Class JpamLoginModule
- All Implemented Interfaces:
LoginModule
LoginModule which invokes JPAM. This can be used from standard
JAAS implementations. It is an alternative to directly using the Pam class.
This class relies on the existence of a .java.login.config with a login configuration
called net-sf-jpam. Copy the .java.login.config in the src/config/- Version:
- $Id: JpamLoginModule.java 19 2007-04-01 23:13:48Z gregluck $
- Author:
- Greg Luck
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleanabort()Method to abort the authentication process (phase 2).booleancommit()Method to commit the authentication process (phase 2).getPam()Get the underlying PAM objectvoidinitialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) Initialize this LoginModule.booleanlogin()Method to authenticate aSubject(phase 1).booleanlogout()Method which logs out aSubject.
-
Constructor Details
-
JpamLoginModule
public JpamLoginModule()
-
-
Method Details
-
abort
Method to abort the authentication process (phase 2).This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).
If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the
loginmethod), then this method cleans up any state that was originally saved.- Specified by:
abortin interfaceLoginModule- Returns:
- true if this method succeeded, or false if this
LoginModuleshould be ignored. - Throws:
LoginException- if the abort fails
-
commit
Method to commit the authentication process (phase 2).This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the
loginmethod), then this method associates relevant Principals and Credentials with theSubjectlocated in theLoginModule. If this LoginModule's own authentication attempted failed, then this method removes/destroys any state that was originally saved.- Specified by:
commitin interfaceLoginModule- Returns:
- true if this method succeeded, or false if this
LoginModuleshould be ignored. - Throws:
LoginException- if the commit fails
-
login
Method to authenticate aSubject(phase 1).The implementation of this method authenticates a
Subject. For example, it may prompt forSubjectinformation such as a username and password and then attempt to verify the password. This method saves the result of the authentication attempt as private state within the LoginModule.- Specified by:
loginin interfaceLoginModule- Returns:
- true if the authentication succeeded, or false if this
LoginModuleshould be ignored. - Throws:
LoginException- if the authentication fails
-
logout
Method which logs out aSubject.An implementation of this method might remove/destroy a Subject's Principals and Credentials.
- Specified by:
logoutin interfaceLoginModule- Returns:
- true if this method succeeded, or false if this
LoginModuleshould be ignored. - Throws:
LoginException- if the logout fails
-
initialize
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) Initialize this LoginModule.This method is called by the
LoginContextafter thisLoginModulehas been instantiated. The purpose of this method is to initialize thisLoginModulewith the relevant information. If thisLoginModuledoes not understand any of the data stored insharedStateoroptionsparameters, they can be ignored.- Specified by:
initializein interfaceLoginModule- Parameters:
subject- theSubjectto be authenticated.callbackHandler- aCallbackHandlerfor communicating with the end user (prompting for usernames and passwords, for example).sharedState- state shared with other configured LoginModules.options- options specified in the loginConfigurationfor this particularLoginModule.
-
getPam
Get the underlying PAM object
-