
+ NameCallback nc = (NameCallback)callbacks[i];
+
+ System.err.print(nc.getPrompt());
+ System.err.flush();
+ nc.setName((new BufferedReader
+ (new InputStreamReader(System.in))).readLine());
+
+ } else if (callbacks[i] instanceof PasswordCallback) {
+
+ // prompt the user for sensitive information
+ PasswordCallback pc = (PasswordCallback)callbacks[i];
+ System.err.print(pc.getPrompt());
+ System.err.flush();
+ pc.setPassword(readPassword(System.in));
+
+ } else {
+ throw new UnsupportedCallbackException
+ (callbacks[i], "Unrecognized Callback");
+ }
+ }
+ }
+
+ // Reads user password from given input stream.
+ private char[] readPassword(InputStream in) throws IOException {
+
+ char[] lineBuffer;
+ char[] buf;
+ int i;
+
+ buf = lineBuffer = new char[128];
+
+ int room = buf.length;
+ int offset = 0;
+ int c;
+
+loop: while (true) {
+ switch (c = in.read()) {
+ case -1:
+ case '\n':
+ break loop;
+
+ case '\r':
+ int c2 = in.read();
+ if ((c2 != '\n') && (c2 != -1)) {
+ if (!(in instanceof PushbackInputStream)) {
+ in = new PushbackInputStream(in);
+ }
+ ((PushbackInputStream)in).unread(c2);
+ } else
+ break loop;
+
+ default:
+ if (--room < 0) {
+ buf = new char[offset + 128];
+ room = buf.length - offset - 1;
+ System.arraycopy(lineBuffer, 0, buf, 0, offset);
+ Arrays.fill(lineBuffer, ' ');
+ lineBuffer = buf;
+ }
+ buf[offset++] = (char) c;
+ break;
+ }
+ }
+
+ if (offset == 0) {
+ return null;
+ }
+
+ char[] ret = new char[offset];
+ System.arraycopy(buf, 0, ret, 0, offset);
+ Arrays.fill(buf, ' ');
+
+ return ret;
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie1/sample/module/SampleLoginModule.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie1/sample/module/SampleLoginModule.java
new file mode 100644
index 0000000..0f4b88e
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie1/sample/module/SampleLoginModule.java
@@ -0,0 +1,337 @@
+/*
+ *
+ * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample.module;
+
+import java.util.*;
+import java.io.IOException;
+import javax.security.auth.*;
+import javax.security.auth.callback.*;
+import javax.security.auth.login.*;
+import javax.security.auth.spi.*;
+import sample.principal.SamplePrincipal;
+
+/**
+ *
This sample LoginModule authenticates users with a password. + * + *
This LoginModule only recognizes one user: testUser + *
testUser's password is: testPassword + * + *
If testUser successfully authenticates itself,
+ * a SamplePrincipal with the testUser's user name
+ * is added to the Subject.
+ *
+ *
This LoginModule recognizes the debug option.
+ * If set to true in the login Configuration,
+ * debug messages will be output to the output stream, System.out.
+ *
+ */
+public class SampleLoginModule implements LoginModule {
+
+ // initial state
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private Map sharedState;
+ private Map options;
+
+ // configurable option
+ private boolean debug = false;
+
+ // the authentication status
+ private boolean succeeded = false;
+ private boolean commitSucceeded = false;
+
+ // username and password
+ private String username;
+ private char[] password;
+
+ // testUser's SamplePrincipal
+ private SamplePrincipal userPrincipal;
+
+ /**
+ * Initialize this LoginModule.
+ *
+ *
+ *
+ * @param subject the Subject to be authenticated.
+ *
+ * @param callbackHandler a CallbackHandler for communicating
+ * with the end user (prompting for user names and
+ * passwords, for example).
+ *
+ * @param sharedState shared LoginModule state.
+ *
+ * @param options options specified in the login
+ *
+ *
+ * @return true in all cases since this
+ *
+ * @exception LoginException if this This method is called if the LoginContext's
+ * overall authentication succeeded
+ * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
+ * succeeded).
+ *
+ * If this LoginModule's own authentication attempt
+ * succeeded (checked by retrieving the private state saved by the
+ *
+ *
+ * @exception LoginException if the commit fails.
+ *
+ * @return true if this LoginModule's own login and commit
+ * attempts succeeded, or false otherwise.
+ */
+ public boolean commit() throws LoginException {
+ if (succeeded == false) {
+ return false;
+ } else {
+ // add a Principal (authenticated identity)
+ // to the Subject
+
+ // assume the user we authenticated is the SamplePrincipal
+ userPrincipal = new SamplePrincipal(username);
+ if (!subject.getPrincipals().contains(userPrincipal))
+ subject.getPrincipals().add(userPrincipal);
+
+ if (debug) {
+ System.out.println("\t\t[SampleLoginModule] " +
+ "added SamplePrincipal to Subject");
+ }
+
+ // in any case, clean out state
+ username = null;
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+
+ commitSucceeded = true;
+ return true;
+ }
+ }
+
+ /**
+ * This method is called if the LoginContext's
+ * overall authentication failed.
+ * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
+ * did not succeed).
+ *
+ * If this LoginModule's own authentication attempt
+ * succeeded (checked by retrieving the private state saved by the
+ *
+ *
+ * @exception LoginException if the abort fails.
+ *
+ * @return false if this LoginModule's own login and/or commit attempts
+ * failed, and true otherwise.
+ */
+ public boolean abort() throws LoginException {
+ if (succeeded == false) {
+ return false;
+ } else if (succeeded == true && commitSucceeded == false) {
+ // login succeeded but overall authentication failed
+ succeeded = false;
+ username = null;
+ if (password != null) {
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ }
+ userPrincipal = null;
+ } else {
+ // overall authentication succeeded and commit succeeded,
+ // but someone else's commit failed
+ logout();
+ }
+ return true;
+ }
+
+ /**
+ * Logout the user.
+ *
+ * This method removes the
+ *
+ * @exception LoginException if the logout fails.
+ *
+ * @return true in all cases since this This class implements the Principals such as this
+ *
+ * @param name the Sample username for this user.
+ *
+ * @exception NullPointerException if the
+ *
+ * @return the Sample username for this
+ *
+ * @return a string representation of this
+ *
+ * @param o Object to be compared for equality with this
+ *
+ *
+ * @return a hash code for this This Sample application attempts to authenticate a user
+ * and reports whether or not the authentication was successful.
+ */
+public class SampleAcn {
+
+ /**
+ * Attempt to authenticate the user.
+ *
+ *
+ *
+ * @param args input arguments for this application. These are ignored.
+ */
+ public static void main(String[] args) {
+
+ // Obtain a LoginContext, needed for authentication. Tell it
+ // to use the LoginModule implementation specified by the
+ // entry named "Sample" in the JAAS login configuration
+ // file and to also use the specified CallbackHandler.
+ LoginContext lc = null;
+ try {
+ lc = new LoginContext("Sample", new MyCallbackHandler());
+ } catch (LoginException le) {
+ System.err.println("Cannot create LoginContext. " + le.getMessage());
+ System.exit(-1);
+ } catch (SecurityException se) {
+ System.err.println("Cannot create LoginContext. " + se.getMessage());
+ System.exit(-1);
+ }
+
+ // the user has 3 attempts to authenticate successfully
+ int i;
+ for (i = 0; i < 3; i++) {
+ try {
+
+ // attempt authentication
+ lc.login();
+
+ // if we return with no exception, authentication succeeded
+ break;
+
+ } catch (LoginException le) {
+
+ System.err.println("Authentication failed:");
+ System.err.println(" " + le.getMessage());
+ try {
+ Thread.currentThread().sleep(3000);
+ } catch (Exception e) {
+ // ignore
+ }
+
+ }
+ }
+
+ // did they fail three times?
+ if (i == 3) {
+ System.out.println("Sorry");
+ System.exit(-1);
+ }
+
+ System.out.println("Authentication succeeded!");
+
+ }
+}
+
+
+/**
+ * The application implements the CallbackHandler.
+ *
+ * This application is text-based. Therefore it displays information
+ * to the user using the OutputStreams System.out and System.err,
+ * and gathers input from the user using the InputStream System.in.
+ */
+class MyCallbackHandler implements CallbackHandler {
+
+ /**
+ * Invoke an array of Callbacks.
+ *
+ *
+ *
+ * @param callbacks an array of
+ *
+ * @exception UnsupportedCallbackException if the implementation of this
+ * method does not support one or more of the Callbacks
+ * specified in the This sample LoginModule authenticates users with a password.
+ *
+ * This LoginModule only recognizes one user: testUser
+ * testUser's password is: testPassword
+ *
+ * If testUser successfully authenticates itself,
+ * a This LoginModule recognizes the debug option.
+ * If set to true in the login Configuration,
+ * debug messages will be output to the output stream, System.out.
+ *
+ */
+public class SampleLoginModule implements LoginModule {
+
+ // initial state
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private Map sharedState;
+ private Map options;
+
+ // configurable option
+ private boolean debug = false;
+
+ // the authentication status
+ private boolean succeeded = false;
+ private boolean commitSucceeded = false;
+
+ // username and password
+ private String username;
+ private char[] password;
+
+ // testUser's SamplePrincipal
+ private SamplePrincipal userPrincipal;
+
+ /**
+ * Initialize this
+ *
+ * @param subject the
+ *
+ * @param callbackHandler a
+ *
+ * @param sharedState shared
+ *
+ * @param options options specified in the login
+ *
+ *
+ * @return true in all cases since this
+ *
+ * @exception LoginException if this This method is called if the LoginContext's
+ * overall authentication succeeded
+ * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
+ * succeeded).
+ *
+ * If this LoginModule's own authentication attempt
+ * succeeded (checked by retrieving the private state saved by the
+ *
+ *
+ * @exception LoginException if the commit fails.
+ *
+ * @return true if this LoginModule's own login and commit
+ * attempts succeeded, or false otherwise.
+ */
+ public boolean commit() throws LoginException {
+ if (succeeded == false) {
+ return false;
+ } else {
+ // add a Principal (authenticated identity)
+ // to the Subject
+
+ // assume the user we authenticated is the SamplePrincipal
+ userPrincipal = new SamplePrincipal(username);
+ if (!subject.getPrincipals().contains(userPrincipal))
+ subject.getPrincipals().add(userPrincipal);
+
+ if (debug) {
+ System.out.println("\t\t[SampleLoginModule] " +
+ "added SamplePrincipal to Subject");
+ }
+
+ // in any case, clean out state
+ username = null;
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+
+ commitSucceeded = true;
+ return true;
+ }
+ }
+
+ /**
+ * This method is called if the LoginContext's
+ * overall authentication failed.
+ * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
+ * did not succeed).
+ *
+ * If this LoginModule's own authentication attempt
+ * succeeded (checked by retrieving the private state saved by the
+ *
+ *
+ * @exception LoginException if the abort fails.
+ *
+ * @return false if this LoginModule's own login and/or commit attempts
+ * failed, and true otherwise.
+ */
+ public boolean abort() throws LoginException {
+ if (succeeded == false) {
+ return false;
+ } else if (succeeded == true && commitSucceeded == false) {
+ // login succeeded but overall authentication failed
+ succeeded = false;
+ username = null;
+ if (password != null) {
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ }
+ userPrincipal = null;
+ } else {
+ // overall authentication succeeded and commit succeeded,
+ // but someone else's commit failed
+ logout();
+ }
+ return true;
+ }
+
+ /**
+ * Logout the user.
+ *
+ * This method removes the
+ *
+ * @exception LoginException if the logout fails.
+ *
+ * @return true in all cases since this This class implements the Principals such as this
+ *
+ * @param name the Sample username for this user.
+ *
+ * @exception NullPointerException if the
+ *
+ * @return the Sample username for this
+ *
+ * @return a string representation of this
+ *
+ * @param o Object to be compared for equality with this
+ *
+ *
+ * @return a hash code for this This is a Sample PrivilegedAction implementation, designed to be
+ * used with the Sample application.
+ *
+ */
+public class SampleAction implements PrivilegedAction {
+
+ /**
+ * This Sample PrivilegedAction performs the following operations:
+ * This Sample application attempts to authenticate a user
+ * and executes a SampleAction as that user.
+ *
+ * If the user successfully authenticates itself,
+ * the username and number of Credentials is displayed.
+ */
+public class SampleAzn {
+
+ /**
+ * Attempt to authenticate the user.
+ *
+ *
+ *
+ * @param args input arguments for this application. These are ignored.
+ */
+ public static void main(String[] args) {
+
+ // Obtain a LoginContext, needed for authentication. Tell it
+ // to use the LoginModule implementation specified by the
+ // entry named "Sample" in the JAAS login configuration
+ // file and to also use the specified CallbackHandler.
+ LoginContext lc = null;
+ try {
+ lc = new LoginContext("Sample", new MyCallbackHandler());
+ } catch (LoginException le) {
+ System.err.println("Cannot create LoginContext. "
+ + le.getMessage());
+ System.exit(-1);
+ } catch (SecurityException se) {
+ System.err.println("Cannot create LoginContext. "
+ + se.getMessage());
+ System.exit(-1);
+ }
+
+ // the user has 3 attempts to authenticate successfully
+ int i;
+ for (i = 0; i < 3; i++) {
+ try {
+
+ // attempt authentication
+ lc.login();
+
+ // if we return with no exception, authentication succeeded
+ break;
+
+ } catch (LoginException le) {
+
+ System.err.println("Authentication failed:");
+ System.err.println(" " + le.getMessage());
+ try {
+ Thread.currentThread().sleep(3000);
+ } catch (Exception e) {
+ // ignore
+ }
+
+ }
+ }
+
+ // did they fail three times?
+ if (i == 3) {
+ System.out.println("Sorry");
+ System.exit(-1);
+ }
+
+ System.out.println("Authentication succeeded!");
+
+ Subject mySubject = lc.getSubject();
+
+ // let's see what Principals we have
+ Iterator principalIterator = mySubject.getPrincipals().iterator();
+ System.out.println("Authenticated user has the following Principals:");
+ while (principalIterator.hasNext()) {
+ Principal p = (Principal)principalIterator.next();
+ System.out.println("\t" + p.toString());
+ }
+
+ System.out.println("User has " +
+ mySubject.getPublicCredentials().size() +
+ " Public Credential(s)");
+
+ // now try to execute the SampleAction as the authenticated Subject
+ PrivilegedAction action = new SampleAction();
+ Subject.doAsPrivileged(mySubject, action, null);
+
+ System.exit(0);
+ }
+}
+
+/**
+ * A CallbackHandler implemented by the application.
+ *
+ * This application is text-based. Therefore it displays information
+ * to the user using the OutputStreams System.out and System.err,
+ * and gathers input from the user using the InputStream System.in.
+ */
+class MyCallbackHandler implements CallbackHandler {
+
+ /**
+ * Invoke an array of Callbacks.
+ *
+ *
+ *
+ * @param callbacks an array of
+ *
+ * @exception UnsupportedCallbackException if the implementation of this
+ * method does not support one or more of the Callbacks
+ * specified in the This sample LoginModule authenticates users with a password.
+ *
+ * This LoginModule only recognizes one user: testUser
+ * testUser's password is: testPassword
+ *
+ * If testUser successfully authenticates itself,
+ * a This LoginModule recognizes the debug option.
+ * If set to true in the login Configuration,
+ * debug messages will be output to the output stream, System.out.
+ *
+ */
+public class SampleLoginModule implements LoginModule {
+
+ // initial state
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private Map sharedState;
+ private Map options;
+
+ // configurable option
+ private boolean debug = false;
+
+ // the authentication status
+ private boolean succeeded = false;
+ private boolean commitSucceeded = false;
+
+ // username and password
+ private String username;
+ private char[] password;
+
+ // testUser's SamplePrincipal
+ private SamplePrincipal userPrincipal;
+
+ /**
+ * Initialize this
+ *
+ * @param subject the
+ *
+ * @param callbackHandler a
+ *
+ * @param sharedState shared
+ *
+ * @param options options specified in the login
+ *
+ *
+ * @return true in all cases since this
+ *
+ * @exception LoginException if this This method is called if the LoginContext's
+ * overall authentication succeeded
+ * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
+ * succeeded).
+ *
+ * If this LoginModule's own authentication attempt
+ * succeeded (checked by retrieving the private state saved by the
+ *
+ *
+ * @exception LoginException if the commit fails.
+ *
+ * @return true if this LoginModule's own login and commit
+ * attempts succeeded, or false otherwise.
+ */
+ public boolean commit() throws LoginException {
+ if (succeeded == false) {
+ return false;
+ } else {
+ // add a Principal (authenticated identity)
+ // to the Subject
+
+ // assume the user we authenticated is the SamplePrincipal
+ userPrincipal = new SamplePrincipal(username);
+ if (!subject.getPrincipals().contains(userPrincipal))
+ subject.getPrincipals().add(userPrincipal);
+
+ if (debug) {
+ System.out.println("\t\t[SampleLoginModule] " +
+ "added SamplePrincipal to Subject");
+ }
+
+ // in any case, clean out state
+ username = null;
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+
+ commitSucceeded = true;
+ return true;
+ }
+ }
+
+ /**
+ * This method is called if the LoginContext's
+ * overall authentication failed.
+ * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
+ * did not succeed).
+ *
+ * If this LoginModule's own authentication attempt
+ * succeeded (checked by retrieving the private state saved by the
+ *
+ *
+ * @exception LoginException if the abort fails.
+ *
+ * @return false if this LoginModule's own login and/or commit attempts
+ * failed, and true otherwise.
+ */
+ public boolean abort() throws LoginException {
+ if (succeeded == false) {
+ return false;
+ } else if (succeeded == true && commitSucceeded == false) {
+ // login succeeded but overall authentication failed
+ succeeded = false;
+ username = null;
+ if (password != null) {
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ }
+ userPrincipal = null;
+ } else {
+ // overall authentication succeeded and commit succeeded,
+ // but someone else's commit failed
+ logout();
+ }
+ return true;
+ }
+
+ /**
+ * Logout the user.
+ *
+ * This method removes the
+ *
+ * @exception LoginException if the logout fails.
+ *
+ * @return true in all cases since this This class implements the Principals such as this
+ *
+ * @param name the Sample username for this user.
+ *
+ * @exception NullPointerException if the
+ *
+ * @return the Sample username for this
+ *
+ * @return a string representation of this
+ *
+ * @param o Object to be compared for equality with this
+ *
+ *
+ * @return a hash code for this Configuration for this particular
+ * LoginModule.
+ */
+ public void initialize(Subject subject,
+ CallbackHandler callbackHandler,
+ MapLoginModule
+ * should not be ignored.
+ *
+ * @exception FailedLoginException if the authentication fails. LoginModule
+ * is unable to perform the authentication.
+ */
+ public boolean login() throws LoginException {
+
+ // prompt for a user name and password
+ if (callbackHandler == null)
+ throw new LoginException("Error: no CallbackHandler available " +
+ "to garner authentication information from the user");
+
+ Callback[] callbacks = new Callback[2];
+ callbacks[0] = new NameCallback("user name: ");
+ callbacks[1] = new PasswordCallback("password: ", false);
+
+ try {
+ callbackHandler.handle(callbacks);
+ username = ((NameCallback)callbacks[0]).getName();
+ char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword();
+ if (tmpPassword == null) {
+ // treat a NULL password as an empty password
+ tmpPassword = new char[0];
+ }
+ password = new char[tmpPassword.length];
+ System.arraycopy(tmpPassword, 0,
+ password, 0, tmpPassword.length);
+ ((PasswordCallback)callbacks[1]).clearPassword();
+
+ } catch (java.io.IOException ioe) {
+ throw new LoginException(ioe.toString());
+ } catch (UnsupportedCallbackException uce) {
+ throw new LoginException("Error: " + uce.getCallback().toString() +
+ " not available to garner authentication information " +
+ "from the user");
+ }
+
+ // print debugging information
+ if (debug) {
+ System.out.println("\t\t[SampleLoginModule] " +
+ "user entered user name: " +
+ username);
+ System.out.print("\t\t[SampleLoginModule] " +
+ "user entered password: ");
+ for (int i = 0; i < password.length; i++)
+ System.out.print(password[i]);
+ System.out.println();
+ }
+
+ // verify the username/password
+ boolean usernameCorrect = false;
+ boolean passwordCorrect = false;
+ if (username.equals("testUser"))
+ usernameCorrect = true;
+ if (usernameCorrect &&
+ password.length == 12 &&
+ password[0] == 't' &&
+ password[1] == 'e' &&
+ password[2] == 's' &&
+ password[3] == 't' &&
+ password[4] == 'P' &&
+ password[5] == 'a' &&
+ password[6] == 's' &&
+ password[7] == 's' &&
+ password[8] == 'w' &&
+ password[9] == 'o' &&
+ password[10] == 'r' &&
+ password[11] == 'd') {
+
+ // authentication succeeded!!!
+ passwordCorrect = true;
+ if (debug)
+ System.out.println("\t\t[SampleLoginModule] " +
+ "authentication succeeded");
+ succeeded = true;
+ return true;
+ } else {
+
+ // authentication failed -- clean out state
+ if (debug)
+ System.out.println("\t\t[SampleLoginModule] " +
+ "authentication failed");
+ succeeded = false;
+ username = null;
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ if (!usernameCorrect) {
+ throw new FailedLoginException("User Name Incorrect");
+ } else {
+ throw new FailedLoginException("Password Incorrect");
+ }
+ }
+ }
+
+ /**
+ * login method), then this method associates a
+ * SamplePrincipal
+ * with the Subject located in the
+ * LoginModule. If this LoginModule's own
+ * authentication attempted failed, then this method removes
+ * any state that was originally saved.
+ *
+ * login and commit methods),
+ * then this method cleans up any state that was originally saved.
+ *
+ * SamplePrincipal
+ * that was added by the commit method.
+ *
+ * LoginModule
+ * should not be ignored.
+ */
+ public boolean logout() throws LoginException {
+
+ subject.getPrincipals().remove(userPrincipal);
+ succeeded = false;
+ succeeded = commitSucceeded;
+ username = null;
+ if (password != null) {
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ }
+ userPrincipal = null;
+ return true;
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie1/sample/principal/SamplePrincipal.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie1/sample/principal/SamplePrincipal.java
new file mode 100644
index 0000000..29621e7
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie1/sample/principal/SamplePrincipal.java
@@ -0,0 +1,144 @@
+/*
+ *
+ * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample.principal;
+
+import java.security.Principal;
+
+/**
+ * Principal interface
+ * and represents a Sample user.
+ *
+ * SamplePrincipal
+ * may be associated with a particular Subject
+ * to augment that Subject with an additional
+ * identity. Refer to the Subject class for more information
+ * on how to achieve this. Authorization decisions can then be based upon
+ * the Principals associated with a Subject.
+ *
+ * @see java.security.Principal
+ * @see javax.security.auth.Subject
+ */
+public class SamplePrincipal implements Principal, java.io.Serializable {
+
+ /**
+ * @serial
+ */
+ private String name;
+
+ /**
+ * Create a SamplePrincipal with a Sample username.
+ *
+ * name
+ * is null.
+ */
+ public SamplePrincipal(String name) {
+ if (name == null)
+ throw new NullPointerException("illegal null input");
+
+ this.name = name;
+ }
+
+ /**
+ * Return the Sample username for this SamplePrincipal.
+ *
+ * SamplePrincipal
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Return a string representation of this SamplePrincipal.
+ *
+ * SamplePrincipal.
+ */
+ public String toString() {
+ return("SamplePrincipal: " + name);
+ }
+
+ /**
+ * Compares the specified Object with this SamplePrincipal
+ * for equality. Returns true if the given object is also a
+ * SamplePrincipal and the two SamplePrincipals
+ * have the same username.
+ *
+ * SamplePrincipal.
+ *
+ * @return true if the specified Object is equal equal to this
+ * SamplePrincipal.
+ */
+ public boolean equals(Object o) {
+ if (o == null)
+ return false;
+
+ if (this == o)
+ return true;
+
+ if (!(o instanceof SamplePrincipal))
+ return false;
+ SamplePrincipal that = (SamplePrincipal)o;
+
+ if (this.getName().equals(that.getName()))
+ return true;
+ return false;
+ }
+
+ /**
+ * Return a hash code for this SamplePrincipal.
+ *
+ * SamplePrincipal.
+ */
+ public int hashCode() {
+ return name.hashCode();
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/.policy b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/.policy
new file mode 100644
index 0000000..f5207c8
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/.policy
@@ -0,0 +1,7 @@
+grant codebase "file:./SampleLM.jar" {
+ permission javax.security.auth.AuthPermission "modifyPrincipals";
+};
+
+grant codebase "file:./SampleAcn.jar" {
+ permission javax.security.auth.AuthPermission "createLoginContext.Sample";
+};
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/SampleAcn.jar b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/SampleAcn.jar
new file mode 100644
index 0000000..5522f7e
Binary files /dev/null and b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/SampleAcn.jar differ
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/SampleLM.jar b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/SampleLM.jar
new file mode 100644
index 0000000..54ad86d
Binary files /dev/null and b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/SampleLM.jar differ
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/jaas.config b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/jaas.config
new file mode 100644
index 0000000..deda887
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/jaas.config
@@ -0,0 +1,5 @@
+/** Login Configuration for the JAAS Sample Application **/
+
+Sample {
+ sample.module.SampleLoginModule required debug=true;
+};
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/run.sh b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/run.sh
new file mode 100644
index 0000000..fb7bf3f
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/run.sh
@@ -0,0 +1,28 @@
+# Reset
+rm \
+ ./SampleAcn.jar \
+ ./SampleLM.jar
+
+# Compile Java files
+javac \
+ sample/SampleAcn.java \
+ sample/module/SampleLoginModule.java \
+ sample/principal/SamplePrincipal.java
+
+# Crée deux fichier Jar (SampleAcn et SampleLM)
+jar -cvf SampleAcn.jar sample/SampleAcn.class sample/MyCallbackHandler.class
+jar -cvf SampleLM.jar sample/module/SampleLoginModule.class sample/principal/SamplePrincipal.class
+
+# Supprime les artéfacts
+rm \
+ ./sample/MyCallbackHandler.class \
+ ./sample/SampleAcn.class \
+ ./sample/module/SampleLoginModule.class \
+ ./sample/principal/SamplePrincipal.class \
+
+# Exécute
+java -classpath SampleAcn.jar:SampleLM.jar \
+ -Djava.security.manager \
+ -Djava.security.policy==.policy \
+ -Djava.security.auth.login.config==jaas.config \
+ sample.SampleAcn
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/SampleAcn.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/SampleAcn.java
new file mode 100644
index 0000000..f2b78aa
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/SampleAcn.java
@@ -0,0 +1,237 @@
+/*
+ *
+ * Copyright (c) 2001, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample;
+
+import java.io.*;
+import java.util.*;
+import javax.security.auth.login.*;
+import javax.security.auth.*;
+import javax.security.auth.callback.*;
+
+/**
+ * Callback objects which contain
+ * the information requested by an underlying security
+ * service to be retrieved or displayed.
+ *
+ * @exception java.io.IOException if an input or output error occurs. callbacks parameter.
+ */
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof TextOutputCallback) {
+
+ // display the message according to the specified type
+ TextOutputCallback toc = (TextOutputCallback)callbacks[i];
+ switch (toc.getMessageType()) {
+ case TextOutputCallback.INFORMATION:
+ System.out.println(toc.getMessage());
+ break;
+ case TextOutputCallback.ERROR:
+ System.out.println("ERROR: " + toc.getMessage());
+ break;
+ case TextOutputCallback.WARNING:
+ System.out.println("WARNING: " + toc.getMessage());
+ break;
+ default:
+ throw new IOException("Unsupported message type: " + toc.getMessageType());
+ }
+
+ } else if (callbacks[i] instanceof NameCallback) {
+
+ // prompt the user for a username
+ NameCallback nc = (NameCallback)callbacks[i];
+
+ System.err.print(nc.getPrompt());
+ System.err.flush();
+ nc.setName((new BufferedReader
+ (new InputStreamReader(System.in))).readLine());
+
+ } else if (callbacks[i] instanceof PasswordCallback) {
+
+ // prompt the user for sensitive information
+ PasswordCallback pc = (PasswordCallback)callbacks[i];
+ System.err.print(pc.getPrompt());
+ System.err.flush();
+ pc.setPassword(readPassword(System.in));
+
+ } else {
+ throw new UnsupportedCallbackException
+ (callbacks[i], "Unrecognized Callback");
+ }
+ }
+ }
+
+ // Reads user password from given input stream.
+ private char[] readPassword(InputStream in) throws IOException {
+
+ char[] lineBuffer;
+ char[] buf;
+ int i;
+
+ buf = lineBuffer = new char[128];
+
+ int room = buf.length;
+ int offset = 0;
+ int c;
+
+loop: while (true) {
+ switch (c = in.read()) {
+ case -1:
+ case '\n':
+ break loop;
+
+ case '\r':
+ int c2 = in.read();
+ if ((c2 != '\n') && (c2 != -1)) {
+ if (!(in instanceof PushbackInputStream)) {
+ in = new PushbackInputStream(in);
+ }
+ ((PushbackInputStream)in).unread(c2);
+ } else
+ break loop;
+
+ default:
+ if (--room < 0) {
+ buf = new char[offset + 128];
+ room = buf.length - offset - 1;
+ System.arraycopy(lineBuffer, 0, buf, 0, offset);
+ Arrays.fill(lineBuffer, ' ');
+ lineBuffer = buf;
+ }
+ buf[offset++] = (char) c;
+ break;
+ }
+ }
+
+ if (offset == 0) {
+ return null;
+ }
+
+ char[] ret = new char[offset];
+ System.arraycopy(buf, 0, ret, 0, offset);
+ Arrays.fill(buf, ' ');
+
+ return ret;
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/module/SampleLoginModule.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/module/SampleLoginModule.java
new file mode 100644
index 0000000..0f4b88e
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/module/SampleLoginModule.java
@@ -0,0 +1,337 @@
+/*
+ *
+ * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample.module;
+
+import java.util.*;
+import java.io.IOException;
+import javax.security.auth.*;
+import javax.security.auth.callback.*;
+import javax.security.auth.login.*;
+import javax.security.auth.spi.*;
+import sample.principal.SamplePrincipal;
+
+/**
+ * SamplePrincipal with the testUser's user name
+ * is added to the Subject.
+ *
+ * LoginModule.
+ *
+ * Subject to be authenticated. CallbackHandler for communicating
+ * with the end user (prompting for user names and
+ * passwords, for example). LoginModule state. Configuration for this particular
+ * LoginModule.
+ */
+ public void initialize(Subject subject,
+ CallbackHandler callbackHandler,
+ MapLoginModule
+ * should not be ignored.
+ *
+ * @exception FailedLoginException if the authentication fails. LoginModule
+ * is unable to perform the authentication.
+ */
+ public boolean login() throws LoginException {
+
+ // prompt for a user name and password
+ if (callbackHandler == null)
+ throw new LoginException("Error: no CallbackHandler available " +
+ "to garner authentication information from the user");
+
+ Callback[] callbacks = new Callback[2];
+ callbacks[0] = new NameCallback("user name: ");
+ callbacks[1] = new PasswordCallback("password: ", false);
+
+ try {
+ callbackHandler.handle(callbacks);
+ username = ((NameCallback)callbacks[0]).getName();
+ char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword();
+ if (tmpPassword == null) {
+ // treat a NULL password as an empty password
+ tmpPassword = new char[0];
+ }
+ password = new char[tmpPassword.length];
+ System.arraycopy(tmpPassword, 0,
+ password, 0, tmpPassword.length);
+ ((PasswordCallback)callbacks[1]).clearPassword();
+
+ } catch (java.io.IOException ioe) {
+ throw new LoginException(ioe.toString());
+ } catch (UnsupportedCallbackException uce) {
+ throw new LoginException("Error: " + uce.getCallback().toString() +
+ " not available to garner authentication information " +
+ "from the user");
+ }
+
+ // print debugging information
+ if (debug) {
+ System.out.println("\t\t[SampleLoginModule] " +
+ "user entered user name: " +
+ username);
+ System.out.print("\t\t[SampleLoginModule] " +
+ "user entered password: ");
+ for (int i = 0; i < password.length; i++)
+ System.out.print(password[i]);
+ System.out.println();
+ }
+
+ // verify the username/password
+ boolean usernameCorrect = false;
+ boolean passwordCorrect = false;
+ if (username.equals("testUser"))
+ usernameCorrect = true;
+ if (usernameCorrect &&
+ password.length == 12 &&
+ password[0] == 't' &&
+ password[1] == 'e' &&
+ password[2] == 's' &&
+ password[3] == 't' &&
+ password[4] == 'P' &&
+ password[5] == 'a' &&
+ password[6] == 's' &&
+ password[7] == 's' &&
+ password[8] == 'w' &&
+ password[9] == 'o' &&
+ password[10] == 'r' &&
+ password[11] == 'd') {
+
+ // authentication succeeded!!!
+ passwordCorrect = true;
+ if (debug)
+ System.out.println("\t\t[SampleLoginModule] " +
+ "authentication succeeded");
+ succeeded = true;
+ return true;
+ } else {
+
+ // authentication failed -- clean out state
+ if (debug)
+ System.out.println("\t\t[SampleLoginModule] " +
+ "authentication failed");
+ succeeded = false;
+ username = null;
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ if (!usernameCorrect) {
+ throw new FailedLoginException("User Name Incorrect");
+ } else {
+ throw new FailedLoginException("Password Incorrect");
+ }
+ }
+ }
+
+ /**
+ * login method), then this method associates a
+ * SamplePrincipal
+ * with the Subject located in the
+ * LoginModule. If this LoginModule's own
+ * authentication attempted failed, then this method removes
+ * any state that was originally saved.
+ *
+ * login and commit methods),
+ * then this method cleans up any state that was originally saved.
+ *
+ * SamplePrincipal
+ * that was added by the commit method.
+ *
+ * LoginModule
+ * should not be ignored.
+ */
+ public boolean logout() throws LoginException {
+
+ subject.getPrincipals().remove(userPrincipal);
+ succeeded = false;
+ succeeded = commitSucceeded;
+ username = null;
+ if (password != null) {
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ }
+ userPrincipal = null;
+ return true;
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/principal/SamplePrincipal.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/principal/SamplePrincipal.java
new file mode 100644
index 0000000..e205bd0
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie2/sample/principal/SamplePrincipal.java
@@ -0,0 +1,141 @@
+/*
+ *
+ * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample.principal;
+
+import java.security.Principal;
+
+/**
+ * Principal interface
+ * and represents a Sample user.
+ *
+ * SamplePrincipal
+ * may be associated with a particular Subject
+ * to augment that Subject with an additional
+ * identity. Refer to the Subject class for more information
+ * on how to achieve this. Authorization decisions can then be based upon
+ * the Principals associated with a Subject.
+ *
+ * @see java.security.Principal
+ * @see javax.security.auth.Subject
+ */
+public class SamplePrincipal implements Principal, java.io.Serializable {
+
+ /**
+ * @serial
+ */
+ private String name;
+
+ /**
+ * Create a SamplePrincipal with a Sample username.
+ *
+ * name
+ * is null.
+ */
+ public SamplePrincipal(String name) {
+ if (name == null)
+ throw new NullPointerException("illegal null input");
+
+ this.name = name;
+ }
+
+ /**
+ * Return the Sample username for this SamplePrincipal.
+ *
+ * SamplePrincipal
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Return a string representation of this SamplePrincipal.
+ *
+ * SamplePrincipal.
+ */
+ public String toString() {
+ return("SamplePrincipal: " + name);
+ }
+
+ /**
+ * Compares the specified Object with this SamplePrincipal
+ * for equality. Returns true if the given object is also a
+ * SamplePrincipal and the two SamplePrincipals
+ * have the same username.
+ *
+ * SamplePrincipal.
+ *
+ * @return true if the specified Object is equal equal to this
+ * SamplePrincipal.
+ */
+ public boolean equals(Object o) {
+ if (o == null) return false;
+ if (this == o) return true;
+
+ if (!(o instanceof SamplePrincipal))
+ return false;
+ SamplePrincipal that = (SamplePrincipal)o;
+
+ if (this.getName().equals(that.getName()))
+ return true;
+ return false;
+ }
+
+ /**
+ * Return a hash code for this SamplePrincipal.
+ *
+ * SamplePrincipal.
+ */
+ public int hashCode() {
+ return name.hashCode();
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleAction.jar b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleAction.jar
new file mode 100644
index 0000000..34c9ae8
Binary files /dev/null and b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleAction.jar differ
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleAzn.jar b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleAzn.jar
new file mode 100644
index 0000000..5bd37f4
Binary files /dev/null and b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleAzn.jar differ
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleLM.jar b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleLM.jar
new file mode 100644
index 0000000..0109f7d
Binary files /dev/null and b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/SampleLM.jar differ
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/azn.policy b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/azn.policy
new file mode 100644
index 0000000..a3fb294
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/azn.policy
@@ -0,0 +1,24 @@
+/** Java 2 Access Control Policy for the JAAS Sample Application **/
+
+/* grant the sample LoginModule permissions */
+grant codebase "file:./SampleLM.jar" {
+ permission javax.security.auth.AuthPermission "modifyPrincipals";
+};
+
+grant codebase "file:./SampleAzn.jar" {
+
+ permission javax.security.auth.AuthPermission "createLoginContext.Sample";
+ permission javax.security.auth.AuthPermission "doAsPrivileged";
+};
+
+/** User-Based Access Control Policy for the SampleAction class
+ ** instantiated by SampleAzn
+ **/
+
+grant codebase "file:./SampleAction.jar",
+ Principal sample.principal.SamplePrincipal "testUser" {
+
+ permission java.util.PropertyPermission "java.home", "read";
+ permission java.util.PropertyPermission "user.home", "read";
+ permission java.io.FilePermission "foo.txt", "read";
+};
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/foo.txt b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/foo.txt
new file mode 100644
index 0000000..d05d9b8
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/foo.txt
@@ -0,0 +1 @@
+Coucou c'est moi FOO
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/jaas.config b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/jaas.config
new file mode 100644
index 0000000..deda887
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/jaas.config
@@ -0,0 +1,5 @@
+/** Login Configuration for the JAAS Sample Application **/
+
+Sample {
+ sample.module.SampleLoginModule required debug=true;
+};
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/run.sh b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/run.sh
new file mode 100644
index 0000000..0df0f8c
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/run.sh
@@ -0,0 +1,31 @@
+# Reset
+rm \
+ ./SampleAcn.jar \
+ ./SampleAction.jar \
+ ./SampleLM.jar
+
+# Compile
+javac \
+ sample/SampleAction.java \
+ sample/SampleAzn.java \
+ sample/module/SampleLoginModule.java \
+ sample/principal/SamplePrincipal.java
+
+# Créé les JAR SampleAzn, SampleAction, SampleLM
+jar -cvf SampleAzn.jar sample/SampleAzn.class sample/MyCallbackHandler.class
+jar -cvf SampleAction.jar sample/SampleAction.class
+jar -cvf SampleLM.jar sample/module/SampleLoginModule.class sample/principal/SamplePrincipal.class
+
+# Enlève les artéfacts
+rm \
+ ./sample/SampleAction.class \
+ ./sample/SampleAzn.class \
+ ./sample/MyCallbackHandler.class \
+ ./sample/module/SampleLoginModule.class \
+ ./sample/principal/SamplePrincipal.class
+
+# Executer
+java -classpath SampleAzn.jar:SampleAction.jar:SampleLM.jar \
+ -Djava.security.manager \
+ -Djava.security.policy==azn.policy \
+ -Djava.security.auth.login.config==jaas.config sample.SampleAzn
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/SampleAction.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/SampleAction.java
new file mode 100644
index 0000000..e272688
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/SampleAction.java
@@ -0,0 +1,75 @@
+/*
+ *
+ * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample;
+
+import java.io.File;
+import java.security.PrivilegedAction;
+
+/**
+ *
+ *
+ *
+ * @return null in all cases.
+ *
+ * @exception SecurityException if the caller does not have permission
+ * to perform the operations listed above.
+ */
+ public Object run() {
+ System.out.println("java.home : " + System.getProperty("java.home"));
+ System.out.println("user.home : " + System.getProperty("user.home"));
+
+ File f = new File("foo.txt");
+ System.out.print("foo.txt does ");
+ if (!f.exists()) System.out.print("not ");
+ System.out.println("exist in the current working directory.");
+ return null;
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/SampleAzn.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/SampleAzn.java
new file mode 100644
index 0000000..e07ec79
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/SampleAzn.java
@@ -0,0 +1,265 @@
+/*
+ *
+ * Copyright (c) 2001, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample;
+
+import java.io.*;
+import java.util.*;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+import javax.security.auth.*;
+import javax.security.auth.callback.*;
+import javax.security.auth.login.*;
+import javax.security.auth.spi.*;
+import com.sun.security.auth.*;
+
+/**
+ * Callback objects which contain
+ * the information requested by an underlying security
+ * service to be retrieved or displayed.
+ *
+ * @exception java.io.IOException if an input or output error occurs. callbacks parameter.
+ */
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof TextOutputCallback) {
+
+ // display the message according to the specified type
+ TextOutputCallback toc = (TextOutputCallback)callbacks[i];
+ switch (toc.getMessageType()) {
+ case TextOutputCallback.INFORMATION:
+ System.out.println(toc.getMessage());
+ break;
+ case TextOutputCallback.ERROR:
+ System.out.println("ERROR: " + toc.getMessage());
+ break;
+ case TextOutputCallback.WARNING:
+ System.out.println("WARNING: " + toc.getMessage());
+ break;
+ default:
+ throw new IOException("Unsupported message type: " +
+ toc.getMessageType());
+ }
+
+ } else if (callbacks[i] instanceof NameCallback) {
+
+ // prompt the user for a username
+ NameCallback nc = (NameCallback)callbacks[i];
+
+ System.err.print(nc.getPrompt());
+ System.err.flush();
+ nc.setName((new BufferedReader
+ (new InputStreamReader(System.in))).readLine());
+
+ } else if (callbacks[i] instanceof PasswordCallback) {
+
+ // prompt the user for sensitive information
+ PasswordCallback pc = (PasswordCallback)callbacks[i];
+ System.err.print(pc.getPrompt());
+ System.err.flush();
+ pc.setPassword(readPassword(System.in));
+
+ } else {
+ throw new UnsupportedCallbackException
+ (callbacks[i], "Unrecognized Callback");
+ }
+ }
+ }
+
+ // Reads user password from given input stream.
+ private char[] readPassword(InputStream in) throws IOException {
+
+ char[] lineBuffer;
+ char[] buf;
+ int i;
+
+ buf = lineBuffer = new char[128];
+
+ int room = buf.length;
+ int offset = 0;
+ int c;
+
+loop: while (true) {
+ switch (c = in.read()) {
+ case -1:
+ case '\n':
+ break loop;
+
+ case '\r':
+ int c2 = in.read();
+ if ((c2 != '\n') && (c2 != -1)) {
+ if (!(in instanceof PushbackInputStream)) {
+ in = new PushbackInputStream(in);
+ }
+ ((PushbackInputStream)in).unread(c2);
+ } else
+ break loop;
+
+ default:
+ if (--room < 0) {
+ buf = new char[offset + 128];
+ room = buf.length - offset - 1;
+ System.arraycopy(lineBuffer, 0, buf, 0, offset);
+ Arrays.fill(lineBuffer, ' ');
+ lineBuffer = buf;
+ }
+ buf[offset++] = (char) c;
+ break;
+ }
+ }
+
+ if (offset == 0) {
+ return null;
+ }
+
+ char[] ret = new char[offset];
+ System.arraycopy(buf, 0, ret, 0, offset);
+ Arrays.fill(buf, ' ');
+
+ return ret;
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/module/SampleLoginModule.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/module/SampleLoginModule.java
new file mode 100644
index 0000000..0f4b88e
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/module/SampleLoginModule.java
@@ -0,0 +1,337 @@
+/*
+ *
+ * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample.module;
+
+import java.util.*;
+import java.io.IOException;
+import javax.security.auth.*;
+import javax.security.auth.callback.*;
+import javax.security.auth.login.*;
+import javax.security.auth.spi.*;
+import sample.principal.SamplePrincipal;
+
+/**
+ * SamplePrincipal with the testUser's user name
+ * is added to the Subject.
+ *
+ * LoginModule.
+ *
+ * Subject to be authenticated. CallbackHandler for communicating
+ * with the end user (prompting for user names and
+ * passwords, for example). LoginModule state. Configuration for this particular
+ * LoginModule.
+ */
+ public void initialize(Subject subject,
+ CallbackHandler callbackHandler,
+ MapLoginModule
+ * should not be ignored.
+ *
+ * @exception FailedLoginException if the authentication fails. LoginModule
+ * is unable to perform the authentication.
+ */
+ public boolean login() throws LoginException {
+
+ // prompt for a user name and password
+ if (callbackHandler == null)
+ throw new LoginException("Error: no CallbackHandler available " +
+ "to garner authentication information from the user");
+
+ Callback[] callbacks = new Callback[2];
+ callbacks[0] = new NameCallback("user name: ");
+ callbacks[1] = new PasswordCallback("password: ", false);
+
+ try {
+ callbackHandler.handle(callbacks);
+ username = ((NameCallback)callbacks[0]).getName();
+ char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword();
+ if (tmpPassword == null) {
+ // treat a NULL password as an empty password
+ tmpPassword = new char[0];
+ }
+ password = new char[tmpPassword.length];
+ System.arraycopy(tmpPassword, 0,
+ password, 0, tmpPassword.length);
+ ((PasswordCallback)callbacks[1]).clearPassword();
+
+ } catch (java.io.IOException ioe) {
+ throw new LoginException(ioe.toString());
+ } catch (UnsupportedCallbackException uce) {
+ throw new LoginException("Error: " + uce.getCallback().toString() +
+ " not available to garner authentication information " +
+ "from the user");
+ }
+
+ // print debugging information
+ if (debug) {
+ System.out.println("\t\t[SampleLoginModule] " +
+ "user entered user name: " +
+ username);
+ System.out.print("\t\t[SampleLoginModule] " +
+ "user entered password: ");
+ for (int i = 0; i < password.length; i++)
+ System.out.print(password[i]);
+ System.out.println();
+ }
+
+ // verify the username/password
+ boolean usernameCorrect = false;
+ boolean passwordCorrect = false;
+ if (username.equals("testUser"))
+ usernameCorrect = true;
+ if (usernameCorrect &&
+ password.length == 12 &&
+ password[0] == 't' &&
+ password[1] == 'e' &&
+ password[2] == 's' &&
+ password[3] == 't' &&
+ password[4] == 'P' &&
+ password[5] == 'a' &&
+ password[6] == 's' &&
+ password[7] == 's' &&
+ password[8] == 'w' &&
+ password[9] == 'o' &&
+ password[10] == 'r' &&
+ password[11] == 'd') {
+
+ // authentication succeeded!!!
+ passwordCorrect = true;
+ if (debug)
+ System.out.println("\t\t[SampleLoginModule] " +
+ "authentication succeeded");
+ succeeded = true;
+ return true;
+ } else {
+
+ // authentication failed -- clean out state
+ if (debug)
+ System.out.println("\t\t[SampleLoginModule] " +
+ "authentication failed");
+ succeeded = false;
+ username = null;
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ if (!usernameCorrect) {
+ throw new FailedLoginException("User Name Incorrect");
+ } else {
+ throw new FailedLoginException("Password Incorrect");
+ }
+ }
+ }
+
+ /**
+ * login method), then this method associates a
+ * SamplePrincipal
+ * with the Subject located in the
+ * LoginModule. If this LoginModule's own
+ * authentication attempted failed, then this method removes
+ * any state that was originally saved.
+ *
+ * login and commit methods),
+ * then this method cleans up any state that was originally saved.
+ *
+ * SamplePrincipal
+ * that was added by the commit method.
+ *
+ * LoginModule
+ * should not be ignored.
+ */
+ public boolean logout() throws LoginException {
+
+ subject.getPrincipals().remove(userPrincipal);
+ succeeded = false;
+ succeeded = commitSucceeded;
+ username = null;
+ if (password != null) {
+ for (int i = 0; i < password.length; i++)
+ password[i] = ' ';
+ password = null;
+ }
+ userPrincipal = null;
+ return true;
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/principal/SamplePrincipal.java b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/principal/SamplePrincipal.java
new file mode 100644
index 0000000..29621e7
--- /dev/null
+++ b/security/TPNote/Notes+Examples/revision/revision/tp2/partie3/sample/principal/SamplePrincipal.java
@@ -0,0 +1,144 @@
+/*
+ *
+ * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * -Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * -Redistribution in binary form must reproduct the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Oracle nor the names of
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * This software is provided "AS IS," without a warranty of any
+ * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
+ * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
+ * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
+ * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
+ * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
+ * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
+ * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
+ * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
+ * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
+ * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ *
+ * You acknowledge that Software is not designed, licensed or
+ * intended for use in the design, construction, operation or
+ * maintenance of any nuclear facility.
+ */
+
+package sample.principal;
+
+import java.security.Principal;
+
+/**
+ * Principal interface
+ * and represents a Sample user.
+ *
+ * SamplePrincipal
+ * may be associated with a particular Subject
+ * to augment that Subject with an additional
+ * identity. Refer to the Subject class for more information
+ * on how to achieve this. Authorization decisions can then be based upon
+ * the Principals associated with a Subject.
+ *
+ * @see java.security.Principal
+ * @see javax.security.auth.Subject
+ */
+public class SamplePrincipal implements Principal, java.io.Serializable {
+
+ /**
+ * @serial
+ */
+ private String name;
+
+ /**
+ * Create a SamplePrincipal with a Sample username.
+ *
+ * name
+ * is null.
+ */
+ public SamplePrincipal(String name) {
+ if (name == null)
+ throw new NullPointerException("illegal null input");
+
+ this.name = name;
+ }
+
+ /**
+ * Return the Sample username for this SamplePrincipal.
+ *
+ * SamplePrincipal
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Return a string representation of this SamplePrincipal.
+ *
+ * SamplePrincipal.
+ */
+ public String toString() {
+ return("SamplePrincipal: " + name);
+ }
+
+ /**
+ * Compares the specified Object with this SamplePrincipal
+ * for equality. Returns true if the given object is also a
+ * SamplePrincipal and the two SamplePrincipals
+ * have the same username.
+ *
+ * SamplePrincipal.
+ *
+ * @return true if the specified Object is equal equal to this
+ * SamplePrincipal.
+ */
+ public boolean equals(Object o) {
+ if (o == null)
+ return false;
+
+ if (this == o)
+ return true;
+
+ if (!(o instanceof SamplePrincipal))
+ return false;
+ SamplePrincipal that = (SamplePrincipal)o;
+
+ if (this.getName().equals(that.getName()))
+ return true;
+ return false;
+ }
+
+ /**
+ * Return a hash code for this SamplePrincipal.
+ *
+ * SamplePrincipal.
+ */
+ public int hashCode() {
+ return name.hashCode();
+ }
+}
\ No newline at end of file
diff --git a/security/TPNote/Notes+Examples/signatureAvecCertificat.sh b/security/TPNote/Notes+Examples/signatureAvecCertificat.sh
new file mode 100755
index 0000000..ca5b9ab
--- /dev/null
+++ b/security/TPNote/Notes+Examples/signatureAvecCertificat.sh
@@ -0,0 +1,112 @@
+#!/bin/bash
+
+# Reset
+rm -rf ./CA
+rm ./client/certificat_request.csr \
+ ./client/certificat_signed.cer \
+ ./client/certificat.cer \
+ ./client/keystore.jks \
+ ./client/Source_Signed.jar
+
+##########################################
+
+# Création des dossiers CA et client s'ils n'existent pas déjà
+mkdir -p CA client
+
+# Génération de la clé privée de la CA
+openssl genrsa -out CA/ca.key 2048
+echo "[CA] - génération de la clé privée : OK"
+
+# Génération du certificat auto-signé de la CA
+openssl req -x509 -new -nodes \
+ -key CA/ca.key -sha256 -days 365 \
+ -out CA/ca.crt \
+ -subj "/CN=SimulatedCA/O=MyCA/C=FR"
+echo "[CA] - génération du certificat auto-signé : OK"
+
+# Génération du keystore du client
+keytool -genkeypair \
+ -alias KeyAlias \
+ -keyalg RSA \
+ -keysize 2048 \
+ -keystore client/keystore.jks \
+ -validity 365 \
+ -dname "CN=ClientName, OU=ClientUnit, O=ClientOrg, L=ClientCity, S=ClientState, C=FR" \
+ -storepass changeit \
+ -keypass changeit
+echo "[Client] - Génération du keystore : OK"
+
+# Génération de la demande de certificat (CSR) pour le client
+keytool -certreq \
+ -alias KeyAlias \
+ -keystore client/keystore.jks \
+ -file client/certificat_request.csr \
+ -storepass changeit
+echo "[Client] - Génération de la demande de certification : OK"
+
+# La CA signe la demande de certificat du client
+openssl x509 -req \
+ -in client/certificat_request.csr \
+ -CA CA/ca.crt -CAkey CA/ca.key -CAcreateserial \
+ -out client/certificat_signed.cer -days 365 -sha256
+echo "[CA] - Signature de la demande de certificat : OK"
+
+# Importation du certificat de la CA dans le keystore du client
+keytool -import \
+ -trustcacerts \
+ -alias SimulatedCA \
+ -file CA/ca.crt \
+ -keystore client/keystore.jks \
+ -noprompt \
+ -storepass changeit
+echo "[Client] - Import du certificat du CA : OK"
+
+# Importation du certificat signé dans le keystore du client
+keytool -import \
+ -alias KeyAlias \
+ -keystore client/keystore.jks \
+ -file client/certificat_signed.cer \
+ -noprompt \
+ -storepass changeit
+echo "[Client] - Import du certificat signé : OK"
+
+# Exportation du certificat signé pour distribution
+keytool -export \
+ -alias KeyAlias \
+ -keystore client/keystore.jks \
+ -file client/certificat.cer \
+ -storepass changeit
+echo "[Client] - Export du certificat signé : OK"
+
+##########################################
+
+cd ./client/
+
+# Compile notre fichier java
+javac ./Source.java
+echo "[Client] - Compilation du .java : OK"
+
+# Créer un fichier MANIFEST.MF avec l'attribut Main-Class
+echo "Main-Class: Source" > ./MANIFEST.MF
+
+# Créé le fichier Jar non signé
+jar cmf ./MANIFEST.MF ./Source.jar ./Source.class
+echo "[Client] - Creation du fichier .jar : OK"
+
+# Convertis en fichier jar signé
+jarsigner -keystore ./keystore.jks \
+ -storepass changeit \
+ -signedjar ./Source_Signed.jar ./Source.jar KeyAlias
+echo "[Client] - Creation du fichier .jar signé : OK"
+
+# Supprime les artéfacts
+rm ./Source.class ./Source.jar ./MANIFEST.MF
+
+# On peut vérifier que notre certificat est bien valide
+jarsigner -verify ./Source_Signed.jar
+echo "[Client] - Vérification du certificat : OK"
+
+cd ..
+
+# Executer le jar signé
+java -jar ./client/Source_Signed.jar
diff --git a/security/TPNote/Notes+Examples/signatureSansCertificat.sh b/security/TPNote/Notes+Examples/signatureSansCertificat.sh
new file mode 100755
index 0000000..8f99cbd
--- /dev/null
+++ b/security/TPNote/Notes+Examples/signatureSansCertificat.sh
@@ -0,0 +1,29 @@
+# Reset
+rm ./keystore.jks ./Source_Signed.jar
+
+# Génère un keystore
+keytool -genkeypair \
+ -alias SourceKeyAlias \
+ -keyalg RSA \
+ -keysize 2048 \
+ -keystore keystore.jks \
+ -validity 365
+
+# Compilation
+javac ./Source.java
+
+# Créer un fichier MANIFEST.MF avec l'attribut Main-Class
+echo "Main-Class: Source" > MANIFEST.MF
+
+# Crée le fichier JAR non signé avec le MANIFEST.MF modifié
+jar cmf MANIFEST.MF Source.jar Source.class
+
+# Convertir en fichier JAR signé
+jarsigner -keystore keystore.jks \
+ -signedjar Source_Signed.jar Source.jar SourceKeyAlias
+
+# Supprime les artéfacts
+rm ./Source.class ./Source.jar MANIFEST.MF
+
+# Essaye d'exécuter ton fichier JAR signé
+java -jar Source_Signed.jar
\ No newline at end of file