Package com.spotfire.server.jaas
Class NamePasswordLoginModule
java.lang.Object
com.spotfire.server.jaas.NamePasswordLoginModule
- All Implemented Interfaces:
LoginModule
An abstract base class for
LoginModule
implementations designed for username-password
authentication.
A typical subclass implements only the init()
,
authenticate(UsernameCredential, PasswordCredential)
and getPrincipals()
methods. Advanced LoginModule
classes also implements the
getPublicCredentials()
and getPrivateCredentials()
methods.
- Since:
- 3.0
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionfinal boolean
abort()
This is an implementation of theabort
method inLoginModule
interface.abstract boolean
authenticate
(UsernameCredential username, PasswordCredential password) This abstractauthenticate
method is responsible for validating username-password combinations and must be implemented by all concrete subclasses.final boolean
commit()
This is an implementation of thecommit
method inLoginModule
interface.final String
Returns the value of the named option from the JAAS application configuration.protected final boolean
ThegetOption
method returns theboolean
value of the option with the given name.final String
Returns the value of the named option from the JAAS application configuration.final PasswordCredential
Returns thePasswordCredential
extracted from the input from thePasswordCallback
.abstract Collection
ThegetPrincipals
method must be implemented by all concrete subclasses and should return a list of allPrincipal
objects that should be associated with the logged inSubject
.ThegetPrivateCredentials
method should return a list of all privateCredential
objects associated with the logged inSubject
.ThegetPublicCredentials
method should return a list of all publicCredential
objects associated with the logged inSubject
.final UsernameCredential
Returns theUsernameCredential
extracted from the input from theNameCallback
.abstract void
init()
An abstract initialization method, called by theinitialize(Subject, CallbackHandler, Map, Map)
method.final void
initialize
(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) This is an implementation of theinitialize
method inLoginModule
interface.final boolean
login()
This is an implementation of thelogin
method inLoginModule
interface.final boolean
logout()
This is an implementation of thelogout
method inLoginModule
interface.
-
Constructor Details
-
NamePasswordLoginModule
public NamePasswordLoginModule()- Since:
- 3.0
-
-
Method Details
-
init
public abstract void init()An abstract initialization method, called by theinitialize(Subject, CallbackHandler, Map, Map)
method. ThegetOption(String)
andgetOption(String, String)
methods can be used to retrieve the login module's configuration parameters.- Since:
- 3.0
-
getUsernameCredential
Returns theUsernameCredential
extracted from the input from theNameCallback
. The method can be used by a subclass when it is populating theCollection
instances returned by thegetPrincipals
,getPublicCredentials
andgetPrivateCredentials
methods.- Returns:
- the
UsernameCredential
- Since:
- 3.0
-
getPasswordCredential
Returns thePasswordCredential
extracted from the input from thePasswordCallback
. The method can be used by a subclass when it is populating theCollection
instances returned by thegetPrincipals
,getPublicCredentials
andgetPrivateCredentials
methods.- Returns:
- the
UsernameCredential
- Since:
- 3.0
-
authenticate
public abstract boolean authenticate(UsernameCredential username, PasswordCredential password) throws FailedLoginException This abstractauthenticate
method is responsible for validating username-password combinations and must be implemented by all concrete subclasses. The method should returntrue
if the authentication succeeds for the given credentials. If theLoginModule
should be ignored (e.g., when inappropriately requested to authenticate the root user), the method should returnfalse
. If the authentication fails, aFailedLoginException
should be thrown.- Parameters:
username
- theUsernameCredential
password
- thePasswordCredential
- Returns:
- authentication status code which is
true
if authentication succeeds, orfalse
if the module should be ignored. - Throws:
FailedLoginException
- if the authentication fails- Since:
- 3.0
-
getPrincipals
ThegetPrincipals
method must be implemented by all concrete subclasses and should return a list of allPrincipal
objects that should be associated with the logged inSubject
. If the method is called multiple times, it should always return the samePrincipal
instances. TheCollection
instance holding thePrincipal
objects need not be the same, however.- Returns:
- a
Collection
containing allPrincipal
objects associated with the logged inSubject
- Since:
- 3.0
-
getPublicCredentials
ThegetPublicCredentials
method should return a list of all publicCredential
objects associated with the logged inSubject
. If the method is called multiple times, it should always return the sameCredential
instances. TheCollection
need not be the same, however.- Returns:
- a
Collection
containing all publicCredential
objects associated with the logged inSubject
- Since:
- 3.0
-
getPrivateCredentials
ThegetPrivateCredentials
method should return a list of all privateCredential
objects associated with the logged inSubject
. If the method is called multiple times, it should always return the sameCredential
instances. TheCollection
need not be the same, however.- Returns:
- a
Collection
containing all privateCredential
objects associated with the logged inSubject
- Since:
- 3.0
-
getOption
Returns the value of the named option from the JAAS application configuration. If no such option exists, the method returnsnull
.- Parameters:
name
- the option name- Returns:
- the option value
- Since:
- 3.0
-
getOption
Returns the value of the named option from the JAAS application configuration. If the option isn't present in the configuration, the method returns the specified default value.- Parameters:
name
- the option namedefaultValue
- a default option value- Returns:
- the option value
- Since:
- 3.0
-
initialize
public final void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) This is an implementation of theinitialize
method inLoginModule
interface.- Specified by:
initialize
in interfaceLoginModule
- Parameters:
subject
- theSubject
to be authenticatedcallbackHandler
- aCallbackHandler
for communicating with the client applicationsharedState
- aMap
containing the shared state for all configuredLoginModule
instances.options
- aMap
containing the configuration options for thisLoginModule
- See Also:
-
login
This is an implementation of thelogin
method inLoginModule
interface.- Specified by:
login
in interfaceLoginModule
- Returns:
true
if the authentication succeeded, orfalse
if thisLoginModule
should be ignored.- Throws:
LoginException
- if the authentication fails- See Also:
-
logout
This is an implementation of thelogout
method inLoginModule
interface.Note: the logout method may not necessarily be called when the user actually logs out - it may even be called already right after the authentication has been completed to support features such as HTTP session clustering.
- Specified by:
logout
in interfaceLoginModule
- Returns:
true
if the method succeeded, orfalse
if thisLoginModule
should be ignored.- Throws:
LoginException
- if the logout fails- See Also:
-
commit
This is an implementation of thecommit
method inLoginModule
interface.- Specified by:
commit
in interfaceLoginModule
- Returns:
true
if the method succeeded, orfalse
if thisLoginModule
should be ignored.- Throws:
LoginException
- if the commit fails- See Also:
-
abort
This is an implementation of theabort
method inLoginModule
interface.- Specified by:
abort
in interfaceLoginModule
- Returns:
true
if the method succeeded, orfalse
if thisLoginModule
should be ignored.- Throws:
LoginException
- if the abort fails- See Also:
-
getOption
ThegetOption
method returns theboolean
value of the option with the given name. If no such option exists, the method returnsdefaultValue
.- Parameters:
name
- the name of an optiondefaultValue
- the value to return if no option with the given name exists- Returns:
- the boolean value of the option -
true
if the string value wastrue
,on
oryes
andfalse
otherwise
-