|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.jboss.security.auth.spi.AbstractServerLoginModule
org.jboss.security.auth.spi.UsernamePasswordLoginModule
org.jboss.security.auth.spi.UsersRolesLoginModule
public class UsersRolesLoginModule
A simple Properties map based login module that consults two Java Properties formatted text files for username to password("users.properties") and username to roles("roles.properties") mapping. The names of the properties files may be overriden by the usersProperties and rolesProperties options. The properties files are loaded during initialization using the thread context class loader. This means that these files can be placed into the J2EE deployment jar or the JBoss config directory. The users.properties file uses a format: username1=password1 username2=password2 ... to define all valid usernames and their corresponding passwords. The roles.properties file uses a format: username1=role1,role2,... username1.RoleGroup1=role3,role4,... username2=role1,role3,... to define the sets of roles for valid usernames. The "username.XXX" form of property name is used to assign the username roles to a particular named group of roles where the XXX portion of the property name is the group name. The "username=..." form is an abbreviation for "username.Roles=...". The following are therefore equivalent: jduke=TheDuke,AnimatedCharacter jduke.Roles=TheDuke,AnimatedCharacter
Field Summary |
---|
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule |
---|
callbackHandler, log, loginOk, options, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass |
Constructor Summary | |
---|---|
UsersRolesLoginModule()
|
Method Summary | |
---|---|
protected Properties |
createRoles(Map options)
A hook to allow subclasses to create the roles Properties map. |
protected Properties |
createUsers(Map options)
A hook to allow subclasses to create the users Properties map. |
protected Group[] |
getRoleSets()
Create the set of roles the user belongs to by parsing the roles.properties data for username=role1,role2,... |
protected String |
getUsersPassword()
Get the expected password for the current username available via the getUsername() method. |
void |
initialize(Subject subject,
CallbackHandler callbackHandler,
Map sharedState,
Map options)
Initialize this LoginModule. |
protected void |
loadRoles()
Loads the roles Properties from the defaultRolesRsrcName and rolesRsrcName resource settings. |
protected void |
loadUsers()
Loads the users Properties from the defaultUsersRsrcName and usersRsrcName resource settings. |
boolean |
login()
Method to authenticate a Subject (phase 1). |
protected void |
parseGroupMembers(Group group,
String roles)
Parse the comma delimited roles names given by value and add them to group. |
Methods inherited from class org.jboss.security.auth.spi.UsernamePasswordLoginModule |
---|
createPasswordHash, getCredentials, getIdentity, getUnauthenticatedIdentity, getUsername, getUsernameAndPassword, getValidateError, setValidateError, validatePassword |
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule |
---|
abort, commit, createGroup, createIdentity, getUseFirstPass, logout |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public UsersRolesLoginModule()
Method Detail |
---|
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
initialize
in interface LoginModule
initialize
in class UsernamePasswordLoginModule
options
- - the login module option map. Supported options include:
usersProperties: The name of the properties resource containing
user/passwords. The default is "users.properties"
rolesProperties: The name of the properties resource containing user/roles
The default is "roles.properties".
roleGroupSeperator: The character used to seperate the role group name from
the username e.g., '.' in jduke.CallerPrincipal=... . The default = '.'.
defaultUsersProperties=string: The name of the properties resource containing
the username to password mappings that will be used as the defaults
Properties passed to the usersProperties Properties. This defaults to
defaultUsers.properties.
defaultRolesProperties=string: The name of the properties resource containing
the username to roles mappings that will be used as the defaults
Properties passed to the usersProperties Properties. This defaults to
defaultRoles.properties.subject
- the Subject to update after a successful login.callbackHandler
- the CallbackHandler that will be used to obtain the
the user identity and credentials.sharedState
- a Map shared between all configured login module instancespublic boolean login() throws LoginException
login
in interface LoginModule
login
in class UsernamePasswordLoginModule
LoginException
- thrown if the users or roles properties files
were not found or the super.login method fails.protected Group[] getRoleSets() throws LoginException
getRoleSets
in class AbstractServerLoginModule
LoginException
protected String getUsersPassword()
UsernamePasswordLoginModule
getUsersPassword
in class UsernamePasswordLoginModule
protected void loadUsers() throws IOException
IOException
- - thrown on failure to load the properties file.protected Properties createUsers(Map options) throws IOException
options
- - the login module options passed to initialize
IOException
- - thrown on failure to load the propertiesprotected void loadRoles() throws IOException
IOException
- - thrown on failure to load the properties file.protected Properties createRoles(Map options) throws IOException
options
- - the login module options passed to initialize
IOException
- - thrown on failure to load the propertiesprotected void parseGroupMembers(Group group, String roles)
group
- - the Group to add the roles to.roles
- - the comma delimited role names.AbstractServerLoginModule.createIdentity(String)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |