|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.jboss.security.auth.spi.AbstractServerLoginModule
org.jboss.security.auth.spi.BaseCertLoginModule
public class BaseCertLoginModule
Base Login Module that uses X509Certificates as credentials for authentication. This login module uses X509Certificates as a credential. It takes the cert as an object and checks to see if the alias in the truststore/keystore contains the same certificate. Subclasses of this module should implement the getRoleSets() method defined by AbstractServerLoginModule. Much of this module was patterned after the UserNamePasswordLoginModule.
Field Summary |
---|
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule |
---|
callbackHandler, log, loginOk, options, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass |
Constructor Summary | |
---|---|
BaseCertLoginModule()
|
Method Summary | |
---|---|
boolean |
commit()
Override to add the X509Certificate to the public credentials |
protected Object[] |
getAliasAndCert()
|
protected Object |
getCredentials()
|
protected Principal |
getIdentity()
Overriden by subclasses to return the Principal that corresponds to the user primary identity. |
protected Group[] |
getRoleSets()
Subclasses need to override this to provide the roles for authorization |
protected String |
getUsername()
|
void |
initialize(Subject subject,
CallbackHandler callbackHandler,
Map sharedState,
Map options)
Override the super version to pickup the following options after first calling the super method. |
boolean |
login()
Perform the authentication of the username and password. |
protected boolean |
validateCredential(String alias,
X509Certificate cert)
|
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule |
---|
abort, createGroup, createIdentity, getUnauthenticatedIdentity, getUseFirstPass, logout |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public BaseCertLoginModule()
Method Detail |
---|
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
initialize
in interface LoginModule
initialize
in class AbstractServerLoginModule
subject
- the Subject to update after a successful login.callbackHandler
- the CallbackHandler that will be used to obtain the
the user identity and credentials.sharedState
- a Map shared between all configured login module instancesoptions
- the parameters passed to the login module.SecurityDomain
,
X509CertificateVerifier
public boolean login() throws LoginException
login
in interface LoginModule
login
in class AbstractServerLoginModule
LoginException
public boolean commit() throws LoginException
commit
in interface LoginModule
commit
in class AbstractServerLoginModule
LoginException
Subject;
,
Group;
protected Group[] getRoleSets() throws LoginException
getRoleSets
in class AbstractServerLoginModule
LoginException
protected Principal getIdentity()
AbstractServerLoginModule
getIdentity
in class AbstractServerLoginModule
protected Object getCredentials()
protected String getUsername()
protected Object[] getAliasAndCert() throws LoginException
LoginException
protected boolean validateCredential(String alias, X509Certificate cert)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |