Class CallerIdentityLoginModule
- java.lang.Object
-
- org.jboss.security.auth.spi.AbstractServerLoginModule
-
- org.picketbox.datasource.security.AbstractPasswordCredentialLoginModule
-
- org.picketbox.datasource.security.CallerIdentityLoginModule
-
- All Implemented Interfaces:
LoginModule
public class CallerIdentityLoginModule extends AbstractPasswordCredentialLoginModule
A simple login module that simply associates the principal making the connection request with the actual EIS connection requirements. The type of Principal class used isorg.jboss.security.SimplePrincipal.- Version:
- $Revision: 71545 $
- Author:
- Scott.Stark@jboss.org, David Jencks, Dan Bunker
- See Also:
ConfiguredIdentityLoginModule
-
-
Field Summary
-
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
callbackHandler, jbossModuleName, log, loginOk, options, principalClassModuleName, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
-
-
Constructor Summary
Constructors Constructor Description CallerIdentityLoginModule()Default Constructor
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleancommit()Method to commit the authentication process (phase 2).protected PrincipalgetIdentity()Overriden by subclasses to return the Principal that corresponds to the user primary identity.protected Group[]getRoleSets()Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user.voidinitialize(Subject subject, CallbackHandler handler, Map<String,?> sharedState, Map<String,?> options)The initialize method sets up some default connection information for basic connections.booleanlogin()Performs the login association between the caller and the resource for a 1 to 1 mapping.-
Methods inherited from class org.picketbox.datasource.security.AbstractPasswordCredentialLoginModule
logout, removeCredentials
-
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
abort, addValidOptions, checkOptions, createGroup, createIdentity, getCallerPrincipalGroup, getUnauthenticatedIdentity, getUseFirstPass
-
-
-
-
Method Detail
-
initialize
public void initialize(Subject subject, CallbackHandler handler, Map<String,?> sharedState, Map<String,?> options)
The initialize method sets up some default connection information for basic connections. This is useful for container initialization connection use or running the application in a non-secure manner. This method is called before the login method.- Specified by:
initializein interfaceLoginModule- Overrides:
initializein classAbstractServerLoginModule- Parameters:
subject-handler-sharedState-options-
-
login
public boolean login() throws LoginExceptionPerforms the login association between the caller and the resource for a 1 to 1 mapping. This acts as a login propagation strategy and is useful for single-sign on requirements- Specified by:
loginin interfaceLoginModule- Overrides:
loginin classAbstractServerLoginModule- Returns:
- True if authentication succeeds
- Throws:
LoginException
-
commit
public boolean commit() throws LoginExceptionDescription copied from class:AbstractServerLoginModuleMethod to commit the authentication process (phase 2). If the login method completed successfully as indicated by loginOk == true, this method adds the getIdentity() value to the subject getPrincipals() Set. It also adds the members of each Group returned by getRoleSets() to the subject getPrincipals() Set.- Specified by:
commitin interfaceLoginModule- Overrides:
commitin classAbstractServerLoginModule- Returns:
- true always.
- Throws:
LoginException
-
getIdentity
protected Principal getIdentity()
Description copied from class:AbstractServerLoginModuleOverriden by subclasses to return the Principal that corresponds to the user primary identity.- Specified by:
getIdentityin classAbstractServerLoginModule
-
getRoleSets
protected Group[] getRoleSets() throws LoginException
Description copied from class:AbstractServerLoginModuleOverriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity.- Specified by:
getRoleSetsin classAbstractServerLoginModule- Returns:
- Group[] containing the sets of roles
- Throws:
LoginException
-
-