Package com.spotfire.server.jaas

Class NamePasswordLoginModule

java.lang.Object
com.spotfire.server.jaas.NamePasswordLoginModule
All Implemented Interfaces:
LoginModule
public abstract class NamePasswordLoginModule extends Object implements LoginModule
An abstract base class for LoginModule implementations designed for username-password authentication.

A typical subclass implements only the init(), authenticate(UsernameCredential, PasswordCredential) and getPrincipals() methods. Advanced LoginModule classes also implements the getPublicCredentials() and getPrivateCredentials() methods.

Since:
3.0

  • Constructor Summary

    Constructors
    Constructor
    Description
    NamePasswordLoginModule()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    final boolean
    abort()
    This is an implementation of the abort method in LoginModule interface.
    abstract boolean
    authenticate(UsernameCredential username, PasswordCredential password)
    This abstract authenticate method is responsible for validating username-password combinations and must be implemented by all concrete subclasses.
    final boolean
    commit()
    This is an implementation of the commit method in LoginModule interface.
    final String
    getOption(String name)
    Returns the value of the named option from the JAAS application configuration.
    protected final boolean
    getOption(String name, boolean defaultValue)
    The getOption method returns the boolean value of the option with the given name.
    final String
    getOption(String name, String defaultValue)
    Returns the value of the named option from the JAAS application configuration.
    final PasswordCredential
    getPasswordCredential()
    Returns the PasswordCredential extracted from the input from the PasswordCallback.
    abstract Collection
    getPrincipals()
    The getPrincipals method must be implemented by all concrete subclasses and should return a list of all Principal objects that should be associated with the logged in Subject.
    Collection
    getPrivateCredentials()
    The getPrivateCredentials method should return a list of all private Credential objects associated with the logged in Subject.
    Collection
    getPublicCredentials()
    The getPublicCredentials method should return a list of all public Credential objects associated with the logged in Subject.
    final UsernameCredential
    getUsernameCredential()
    Returns the UsernameCredential extracted from the input from the NameCallback.
    abstract void
    init()
    An abstract initialization method, called by the initialize(Subject, CallbackHandler, Map, Map) method.
    final void
    initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
    This is an implementation of the initialize method in LoginModule interface.
    final boolean
    login()
    This is an implementation of the login method in LoginModule interface.
    final boolean
    logout()
    This is an implementation of the logout method in LoginModule interface.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • NamePasswordLoginModule

      public NamePasswordLoginModule()
      Since:
      3.0

  • Method Details

    • init

      public abstract void init()
      An abstract initialization method, called by the initialize(Subject, CallbackHandler, Map, Map) method. The getOption(String) and getOption(String, String) methods can be used to retrieve the login module's configuration parameters.
      Since:
      3.0

    • getUsernameCredential

      public final UsernameCredential getUsernameCredential()
      Returns the UsernameCredential extracted from the input from the NameCallback. The method can be used by a subclass when it is populating the Collection instances returned by the getPrincipals, getPublicCredentials and getPrivateCredentials methods.
      Returns:
      the UsernameCredential
      Since:
      3.0

    • getPasswordCredential

      public final PasswordCredential getPasswordCredential()
      Returns the PasswordCredential extracted from the input from the PasswordCallback. The method can be used by a subclass when it is populating the Collection instances returned by the getPrincipals, getPublicCredentials and getPrivateCredentials methods.
      Returns:
      the UsernameCredential
      Since:
      3.0

    • authenticate

      public abstract boolean authenticate(UsernameCredential username, PasswordCredential password) throws FailedLoginException
      This abstract authenticate method is responsible for validating username-password combinations and must be implemented by all concrete subclasses. The method should return true if the authentication succeeds for the given credentials. If the LoginModule should be ignored (e.g., when inappropriately requested to authenticate the root user), the method should return false. If the authentication fails, a FailedLoginException should be thrown.
      Parameters:
      username - the UsernameCredential
      password - the PasswordCredential
      Returns:
      authentication status code which is true if authentication succeeds, or false if the module should be ignored.
      Throws:
      FailedLoginException - if the authentication fails
      Since:
      3.0

    • getPrincipals

      public abstract Collection getPrincipals()
      The getPrincipals method must be implemented by all concrete subclasses and should return a list of all Principal objects that should be associated with the logged in Subject. If the method is called multiple times, it should always return the same Principal instances. The Collection instance holding the Principal objects need not be the same, however.
      Returns:
      a Collection containing all Principal objects associated with the logged in Subject
      Since:
      3.0

    • getPublicCredentials

      public Collection getPublicCredentials()
      The getPublicCredentials method should return a list of all public Credential objects associated with the logged in Subject. If the method is called multiple times, it should always return the same Credential instances. The Collection need not be the same, however.
      Returns:
      a Collection containing all public Credential objects associated with the logged in Subject
      Since:
      3.0

    • getPrivateCredentials

      public Collection getPrivateCredentials()
      The getPrivateCredentials method should return a list of all private Credential objects associated with the logged in Subject. If the method is called multiple times, it should always return the same Credential instances. The Collection need not be the same, however.
      Returns:
      a Collection containing all private Credential objects associated with the logged in Subject
      Since:
      3.0

    • getOption

      public final String getOption(String name)
      Returns the value of the named option from the JAAS application configuration. If no such option exists, the method returns null.
      Parameters:
      name - the option name
      Returns:
      the option value
      Since:
      3.0

    • getOption

      public final String getOption(String name, String defaultValue)
      Returns the value of the named option from the JAAS application configuration. If the option isn't present in the configuration, the method returns the specified default value.
      Parameters:
      name - the option name
      defaultValue - a default option value
      Returns:
      the option value
      Since:
      3.0

    • initialize

      public final void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
      This is an implementation of the initialize method in LoginModule interface.
      Specified by:
      initialize in interface LoginModule
      Parameters:
      subject - the Subject to be authenticated
      callbackHandler - a CallbackHandler for communicating with the client application
      sharedState - a Map containing the shared state for all configured LoginModule instances.
      options - a Map containing the configuration options for this LoginModule
      See Also:

    • login

      public final boolean login() throws LoginException
      This is an implementation of the login method in LoginModule interface.
      Specified by:
      login in interface LoginModule
      Returns:
      true if the authentication succeeded, or false if this LoginModule should be ignored.
      Throws:
      LoginException - if the authentication fails
      See Also:

    • logout

      public final boolean logout() throws LoginException
      This is an implementation of the logout method in LoginModule interface.

      Note: the logout method may not necessarily be called when the user actually logs out - it may even be called already right after the authentication has been completed to support features such as HTTP session clustering.

      Specified by:
      logout in interface LoginModule
      Returns:
      true if the method succeeded, or false if this LoginModule should be ignored.
      Throws:
      LoginException - if the logout fails
      See Also:

    • commit

      public final boolean commit() throws LoginException
      This is an implementation of the commit method in LoginModule interface.
      Specified by:
      commit in interface LoginModule
      Returns:
      true if the method succeeded, or false if this LoginModule should be ignored.
      Throws:
      LoginException - if the commit fails
      See Also:

    • abort

      public final boolean abort() throws LoginException
      This is an implementation of the abort method in LoginModule interface.
      Specified by:
      abort in interface LoginModule
      Returns:
      true if the method succeeded, or false if this LoginModule should be ignored.
      Throws:
      LoginException - if the abort fails
      See Also:

    • getOption

      protected final boolean getOption(String name, boolean defaultValue)
      The getOption method returns the boolean value of the option with the given name. If no such option exists, the method returns defaultValue.
      Parameters:
      name - the name of an option
      defaultValue - the value to return if no option with the given name exists
      Returns:
      the boolean value of the option - true if the string value was true, on or yes and false otherwise