Skip to content

Makes local user information optional. #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Makes local user information optional. #12

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@

<artifactId>libpam4j</artifactId>
<packaging>jar</packaging>
<version>1.9-SNAPSHOT</version>
<version>2.0-SNAPSHOT</version>
<name>Java binding for libpam.so</name>

<properties>
Expand Down
46 changes: 46 additions & 0 deletions src/main/java/org/jvnet/libpam/AuthenticatedUser.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
/*
* The MIT License
*
* Copyright (c) 2009, Sun Microsystems, Inc.
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I presume this is incorrect, since this class was not made in 2009 by Sun though it looks like it's primarily pulled from UnixUser, which was.

Suggestions on what I should update it to while I'm changing things?

*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.jvnet.libpam;

/**
* Represents a user that has been successfully authenticated by PAM.
* Instances should be immutable.
*/
public class AuthenticatedUser {
private final String userName;

/*package*/ AuthenticatedUser(String userName) throws PAMException {
if (null == userName) {
throw new PAMException("username may not be null.");
}
this.userName = userName;
}

/**
* Gets the unix account name. Never null.
*/
public String getUserName() {
return userName;
}
}
11 changes: 6 additions & 5 deletions src/main/java/org/jvnet/libpam/PAM.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ private void check(int ret, String msg) throws PAMException {
* @throws PAMException
* If the authentication fails.
*/
public UnixUser authenticate(String username, String password) throws PAMException {
public AuthenticatedUser authenticate(String username, String password) throws PAMException {
this.password = password;
try {
check(libpam.pam_set_item(pht,PAM_USER,username),"pam_set_item failed");
Expand All @@ -128,10 +128,11 @@ public UnixUser authenticate(String username, String password) throws PAMExcepti
PointerByReference r = new PointerByReference();
check(libpam.pam_get_item(pht,PAM_USER,r),"pam_get_item failed");
String userName = r.getValue().getString(0);
passwd pwd = libc.getpwnam(userName);
if(pwd==null)
throw new PAMException("Authentication succeeded but no user information is available");
return new UnixUser(userName,pwd);
if (UnixUser.exists(userName)) {
return new UnixUser(userName);
} else {
return new AuthenticatedUser(userName);
}
} finally {
this.password = null;
}
Expand Down
17 changes: 5 additions & 12 deletions src/main/java/org/jvnet/libpam/UnixUser.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,13 +38,13 @@
*
* @author Kohsuke Kawaguchi
*/
public class UnixUser {
private final String userName, gecos, dir, shell;
public class UnixUser extends AuthenticatedUser {
private final String gecos, dir, shell;
private final int uid,gid;
private final Set<String> groups;

/*package*/ UnixUser(String userName, passwd pwd) throws PAMException {
this.userName = userName;
super(userName);
this.gecos = pwd.getPwGecos();
this.dir = pwd.getPwDir();
this.shell = pwd.getPwShell();
Expand Down Expand Up @@ -91,8 +91,8 @@ public UnixUser(String userName) throws PAMException {
* Copy constructor for mocking. Not intended for regular use. Only for testing.
* This signature may change in the future.
*/
protected UnixUser(String userName, String gecos, String dir, String shell, int uid, int gid, Set<String> groups) {
this.userName = userName;
protected UnixUser(String userName, String gecos, String dir, String shell, int uid, int gid, Set<String> groups) throws PAMException {
super(userName);
this.gecos = gecos;
this.dir = dir;
this.shell = shell;
Expand All @@ -101,13 +101,6 @@ protected UnixUser(String userName, String gecos, String dir, String shell, int
this.groups = groups;
}

/**
* Gets the unix account name. Never null.
*/
public String getUserName() {
return userName;
}

/**
* Gets the UID of this user.
*/
Expand Down
26 changes: 19 additions & 7 deletions src/test/java/org/jvnet/libpam/InteractiveTester.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,10 @@ public void testPositiveCase() throws Exception {
}

public void testOne() throws Exception {
UnixUser u = new PAM("sshd").authenticate(System.getProperty("user.name"), System.getProperty("password"));
AuthenticatedUser user = new PAM("sshd").authenticate(System.getProperty("user.name"), System.getProperty("password"));
if(!printOnce) {
assertTrue(user instanceof UnixUser);
UnixUser u = (UnixUser)user;
System.out.println(u.getUID());
System.out.println(u.getGroups());
printOnce = true;
Expand Down Expand Up @@ -83,12 +85,22 @@ public void testNegative() throws Exception {
}

public static void main(String[] args) throws Exception {
UnixUser u = new PAM("sshd").authenticate(args[0], args[1]);
System.out.println(u.getUID());
System.out.println(u.getGroups());
System.out.println(u.getGecos());
System.out.println(u.getDir());
System.out.println(u.getShell());
String service = "sshd";
if (3 == args.length) {
service = args[2];
}
AuthenticatedUser user = new PAM(service).authenticate(args[0], args[1]);
System.out.println("Username: " + user.getUserName());
if (user instanceof UnixUser) {
UnixUser u = (UnixUser)user;
System.out.println(u.getUID());
System.out.println(u.getGroups());
System.out.println(u.getGecos());
System.out.println(u.getDir());
System.out.println(u.getShell());
} else {
System.out.println("User is not local");
}
}

private boolean printOnce;
Expand Down