edu.vt.middleware.ldap.jaas
public abstract class AbstractLoginModule extends java.lang.Object implements javax.security.auth.spi.LoginModule
AbstractLoginModule
provides functionality common to ldap based
login modules.Modifier and Type | Field and Description |
---|---|
protected javax.security.auth.callback.CallbackHandler |
callbackHandler
Initialized callback handler.
|
protected boolean |
clearPass
Whether credentials should be removed from the shared state map.
|
protected boolean |
commitSuccess
Whether commit was successful.
|
protected java.util.Set<LdapCredential> |
credentials
Credentials to add to the subject.
|
protected java.util.List<LdapRole> |
defaultRole
Default roles.
|
protected org.apache.commons.logging.Log |
logger
Log for this class.
|
static java.lang.String |
LOGIN_DN
Constant for entryDn stored in shared state.
|
static java.lang.String |
LOGIN_NAME
Constant for login name stored in shared state.
|
static java.lang.String |
LOGIN_PASSWORD
Constant for login password stored in shared state.
|
protected boolean |
loginSuccess
Whether login was successful.
|
protected java.lang.String |
principalGroupName
Name of group to add all principals to.
|
protected java.util.Set<java.security.Principal> |
principals
Principals to add to the subject.
|
protected java.lang.String |
roleGroupName
Name of group to add all roles to.
|
protected java.util.Set<java.security.Principal> |
roles
Roles to add to the subject.
|
protected boolean |
setLdapCredential
Whether ldap credential data should be set.
|
protected boolean |
setLdapDnPrincipal
Whether ldap dn principal data should be set.
|
protected boolean |
setLdapPrincipal
Whether ldap principal data should be set.
|
protected java.util.Map |
sharedState
Shared state from other login module.
|
protected boolean |
storePass
Whether credentials should be stored in the shared state map.
|
protected javax.security.auth.Subject |
subject
Initialized subject.
|
protected boolean |
tryFirstPass
Whether credentials from the shared state should be used if they are
available.
|
protected boolean |
useFirstPass
Whether credentials from the shared state should be used.
|
Constructor and Description |
---|
AbstractLoginModule() |
Modifier and Type | Method and Description |
---|---|
boolean |
abort() |
protected java.util.List<LdapRole> |
attributesToRoles(javax.naming.directory.Attributes attributes)
This parses the supplied attributes and returns them as a list of
LdapRole s. |
protected void |
clearState()
Removes any stateful principals, credentials, or roles stored by login.
|
boolean |
commit() |
static Authenticator |
createAuthenticator(java.util.Map<java.lang.String,?> options)
This constructs a new
Authenticator with the supplied jaas
options. |
static Ldap |
createLdap(java.util.Map<java.lang.String,?> options)
This constructs a new
Ldap with the supplied jaas options. |
protected void |
getCredentials(javax.security.auth.callback.NameCallback nameCb,
javax.security.auth.callback.PasswordCallback passCb,
boolean useCallback)
This attempts to retrieve credentials for the supplied name and password
callbacks.
|
void |
initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler callbackHandler,
java.util.Map<java.lang.String,?> sharedState,
java.util.Map<java.lang.String,?> options) |
abstract boolean |
login() |
boolean |
logout() |
protected void |
storeCredentials(javax.security.auth.callback.NameCallback nameCb,
javax.security.auth.callback.PasswordCallback passCb,
java.lang.String loginDn)
This will store the supplied name, password, and entry dn in the stored
state map.
|
public static final java.lang.String LOGIN_NAME
public static final java.lang.String LOGIN_DN
public static final java.lang.String LOGIN_PASSWORD
protected final org.apache.commons.logging.Log logger
protected javax.security.auth.Subject subject
protected javax.security.auth.callback.CallbackHandler callbackHandler
protected java.util.Map sharedState
protected boolean useFirstPass
protected boolean tryFirstPass
protected boolean storePass
protected boolean clearPass
protected boolean setLdapPrincipal
protected boolean setLdapDnPrincipal
protected boolean setLdapCredential
protected java.util.List<LdapRole> defaultRole
protected java.lang.String principalGroupName
protected java.lang.String roleGroupName
protected boolean loginSuccess
protected boolean commitSuccess
protected java.util.Set<java.security.Principal> principals
protected java.util.Set<LdapCredential> credentials
protected java.util.Set<java.security.Principal> roles
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)
initialize
in interface javax.security.auth.spi.LoginModule
public abstract boolean login() throws javax.security.auth.login.LoginException
login
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public boolean commit() throws javax.security.auth.login.LoginException
commit
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public boolean abort() throws javax.security.auth.login.LoginException
abort
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public boolean logout() throws javax.security.auth.login.LoginException
logout
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public static Ldap createLdap(java.util.Map<java.lang.String,?> options)
Ldap
with the supplied jaas options.options
- Map
Ldap
public static Authenticator createAuthenticator(java.util.Map<java.lang.String,?> options)
Authenticator
with the supplied jaas
options.options
- Map
Authenticator
protected void clearState()
protected void getCredentials(javax.security.auth.callback.NameCallback nameCb, javax.security.auth.callback.PasswordCallback passCb, boolean useCallback) throws javax.security.auth.login.LoginException
nameCb
- to set name forpassCb
- to set password foruseCallback
- whether to force a callback handlerjavax.security.auth.login.LoginException
- if the callback handler failsprotected void storeCredentials(javax.security.auth.callback.NameCallback nameCb, javax.security.auth.callback.PasswordCallback passCb, java.lang.String loginDn)
nameCb
- to storepassCb
- to storeloginDn
- to storeprotected java.util.List<LdapRole> attributesToRoles(javax.naming.directory.Attributes attributes) throws javax.naming.NamingException
LdapRole
s.attributes
- Attributes
List
javax.naming.NamingException
- if the attributes cannot be parsedCopyright © 2014. All Rights Reserved.