Class JpamLoginModule
- All Implemented Interfaces:
LoginModule
LoginModule
which invokes JPAM. This can be used from standard
JAAS implementations. It is an alternative to directly using the Pam
class.
This class relies on the existence of a .java.login.config with a login configuration
called net-sf-jpam
. Copy the .java.login.config in the src/config/- Version:
- $Id: JpamLoginModule.java 19 2007-04-01 23:13:48Z gregluck $
- Author:
- Greg Luck
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionboolean
abort()
Method to abort the authentication process (phase 2).boolean
commit()
Method to commit the authentication process (phase 2).getPam()
Get the underlying PAM objectvoid
initialize
(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) Initialize this LoginModule.boolean
login()
Method to authenticate aSubject
(phase 1).boolean
logout()
Method which logs out aSubject
.
-
Constructor Details
-
JpamLoginModule
public JpamLoginModule()
-
-
Method Details
-
abort
Method to abort the authentication process (phase 2).This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).
If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the
login
method), then this method cleans up any state that was originally saved.- Specified by:
abort
in interfaceLoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
LoginException
- if the abort fails
-
commit
Method to commit the authentication process (phase 2).This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the
login
method), then this method associates relevant Principals and Credentials with theSubject
located in theLoginModule
. If this LoginModule's own authentication attempted failed, then this method removes/destroys any state that was originally saved.- Specified by:
commit
in interfaceLoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
LoginException
- if the commit fails
-
login
Method to authenticate aSubject
(phase 1).The implementation of this method authenticates a
Subject
. For example, it may prompt forSubject
information such as a username and password and then attempt to verify the password. This method saves the result of the authentication attempt as private state within the LoginModule.- Specified by:
login
in interfaceLoginModule
- Returns:
- true if the authentication succeeded, or false if this
LoginModule
should be ignored. - Throws:
LoginException
- if the authentication fails
-
logout
Method which logs out aSubject
.An implementation of this method might remove/destroy a Subject's Principals and Credentials.
- Specified by:
logout
in interfaceLoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
LoginException
- if the logout fails
-
initialize
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) Initialize this LoginModule.This method is called by the
LoginContext
after thisLoginModule
has been instantiated. The purpose of this method is to initialize thisLoginModule
with the relevant information. If thisLoginModule
does not understand any of the data stored insharedState
oroptions
parameters, they can be ignored.- Specified by:
initialize
in interfaceLoginModule
- Parameters:
subject
- theSubject
to be authenticated.callbackHandler
- aCallbackHandler
for communicating with the end user (prompting for usernames and passwords, for example).sharedState
- state shared with other configured LoginModules.options
- options specified in the loginConfiguration
for this particularLoginModule
.
-
getPam
Get the underlying PAM object
-