JpamLoginModule

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.sf.jpam.jaas
Class JpamLoginModule

java.lang.Object
  net.sf.jpam.jaas.JpamLoginModule

All Implemented Interfaces:: javax.security.auth.spi.LoginModule

public class JpamLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule

A LoginModule which invokes JPAM. This can be used from standard JAAS implementations. It is an alternative to directly using the Pam class.

This class relies on the existence of a .java.login.config with a login configuration called net-sf-jpam. Copy the .java.login.config in the src/config/ directory to running user's home directory.

Constructor Summary
`JpamLoginModule()`

Method Summary
`boolean`	`abort()` Method to abort the authentication process (phase 2).
`boolean`	`commit()` Method to commit the authentication process (phase 2).
`Pam`	`getPam()` Get the underlying PAM object
`void`	`initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)` Initialize this LoginModule.
`boolean`	`login()` Method to authenticate a `Subject` (phase 1).
`boolean`	`logout()` Method which logs out a `Subject`.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

JpamLoginModule

public JpamLoginModule()

Method Detail

abort

public boolean abort()
              throws javax.security.auth.login.LoginException

Method to abort the authentication process (phase 2).

This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method cleans up any state that was originally saved.

Specified by:: abort in interface javax.security.auth.spi.LoginModule

Returns:: true if this method succeeded, or false if this LoginModule should be ignored.
Throws:: javax.security.auth.login.LoginException - if the abort fails

commit

public boolean commit()
               throws javax.security.auth.login.LoginException

Method to commit the authentication process (phase 2).

This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates relevant Principals and Credentials with the Subject located in the LoginModule. If this LoginModule's own authentication attempted failed, then this method removes/destroys any state that was originally saved.

Specified by:: commit in interface javax.security.auth.spi.LoginModule

Returns:: true if this method succeeded, or false if this LoginModule should be ignored.
Throws:: javax.security.auth.login.LoginException - if the commit fails

login

public boolean login()
              throws javax.security.auth.login.LoginException

Method to authenticate a Subject (phase 1).

The implementation of this method authenticates a Subject. For example, it may prompt for Subject information such as a username and password and then attempt to verify the password. This method saves the result of the authentication attempt as private state within the LoginModule.

Specified by:: login in interface javax.security.auth.spi.LoginModule

Returns:: true if the authentication succeeded, or false if this LoginModule should be ignored.
Throws:: javax.security.auth.login.LoginException - if the authentication fails

logout

public boolean logout()
               throws javax.security.auth.login.LoginException

Method which logs out a Subject.

An implementation of this method might remove/destroy a Subject's Principals and Credentials.

Specified by:: logout in interface javax.security.auth.spi.LoginModule

Returns:: true if this method succeeded, or false if this LoginModule should be ignored.
Throws:: javax.security.auth.login.LoginException - if the logout fails

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map sharedState,
                       java.util.Map options)

Initialize this LoginModule.

This method is called by the LoginContext after this LoginModule has been instantiated. The purpose of this method is to initialize this LoginModule with the relevant information. If this LoginModule does not understand any of the data stored in sharedState or options parameters, they can be ignored.

Specified by:: initialize in interface javax.security.auth.spi.LoginModule

Parameters:: subject - the Subject to be authenticated.; callbackHandler - a CallbackHandler for communicating with the end user (prompting for usernames and passwords, for example).; sharedState - state shared with other configured LoginModules.; options - options specified in the login Configuration for this particular LoginModule.

getPam

public Pam getPam()

Get the underlying PAM object

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.sf.jpam.jaas Class JpamLoginModule

JpamLoginModule

abort

commit

login

logout

initialize

getPam

net.sf.jpam.jaas
Class JpamLoginModule