J2EE1.4 SDK

com.sun.appserv.security
Class AppservPasswordLoginModule

java.lang.Object
  extended bycom.sun.appserv.security.AppservPasswordLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule

public abstract class AppservPasswordLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule

Abstract base class for password-based login modules.

Most login modules receive a username and password from the client (possibly through HTTP BASIC auth, or FORM, or other mechanism) and then make (or delegate) an authentication decision based on this data. This class provides common methods for such password-based login modules.

Subclasses need to implement the authenticate() method and later call commitAuthentication().


Field Summary
protected  boolean _commitSucceeded
           
protected  com.sun.enterprise.security.auth.realm.Realm _currentRealm
           
protected  java.lang.String[] _groupsList
           
protected  java.util.logging.Logger _logger
           
protected  java.util.Map _options
           
protected  java.lang.String _password
           
protected  java.util.Map _sharedState
           
protected  javax.security.auth.Subject _subject
           
protected  boolean _succeeded
           
protected  java.lang.String _username
           
protected  com.sun.enterprise.deployment.PrincipalImpl _userPrincipal
           
protected static com.sun.enterprise.util.i18n.StringManager sm
           
 
Constructor Summary
AppservPasswordLoginModule()
           
 
Method Summary
 boolean abort()
          Abort the authentication process.
protected abstract  void authenticateUser()
          Perform authentication decision.
 boolean commit()
          Commit the authentication.
 void commitUserAuthentication(java.lang.String[] groups)
          This is a convenience method which can be used by subclasses Note that this method is called after the authentication has succeeded.
 void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
          Initialize this login module.
 boolean login()
          Perform login.
 boolean logout()
          Log out the subject.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

_subject

protected javax.security.auth.Subject _subject

_sharedState

protected java.util.Map _sharedState

_options

protected java.util.Map _options

_username

protected java.lang.String _username

_password

protected java.lang.String _password

_currentRealm

protected com.sun.enterprise.security.auth.realm.Realm _currentRealm

_succeeded

protected boolean _succeeded

_commitSucceeded

protected boolean _commitSucceeded

_userPrincipal

protected com.sun.enterprise.deployment.PrincipalImpl _userPrincipal

_groupsList

protected java.lang.String[] _groupsList

_logger

protected java.util.logging.Logger _logger

sm

protected static final com.sun.enterprise.util.i18n.StringManager sm
Constructor Detail

AppservPasswordLoginModule

public AppservPasswordLoginModule()
Method Detail

initialize

public final void initialize(javax.security.auth.Subject subject,
                             javax.security.auth.callback.CallbackHandler callbackHandler,
                             java.util.Map sharedState,
                             java.util.Map options)
Initialize this login module.

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Parameters:
subject - - the Subject to be authenticated.
callbackHandler - - a CallbackHandler for obtaining the subject username and password.
sharedState - - state shared with other configured LoginModules.
options - - options specified in the login Configuration for this particular LoginModule.

login

public final boolean login()
                    throws javax.security.auth.login.LoginException
Perform login.

The callback handler is used to obtain authentication info for the subject and a login is attempted. This PasswordLoginModule expects to find a PasswordCredential in the private credentials of the Subject. If not present the login fails. The callback handler is ignored as it is not really relevant on the server side. Finally, the authenticate() method is invoked.

Specified by:
login in interface javax.security.auth.spi.LoginModule
Throws:
javax.security.auth.login.LoginException - Thrown if login failed, or on other problems.

commit

public boolean commit()
               throws javax.security.auth.login.LoginException
Commit the authentication.

Commit is called after all necessary login modules have succeeded. It adds (if not present) a PrincipalImpl principal and a LocalCredentials public credential to the Subject.

Specified by:
commit in interface javax.security.auth.spi.LoginModule
Throws:
javax.security.auth.login.LoginException - If commit fails.

abort

public final boolean abort()
                    throws javax.security.auth.login.LoginException
Abort the authentication process.

Specified by:
abort in interface javax.security.auth.spi.LoginModule
Throws:
javax.security.auth.login.LoginException

logout

public final boolean logout()
                     throws javax.security.auth.login.LoginException
Log out the subject.

Specified by:
logout in interface javax.security.auth.spi.LoginModule
Throws:
javax.security.auth.login.LoginException

commitUserAuthentication

public final void commitUserAuthentication(java.lang.String[] groups)

This is a convenience method which can be used by subclasses

Note that this method is called after the authentication has succeeded. If authentication failed do not call this method. Global instance field succeeded is set to true by this method.

Parameters:
groups - String array of group memberships for user (could be empty).

authenticateUser

protected abstract void authenticateUser()
                                  throws javax.security.auth.login.LoginException
Perform authentication decision. Method returns silently on success and returns a LoginException on failure.

Throws:
javax.security.auth.login.LoginException - on authentication failure.

J2EE1.4 SDK

Submit a bug or feature

Copyright 2003 Sun Microsystems, Inc. All rights reserved.