Class AbstractJEAFLoginModule
- java.lang.Object
-
- com.anaptecs.jeaf.core.servicechannel.jaas.AbstractJEAFLoginModule
-
- All Implemented Interfaces:
javax.security.auth.spi.LoginModule
public abstract class AbstractJEAFLoginModule extends java.lang.Object implements javax.security.auth.spi.LoginModuleThis class implements a JAAS login module. The class therefore uses the data that is stored by JEAF User Management component. This class is the base class for platform specific implementations.- Author:
- JEAF Development Team
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringDISABLE_PASSWORD_CHECKConstant for the name of the module option that defines whether the authentication is disabled on login.static java.lang.StringROLES_GROUP_NAMEConstant for the name of the module option that defines whether the authentication is disabled on login.
-
Constructor Summary
Constructors Constructor Description AbstractJEAFLoginModule()Initialize object.
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected booleandoAbort()This is the second phase of the login process.protected booleandoCommit()This is the second phase of the login process.protected voiddoInitialize(javax.security.auth.Subject pSubject, javax.security.auth.callback.CallbackHandler pCallbackHandler, java.util.Map<java.lang.String,?> pSharedState, java.util.Map<java.lang.String,?> pOptions)Default implementation of JAAS initialize method.protected booleandoLogin()Default implementation of the first part of the login process.protected booleandoLogout()Method performs a logout of the user that is represented by the subject and its principal.protected com.anaptecs.jeaf.core.api.jaas.UserPrincipalgetPrincipal()Method returns the principal of the logged in user.protected abstract com.anaptecs.jeaf.core.api.jaas.UserPrincipalperformLogin(java.lang.String pUserID, java.lang.String pPassword)Method performs the actual login.
-
-
-
Field Detail
-
DISABLE_PASSWORD_CHECK
public static final java.lang.String DISABLE_PASSWORD_CHECK
Constant for the name of the module option that defines whether the authentication is disabled on login.- See Also:
- Constant Field Values
-
ROLES_GROUP_NAME
public static final java.lang.String ROLES_GROUP_NAME
Constant for the name of the module option that defines whether the authentication is disabled on login.- See Also:
- Constant Field Values
-
-
Method Detail
-
doInitialize
protected final void doInitialize(javax.security.auth.Subject pSubject, javax.security.auth.callback.CallbackHandler pCallbackHandler, java.util.Map<java.lang.String,?> pSharedState, java.util.Map<java.lang.String,?> pOptions)Default implementation of JAAS initialize method. The login module only uses the passed subject and the passed call back handler.
-
doLogin
protected final boolean doLogin() throws javax.security.auth.login.LoginExceptionDefault implementation of the first part of the login process. The method requests user id and password using the passed callback handlers.- Returns:
- boolean The method returns true if the login was successful. The method never returns false since this would mean that the module should be ignored.
- Throws:
javax.security.auth.login.LoginException- As defined by the implemented interfaceLoginModulethe method throws an exception to indicate a invalid combination of user id and password.
-
doCommit
protected final boolean doCommit() throws javax.security.auth.login.LoginExceptionThis is the second phase of the login process. During this phase the created principal is added to the subject of the logged in user.- Returns:
- boolean The method returns true if the commit was successful and false if this login module can be ignored.
- Throws:
javax.security.auth.login.LoginException
-
doAbort
protected final boolean doAbort() throws javax.security.auth.login.LoginExceptionThis is the second phase of the login process. This method will be called if at least one login module could not successfully complete the first phase.- Returns:
- boolean The method returns true if the commit was successful and false if this login module can be ignored.
- Throws:
javax.security.auth.login.LoginException
-
doLogout
protected final boolean doLogout()
Method performs a logout of the user that is represented by the subject and its principal.- Returns:
- boolean Method always returns true since this method must only be called if the login process completed successfully.
-
getPrincipal
protected final com.anaptecs.jeaf.core.api.jaas.UserPrincipal getPrincipal()
Method returns the principal of the logged in user.- Returns:
UserPrincipalPrincipal of the logged in user. The method returns null if no user is logged in.
-
performLogin
protected abstract com.anaptecs.jeaf.core.api.jaas.UserPrincipal performLogin(java.lang.String pUserID, java.lang.String pPassword) throws javax.security.auth.login.LoginExceptionMethod performs the actual login. Therefore it checks whether the passed combination of user id and password is valid and if the user account is still valid. In this case valid means that the account is within its validity period, the password is not expired and the account is not locked.- Parameters:
pUserID- User id of the account. The parameter must not be null.pPassword- Not encrypted password of the user. The parameter must not be null.- Returns:
UserPrincipalCreated principal object for the passed user account. The method never returns null.- Throws:
javax.security.auth.login.LoginException- If an error occurs during the login. All thrown exceptions match the requirements defined by the JASS specification and thus should only be called.
-
-