Package alluxio.security.login
Class AlluxioLoginModule
- java.lang.Object
-
- alluxio.security.login.AlluxioLoginModule
-
- All Implemented Interfaces:
javax.security.auth.spi.LoginModule
@NotThreadSafe public final class AlluxioLoginModule extends java.lang.Object implements javax.security.auth.spi.LoginModule
A login module that search the Kerberos or OS user from Subject, and then convert to an Alluxio user. It does not really authenticate the user in its login method.
-
-
Constructor Summary
Constructors Constructor Description AlluxioLoginModule()
Constructs a newAlluxioLoginModule
.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
abort()
Aborts the authentication (second phase).boolean
commit()
Commits the authentication (second phase).void
initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)
boolean
login()
Authenticates the user (first phase).boolean
logout()
Logs out the user.
-
-
-
Constructor Detail
-
AlluxioLoginModule
public AlluxioLoginModule()
Constructs a newAlluxioLoginModule
.
-
-
Method Detail
-
initialize
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)
- Specified by:
initialize
in interfacejavax.security.auth.spi.LoginModule
-
login
public boolean login() throws javax.security.auth.login.LoginException
Authenticates the user (first phase). The implementation does not really authenticate the user here. Always return true.- Specified by:
login
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true in all cases
- Throws:
javax.security.auth.login.LoginException
- when the login fails
-
abort
public boolean abort() throws javax.security.auth.login.LoginException
Aborts the authentication (second phase). This method is called if the LoginContext's overall authentication failed. (login failed) It cleans up any state that was changed in the login and commit methods.- Specified by:
abort
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true in all cases
- Throws:
javax.security.auth.login.LoginException
- when the abortion fails
-
commit
public boolean commit() throws javax.security.auth.login.LoginException
Commits the authentication (second phase). This method is called if the LoginContext's overall authentication succeeded. (login succeeded) The implementation searches the Kerberos or OS user in the Subject. If existed, convert it to an Alluxio user and add into the Subject.- Specified by:
commit
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true in all cases
- Throws:
javax.security.auth.login.LoginException
- if the user extending a specific Principal is not found
-
logout
public boolean logout() throws javax.security.auth.login.LoginException
Logs out the user. The implementation removes the User associated with the Subject.- Specified by:
logout
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true in all cases
- Throws:
javax.security.auth.login.LoginException
- if logout fails
-
-