Package com.sun.enterprise.security
Class BaseCertificateLoginModule
- java.lang.Object
-
- com.sun.enterprise.security.BaseCertificateLoginModule
-
- All Implemented Interfaces:
LoginModule
- Direct Known Subclasses:
AppservCertificateLoginModule
public abstract class BaseCertificateLoginModule extends Object implements LoginModule
Abstract base class for certificate-based login modules.Subclasses need to implement the authenticateUser() method and later call commitUserAuthentication().
-
-
Constructor Summary
Constructors Constructor Description BaseCertificateLoginModule()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description booleanabort()protected abstract voidauthenticateUser()Perform authentication decision.booleancommit()protected voidcommitUserAuthentication(String[] groups)This is a convenience method which can be used by subclassesprotected StringgetAppName()Get the application name.protected X509Certificate[]getCerts()Get the certificate chain presented by the client.protected SubjectgetSubject()Return the subject being authenticated.protected X500PrincipalgetX500Principal()Returns the subject (subject distinguished name) value from the first certificate, in the client certificate chain, as anX500Principal.voidinitialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)booleanlogin()booleanlogout()
-
-
-
Method Detail
-
initialize
public final void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
- Specified by:
initializein interfaceLoginModule
-
login
public final boolean login() throws LoginException- Specified by:
loginin interfaceLoginModule- Throws:
LoginException
-
commit
public final boolean commit() throws LoginException- Specified by:
commitin interfaceLoginModule- Throws:
LoginException
-
abort
public final boolean abort() throws LoginException- Specified by:
abortin interfaceLoginModule- Throws:
LoginException
-
logout
public final boolean logout() throws LoginException- Specified by:
logoutin interfaceLoginModule- Throws:
LoginException
-
commitUserAuthentication
protected final void commitUserAuthentication(String[] groups)
This is a convenience method which can be used by subclasses
Note that this method is called after the authentication has succeeded. If authentication failed do not call this method. This method sets the authentication status to success if the groups parameter is non-null.
- Parameters:
groups- String array of group memberships for user (could be empty).
-
authenticateUser
protected abstract void authenticateUser() throws LoginExceptionPerform authentication decision. Method returns silently on success and returns a LoginException on failure.Must be overridden to add custom functionality.
- Throws:
LoginException- on authentication failure.
-
getAppName
protected final String getAppName()
Get the application name.This may be useful when a single LoginModule has to handle multiple applications that use certificates.
- Returns:
- the application name. Non-null only for web container.
-
getCerts
protected X509Certificate[] getCerts()
Get the certificate chain presented by the client.- Returns:
- the certificate chain from the client.
-
getX500Principal
protected X500Principal getX500Principal()
Returns the subject (subject distinguished name) value from the first certificate, in the client certificate chain, as anX500Principal. If the subject value is empty, then thegetName()method of the returnedX500Principalobject returns an empty string ("").- Returns:
- an
X500Principalrepresenting the subject distinguished name from thr first certificate, in the client certificate chain;
-
getSubject
protected Subject getSubject()
Return the subject being authenticated.- Returns:
- the subject being authenticated.
-
-