public class ClientPasswordLoginModule extends Object implements LoginModule
This client LoginModule obtains username/password credentials from TLS, a static variable, system properties or by asking the user for it interactively.
The obtained credentials are then merely stored into the subject, meaning this login module doesn't actually authenticate anything. It only moves credentials from a credential source to the subject. This is then used by for instance ProgrammaticLogin to store that subject into a security context. IIOP (Remote EJB code) can then fetch the credentials again from this security context and transfer them to a remote server, where actual authentication takes place.
| Modifier and Type | Field and Description |
|---|---|
static String |
LOGIN_NAME |
static String |
LOGIN_PASSWORD |
| Constructor and Description |
|---|
ClientPasswordLoginModule() |
| Modifier and Type | Method and Description |
|---|---|
boolean |
abort()
This method is called if the LoginContext's overall authentication failed.
|
boolean |
commit()
This method is called if the LoginContext's overall authentication succeeded (the relevant
REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
|
void |
initialize(Subject subject,
CallbackHandler callbackHandler,
Map<String,?> sharedState,
Map<String,?> options)
Initialize this
LoginModule. |
boolean |
login()
Attempt to obtain non-null credentials from various sources.
|
boolean |
logout()
Logout the user.
|
public static final String LOGIN_NAME
public static final String LOGIN_PASSWORD
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
LoginModule.
initialize in interface LoginModulesubject - the Subject in which the credentials will be stored if obtained successfully.
callbackHandler - a CallbackHandler for communicating with the end user
(prompting for usernames and passwords, for example).
sharedState - shared LoginModule state (unused)
options - options specified in the login Configuration for this particular
LoginModule (unused)public boolean login()
throws LoginException
login in interface LoginModuleLoginModule should not be ignored.FailedLoginException - if the authentication fails.
LoginException - if this LoginModule is unable to perform the
"authentication".public boolean commit()
throws LoginException
This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
If this LoginModule's own authentication attempt succeeded (checked by retrieving the private
state saved by the login method), then this method associates a
PrincipalImpl with the Subject located in the LoginModule.
If this LoginModule's own authentication attempted failed, then this method removes any state
that was originally saved.
commit in interface LoginModuleLoginException - if the commit fails.public boolean abort()
throws LoginException
This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).
If this LoginModule's own authentication attempt succeeded (checked by retrieving the private
state saved by the login and commit methods), then this method cleans
up any state that was originally saved.
abort in interface LoginModuleLoginException - if the abort fails.public boolean logout()
throws LoginException
This method removes the PrincipalImpl that was added by the commit
method.
logout in interface LoginModuleLoginModule should not be ignored.LoginException - if the logout fails.Copyright © 2019. All rights reserved.