1 package server;
2 
3 import java.rmi.Remote;
4 import java.rmi.RemoteException;
5 import java.rmi.server.UnicastRemoteObject;
6 import org.jstk.example.bank.BankIntf;
7 import common.RemoteBank;
8 import common.RemoteLoginServer;
9 import javax.security.auth.callback.Callback;
10import javax.security.auth.callback.CallbackHandler;
11import javax.security.auth.callback.NameCallback;
12import javax.security.auth.callback.PasswordCallback;
13import javax.security.auth.login.LoginContext;
14import javax.security.auth.login.LoginException;
15
16public class RemoteLoginServerImpl extends UnicastRemoteObject implements RemoteLoginServer {
17    private BankIntf bi;
18    public RemoteLoginServerImpl(BankIntf bi) throws RemoteException {
19        this.bi = bi;
20    }
21    public RemoteBank login(String username, String password) throws LoginException, RemoteException {
22        LoginContext lc = new LoginContext("Bank", new RemoteCallbackHandler(username, password));
23        lc.login();
24        return new RemoteBankImpl(bi, lc.getSubject());
25    }
26}
27
28class RemoteCallbackHandler implements CallbackHandler {
29    private String username;
30    private String password;
31    RemoteCallbackHandler(String username, String password){
32        this.username = username;
33        this.password = password;
34    }
35    public void handle(Callback[] cb) {
36        for (int i = 0; i < cb.length; i++){
37            if (cb[i] instanceof NameCallback){
38                NameCallback nc = (NameCallback)cb[i];
39                nc.setName(username);
40            } else if (cb[i] instanceof PasswordCallback){
41                PasswordCallback pc = (PasswordCallback)cb[i];
42                pc.setPassword(password.toCharArray());
43                password = null;
44            }
45        }
46    }
47}