Package com.sun.grid.security.login
Class UnixLoginModule
- java.lang.Object
-
- com.sun.grid.security.login.UnixLoginModule
-
- All Implemented Interfaces:
javax.security.auth.spi.LoginModule
public class UnixLoginModule extends java.lang.Object implements javax.security.auth.spi.LoginModuleThisLoginModuleauthenticates a unix user with username and password against the PAM or system authentication system. The username is queried with aNameCallback, the password with aPasswordCallbackAfter a successfull login this
LoginModuleadds- a
UnixPrincipalof the authenticated user - a
UnixNumericUserPrincipalwith the user id of the authenticated user - a
UnixNumericGroupPrincipalfor each group the authenticated user belongs too
This class uses a
Loggerfor log messages. The name of theLoggeris equal to the fullqualified classname of this class.Options for UnixLoginModule
Option description sge_root path to the gridengine distribution auth_method Autehtication method. Valid values are "pam" and "system" pam_service Name of the pam service (see man pam(5). Required for PAM authentifcation Simple jaas config file for PAM authentication
sample { com.sun.grid.security.login.UnixLoginModule requisite sge_root="/opt/sge", auth_method="pam"; pam_service="su"; };Simple jaas config file for system authentication
sample { com.sun.grid.security.login.UnixLoginModule requisite command="/opt/sge", auth_method="system"; };
-
-
Constructor Summary
Constructors Constructor Description UnixLoginModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanabort()Abort the login.booleancommit()Commit the login (adds the principals to the subject)voidinitialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)Initialize theUnixLoginModulebooleanlogin()Perform the login.booleanlogout()Removes all previously added prinicipals from the subject.
-
-
-
Method Detail
-
initialize
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)Initialize theUnixLoginModule- Specified by:
initializein interfacejavax.security.auth.spi.LoginModule- Parameters:
subject- the current subjectcallbackHandler- the callbackhandler (must at least handle aNameCallbackand a PasswordCallback).sharedState- not usedoptions- contains the options for theUnixLoginModule.
-
login
public boolean login() throws javax.security.auth.login.LoginExceptionPerform the login.- Specified by:
loginin interfacejavax.security.auth.spi.LoginModule- Returns:
trueon successfull authentication.falseif username of password is invalid.- Throws:
javax.security.auth.login.LoginException-- if the callbackhandler reports an error
- if some options are missing (please check the jass.config file)
- if the underlying authentication system report an error
-
commit
public boolean commit()
Commit the login (adds the principals to the subject)- Specified by:
commitin interfacejavax.security.auth.spi.LoginModule- Returns:
trueof the principals has been added to the subject.
-
abort
public boolean abort()
Abort the login.- Specified by:
abortin interfacejavax.security.auth.spi.LoginModule- Returns:
- Always
true
-
logout
public boolean logout()
Removes all previously added prinicipals from the subject.- Specified by:
logoutin interfacejavax.security.auth.spi.LoginModule- Returns:
- Always
true
-
-