Package com.sun.enterprise.security.ee.auth.login

Class ProgrammaticLogin

  • @Service
@PerLookup
public class ProgrammaticLogin
extends Object
    Implement programmatic login.

    This class allows deployed applications to supply a name and password directly to the security service. This info will be used to attempt to login to the current realm. If authentication succeeds, a security context is established as this user.

    This allows applications to programmatically handle authentication. The use of this mechanism is not recommended since it bypasses the standard Java EE mechanisms and places all burden on the application developer.

    Invoking this method requires the permission ProgrammaticLoginPermission with the method name being invoked.

    There are two forms of the login method, one which includes the HTTP request and response objects for use by servlets and one which can be used by EJBs.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      Boolean login​(String user, char[] password)
      Attempt to login for EJB (either client or server)
      Boolean login​(String user, char[] password, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Attempt to login.
      Boolean login​(String user, char[] password, String realm, boolean errors)
      Attempt to login.
      Boolean login​(String user, char[] password, String realm, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, boolean errors)
      Attempt to login.
      Boolean login​(String user, String password)
      Attempt to login for EJB (either as client to login for a remote server, or on the server itself)
      Boolean login​(String user, String password, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)  
      Boolean login​(String user, String password, String realm, boolean errors)
      Password should be used as a char[]
      Boolean login​(String user, String password, String realm, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, boolean errors)
      Attempt to login.
      Boolean logout()
      Attempt to logout for EJB.
      Boolean logout​(boolean errors)
      Attempt to logout for EJB.
      Boolean logout​(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Attempt to logout.
      Boolean logout​(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, boolean errors)
      Attempt to logout.

    • Constructor Detail

      • ProgrammaticLogin

        public ProgrammaticLogin()

    • Method Detail

      • login

        public Boolean login​(String user,
                     String password)
        Attempt to login for EJB (either as client to login for a remote server, or on the server itself)

        Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject.

        On the client side, the actual login will not occur until we actually access a resource requiring a login. A java.rmi.AccessException with COBRA NO_PERMISSION will occur when actual login is failed.

        This method is intented primarily for EJBs wishing to do programmatic login. If servlet code used this method the established identity will be propagated to EJB calls but will not be used for web container manager authorization. In general servlets should use the servlet-specific version of login instead.

        Note: Use of the char[] as password is encouraged

        Parameters:
        user - User name.
        password - Password for user.
        Returns:
        Boolean containing true or false to indicate success or failure of login.

      • login

        public Boolean login​(String user,
                     char[] password)
        Attempt to login for EJB (either client or server)

        Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject.

        On client side, the actual login will not occur until we actually access a resource requiring a login. And a java.rmi.AccessException with COBRA NO_PERMISSION will occur when actual login is failed.

        This method is intented primarily for EJBs wishing to do programmatic login. If servlet code used this method the established identity will be propagated to EJB calls but will not be used for web container manager authorization. In general servlets should use the servlet-specific version of login instead.

        Parameters:
        user - User name.
        password - Password for user.
        Returns:
        Boolean containing true or false to indicate success or failure of login.

      • login

        public Boolean login​(String user,
                     char[] password,
                     String realm,
                     boolean errors)
              throws Exception
        Attempt to login.

        Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject.

        On client side, realm and errors parameters will be ignored and the actual login will not occur until we actually access a resource requiring a login. And a java.rmi.AccessException with COBRA NO_PERMISSION will occur when actual login is failed.

        This method is intented primarily for EJBs wishing to do programmatic login. If servlet code used this method the established identity will be propagated to EJB calls but will not be used for web container manager authorization. In general servlets should use the servlet-specific version of login instead.

        Parameters:
        user - User name.
        password - Password for user.
        realm - the realm name in which the user should be logged in.
        errors - errors=true, propagate any exception encountered to the user errors=false, no exceptions are propagated.
        Returns:
        Boolean containing true or false to indicate success or failure of login.
        Throws:
        Exception - any exception encountered during Login.

      • logout

        public Boolean logout()
        Attempt to logout for EJB.

      • logout

        public Boolean logout​(boolean errors)
               throws Exception
        Attempt to logout for EJB.
        Parameters:
        errors - , errors = true, the method will propagate the exceptions encountered while logging out, errors=false will return a Boolean value of false indicating failure of logout
        Returns:
        Boolean containing true or false to indicate success or failure of logout.
        Throws:
        Exception - encountered while logging out, if errors==false

      • login

        public Boolean login​(String user,
                     String password,
                     String realm,
                     jakarta.servlet.http.HttpServletRequest request,
                     jakarta.servlet.http.HttpServletResponse response,
                     boolean errors)
              throws Exception
        Attempt to login. This method is specific to the Servlet container.

        Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject. In addition, the principal stored in the request is set to the user name. If a session is available, its principal is also set to the user provided.

        Note: Use of the char[] as password is encouraged

        Parameters:
        realm -
        errors -
        user - User name.
        password - Password for user.
        request - HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
        response - HTTP response object provided by called application. It should be an instance of HttpServletResponse.
        Returns:
        Boolean indicating true for successful login and false otherwise
        Throws:
        Exception - any exceptions encountered during login

      • login

        public Boolean login​(String user,
                     String password,
                     jakarta.servlet.http.HttpServletRequest request,
                     jakarta.servlet.http.HttpServletResponse response)

      • login

        public Boolean login​(String user,
                     char[] password,
                     jakarta.servlet.http.HttpServletRequest request,
                     jakarta.servlet.http.HttpServletResponse response)
        Attempt to login. This method is specific to Servlets (and JSPs).

        Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject. In addition, the principal stored in the request is set to the user name. If a session is available, its principal is also set to the user provided.

        Parameters:
        user - User name.
        password - Password for user.
        request - HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
        response - HTTP response object provided by called application. It should be an instance of HttpServletResponse.
        Returns:
        Boolean containing true or false to indicate success or failure of login.

      • login

        public Boolean login​(String user,
                     char[] password,
                     String realm,
                     jakarta.servlet.http.HttpServletRequest request,
                     jakarta.servlet.http.HttpServletResponse response,
                     boolean errors)
              throws Exception
        Attempt to login. This method is specific to servlets (and JSPs).

        Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject. In addition, the principal stored in the request is set to the user name. If a session is available, its principal is also set to the user provided.

        Parameters:
        realm -
        errors -
        user - User name.
        password - Password for user.
        request - HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
        response - HTTP response object provided by called application. It should be an instance of HttpServletResponse.
        Returns:
        Boolean indicating true for successful login and false otherwise
        Throws:
        Exception - any exceptions encountered during login

      • logout

        public Boolean logout​(jakarta.servlet.http.HttpServletRequest request,
                      jakarta.servlet.http.HttpServletResponse response)
        Attempt to logout. Also removes principal from request (and session if available).

      • logout

        public Boolean logout​(jakarta.servlet.http.HttpServletRequest request,
                      jakarta.servlet.http.HttpServletResponse response,
                      boolean errors)
               throws Exception
        Attempt to logout. Also removes principal from request (and session if available).
        Parameters:
        errors - , errors = true, the method will propagate the exceptions encountered while logging out, errors=false will return a Boolean value of false indicating failure of logout
        Returns:
        Boolean containing true or false to indicate success or failure of logout.
        Throws:
        Exception