| Methods Summary |
|---|
| public final boolean | abort()Abort the authentication process.
if(_logger.isLoggable(Level.FINE)){
_logger.log(Level.FINE,"JAAS authentication aborted.");
}
if (_succeeded == false) {
return false;
} else if (_succeeded == true && _commitSucceeded == false) {
// login succeeded but overall authentication failed
_succeeded = false;
_username = null;
_password = null;
_userPrincipal = null;
for(int i = 0; i < _groupsList.length; i++){
_groupsList[i] = null;
}
_groupsList = null;
} else {
// overall authentication succeeded and commit succeeded,
// but someone else's commit failed
logout();
}
return true;
|
| protected abstract void | authenticateUser()Perform authentication decision.
Method returns silently on success and returns a LoginException
on failure.
|
| public boolean | commit()Commit the authentication.
Commit is called after all necessary login modules have succeeded.
It adds (if not present) a PrincipalImpl principal and a
LocalCredentials public credential to the Subject.
if (_succeeded == false) {
return false;
}
// Add a Principal (authenticated identity) to the Subject
// Assume the user we authenticated is the PrincipalImpl [RI]
String realm_name = _currentRealm.getName();
_userPrincipal =
PrincipalGroupFactory.getPrincipalInstance(_username, realm_name);
Set principalSet = _subject.getPrincipals();
if (!principalSet.contains(_userPrincipal)){
principalSet.add(_userPrincipal);
}
/* populate the group in the subject and clean out the slate at the same
* time
*/
for(int i = 0; i<_groupsList.length; i++){
if(_groupsList[i] != null){
Group g =
PrincipalGroupFactory.getGroupInstance(_groupsList[i], realm_name);
if(!principalSet.contains(g)){
principalSet.add(g);
}
// cleaning the slate
_groupsList[i] = null;
}
}
// In any case, clean out state.
_groupsList = null;
_username = null;
_password = null;
_commitSucceeded = true;
if(_logger.isLoggable(Level.FINE)){
_logger.log(Level.FINE,"JAAS authentication committed.");
}
return true;
|
| public final void | commitUserAuthentication(java.lang.String[] groups)This is a convenience method which can be used by subclasses
Note that this method is called after the authentication
has succeeded. If authentication failed do not call this method.
Global instance field succeeded is set to true by this method.
_groupsList = groups;
_succeeded = true;
|
| public javax.security.auth.Subject | getSubject()
return _subject;
|
| public final void | initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)Initialize this login module.
_subject = subject;
_sharedState = sharedState;
_options = options;
if(_logger.isLoggable(Level.FINE)){
_logger.log(Level.FINE, "Login module initialized: "+
this.getClass().toString());
}
|
| public final boolean | login()Perform login.
The callback handler is used to obtain authentication info
for the subject and a login is attempted. This PasswordLoginModule
expects to find a PasswordCredential in the private credentials
of the Subject. If not present the login fails. The callback
handler is ignored as it is not really relevant on the server side.
Finally, the authenticateUser() method is invoked.
if (_subject==null) {
String msg = sm.getString("pwdlm.noinfo");
_logger.log(Level.SEVERE, msg);
throw new LoginException(msg);
}
PasswordCredential pwdCred = null;
try {
Iterator i = _subject.getPrivateCredentials().iterator();
while (i.hasNext() && pwdCred==null) {
Object privCred = i.next();
if (privCred instanceof PasswordCredential) {
pwdCred = (PasswordCredential)privCred;
}
}
} catch (Exception e) {
_logger.log(Level.WARNING, "passwordlm.nocreds", e.toString());
}
if (pwdCred==null) {
_logger.log(Level.SEVERE, "passwordlm.nopwdcred");
String msg = sm.getString("pwdlm.nocreds");
throw new LoginException(msg);
}
// Need to obtain the requested realm to get parameters.
String realm = null;
try {
realm = pwdCred.getRealm();
_currentRealm = Realm.getInstance(realm);
} catch (Exception e) {
String msg = sm.getString("pwdlm.norealm", realm);
_logger.log(Level.SEVERE, msg);
throw new LoginException(msg);
}
if (_currentRealm == null) {
String msg = sm.getString("pwdlm.norealmavail", realm);
_logger.log(Level.SEVERE, msg);
throw new LoginException(msg);
}
// Get username and password data from credential (ignore callback)
_username = pwdCred.getUser();
_password = pwdCred.getPassword();
// Delegate the actual authentication to subclass.
authenticateUser();
if(_logger.isLoggable(Level.FINE)){
_logger.log(Level.FINE, "JAAS login complete.");
}
return true;
|
| public final boolean | logout()Log out the subject.
if(_logger.isLoggable(Level.FINE)){
_logger.log(Level.FINE, "JAAS logout for: " + _subject.toString());
}
_subject.getPrincipals().clear();
_subject.getPublicCredentials().clear();
_subject.getPrivateCredentials().clear();
_succeeded = false;
_commitSucceeded = false;
_username = null;
_password = null;
_userPrincipal = null;
if(_groupsList != null){
for (int i = 0; i < _groupsList.length; i++){
_groupsList[i] = null;
}
_groupsList = null;
}
return true;
|
