BortalCertificateLoginModule.java

package fi.insomnia.bortal;

import java.util.StringTokenizer;

import javax.security.auth.login.LoginException;

import com.sun.appserv.security.AppservCertificateLoginModule;

public class BortalCertificateLoginModule extends AppservCertificateLoginModule {

	@Override
	protected void authenticateUser() throws LoginException {

		// Get the distinguished name from the X500Principal.
		String dname = getX500Principal().getName();

		log("BortalCertificateLoginModule: " + dname);
		StringTokenizer st = new StringTokenizer(dname, " \t\n\r\f,");

		while (st.hasMoreTokens()) {
			
			String next = st.nextToken();
			
			if (next.startsWith("OU=")) {
				
				String ou = next.substring(3);
				
				// E.g. TERMINAL/CASHIER, TERMINAL/CLIENT or TERMINAL/SELFHELP
				String principal = "TERMINAL/" + ou.toUpperCase();
				
				log("Committing user auth: " + principal);
				
				commitUserAuthentication(new String[] { principal, "TERMINAL" });
				return;
			}
		}
		
		throw new LoginException("No CN found.");
	}

	private void log(String s) {
		System.out.println("BortalCertificateLoginModule: " + s);
	}
}