Package alluxio.security.login
Class AppLoginModule
- java.lang.Object
-
- alluxio.security.login.AppLoginModule
-
- All Implemented Interfaces:
javax.security.auth.spi.LoginModule
@NotThreadSafe public final class AppLoginModule extends java.lang.Object implements javax.security.auth.spi.LoginModule
An app login module that creates a user based on the user name provided through application configuration. Specifically, through Alluxio property alluxio.security.login.username. This module is useful if multiple Alluxio clients running under same OS user name want to get different identifies (for resource and data management), or if Alluxio clients running under different OS user names want to get same identify.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
AppLoginModule.AppCallbackHandler
A callback handler forAppLoginModule
.
-
Constructor Summary
Constructors Constructor Description AppLoginModule()
Constructs a newAppLoginModule
.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
abort()
Aborts the authentication (second phase).boolean
commit()
Commits the authentication (second phase).void
initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)
boolean
login()
Retrieves the user name by querying the property ofPropertyKey.SECURITY_LOGIN_USERNAME
throughAppLoginModule.AppCallbackHandler
.boolean
logout()
Logs out the user
-
-
-
Constructor Detail
-
AppLoginModule
public AppLoginModule()
Constructs a newAppLoginModule
.
-
-
Method Detail
-
initialize
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)
- Specified by:
initialize
in interfacejavax.security.auth.spi.LoginModule
-
login
public boolean login() throws javax.security.auth.login.LoginException
Retrieves the user name by querying the property ofPropertyKey.SECURITY_LOGIN_USERNAME
throughAppLoginModule.AppCallbackHandler
.- Specified by:
login
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true if user name provided by application is set and not empty
- Throws:
javax.security.auth.login.LoginException
- when the login fails
-
abort
public boolean abort() throws javax.security.auth.login.LoginException
Aborts the authentication (second phase).This method is called if the LoginContext's overall authentication failed. (login failed) It cleans up any state that was changed in the login and commit methods.
- Specified by:
abort
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true in all cases
- Throws:
javax.security.auth.login.LoginException
- when the abortion fails
-
commit
public boolean commit() throws javax.security.auth.login.LoginException
Commits the authentication (second phase).This method is called if the LoginContext's overall authentication succeeded. The implementation first checks if there is already Alluxio user in the subject. If not, it adds the previously logged in Alluxio user into the subject.
- Specified by:
commit
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true if an Alluxio user is found or created
- Throws:
javax.security.auth.login.LoginException
- not Alluxio user is found or created
-
logout
public boolean logout() throws javax.security.auth.login.LoginException
Logs out the userThe implementation removes the User associated with the Subject.
- Specified by:
logout
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true in all cases
- Throws:
javax.security.auth.login.LoginException
- if logout fails
-
-