org.dlese.dpc.schemedit.security.login

Class SimpleLogin

java.lang.Object

org.dlese.dpc.schemedit.security.login.BasicLogin

org.dlese.dpc.schemedit.security.login.SimpleLogin

All Implemented Interfaces:

javax.security.auth.spi.LoginModule

Direct Known Subclasses:

DBLogin, FileLogin, LdapLogin, UcasLogin

public abstract class SimpleLogin
extends BasicLogin

Base class for a variety of simple login modules that simply authenticate a user against some database of user credentials.

Based on Tagish JAAS Login Modules package .

Author:

Jonathan Ostwald

Field Summary

Fields

Modifier and Type	Field and Description
protected boolean	commitSucceeded
protected java.util.Vector	pending
protected java.util.Vector	principals

Fields inherited from class org.dlese.dpc.schemedit.security.login.BasicLogin

callbackHandler, options, sharedState, subject

Constructor Summary

Constructors

Constructor and Description
SimpleLogin()

Method Summary

Modifier and Type	Method and Description
boolean	abort() This method is called if the LoginContext's overall authentication failed.
boolean	commit() This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
java.lang.String	getLoginModuleName() Debuggin utility so login modules can print their name
boolean	login() Authenticate the user.
boolean	logout() Logout the user.
protected void	putPrincipal(java.util.Set s, java.security.Principal p) Place the specified Principle in the subject and also record it in our principles Vector so we can remove them all later.
protected void	showSharedState() Debugging utility to show the contents of the sharedState map
protected abstract java.util.Vector	validateUser(java.lang.String username, char[] password) Validate a user's credentials and either throw a LoginException (if validation fails) or return a Vector of Principals if validation succeeds.

Methods inherited from class org.dlese.dpc.schemedit.security.login.BasicLogin

getOption, getOption, getOption, initialize

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

principals

protected java.util.Vector principals

pending

protected java.util.Vector pending

commitSucceeded

protected boolean commitSucceeded

Constructor Detail

SimpleLogin

public SimpleLogin()

Method Detail

validateUser

protected abstract java.util.Vector validateUser(java.lang.String username,
                                                 char[] password)
                                          throws javax.security.auth.login.LoginException

Validate a user's credentials and either throw a LoginException (if validation fails) or return a Vector of Principals if validation succeeds.

Parameters:

username - The username

password - The password

Returns:

a Vector of Principals that apply for this user.

Throws:

javax.security.auth.login.LoginException - if the login fails.

login

public boolean login()
              throws javax.security.auth.login.LoginException

Authenticate the user.

Returns:

true in all cases since this LoginModule should not be ignored.

Throws:

javax.security.auth.login.LoginException - if this LoginModule is unable to perform the authentication.

putPrincipal

protected void putPrincipal(java.util.Set s,
                            java.security.Principal p)

Place the specified Principle in the subject and also record it in our principles Vector so we can remove them all later.

Parameters:

s - The Set to add the Principle to

p - Principle to add

commit

public boolean commit()
               throws javax.security.auth.login.LoginException

This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates a number of NTPrincipals with the Subject located in the LoginModule. If this LoginModule's own authentication attempted failed, then this method removes any state that was originally saved.

Returns:

true if this LoginModule's own login and commit attempts succeeded, or false otherwise.

Throws:

javax.security.auth.login.LoginException - if the commit fails.

abort

public boolean abort()
              throws javax.security.auth.login.LoginException

This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login and commit methods), then this method cleans up any state that was originally saved.

Returns:

false if this LoginModule's own login and/or commit attempts failed, and true otherwise.

Throws:

javax.security.auth.login.LoginException - if the abort fails.

logout

public boolean logout()
               throws javax.security.auth.login.LoginException

Logout the user.

This method removes the Principals that were added by the commit method.

Returns:

true in all cases since this LoginModule should not be ignored.

Throws:

javax.security.auth.login.LoginException - if the logout fails.

showSharedState

protected void showSharedState()

Debugging utility to show the contents of the sharedState map

getLoginModuleName

public java.lang.String getLoginModuleName()

Debuggin utility so login modules can print their name

Returns:

loginModule name