LoginModule Requirements

In order to implement extensible authentication, you must write a LoginModule implementing the JAAS interface.

There are some requirements for a LoginModule that will run in the EMS server:

• The LoginModule must accept the username and password from the EMS server by way of the NameCallback and PasswordCallback callbacks. The EMS server passes the username and password to the LoginModule using these callbacks, ignoring the prompt argument.
• If the username and password combination is invalid, the LoginModule must throw a FailedLoginException. The EMS server then rejects the corresponding connection attempt.
• The LoginModule must be thread-safe. That is, the LoginModule must be able to function both in a multi-threaded environment and in a single-threaded environment.
• The LoginModule should perform authentication only, by determining whether a username and password combination is valid. For information about custom permissions, see Extensible Permissions.
• The LoginModule, like the Permissions Module, should not perform long operations, and should return values quickly. As these modules become part of the EMS server’s message handling process, slow operations can have a severe effect on performance.
• The LoginModule must be named EMSUserAuthentication.

More information about JAAS, including documentation of JAAS classes and interfaces, is available through http://java.sun.com/products/jaas/.

Copyright © 2021. Cloud Software Group, Inc. All Rights Reserved.