Package org.apache.catalina.realm
Class JAASMemoryLoginModule
java.lang.Object
org.apache.catalina.util.LifecycleBase
org.apache.catalina.util.LifecycleMBeanBase
org.apache.catalina.realm.RealmBase
org.apache.catalina.realm.MemoryRealm
org.apache.catalina.realm.JAASMemoryLoginModule
- All Implemented Interfaces:
MBeanRegistration,LoginModule,Contained,JmxEnabled,Lifecycle,Realm
Implementation of the JAAS LoginModule interface,
primarily for use in testing JAASRealm. It utilizes an
XML-format data file of username/password/role information identical to
that supported by org.apache.catalina.realm.MemoryRealm.
This class recognizes the following string-valued options, which are
specified in the configuration file and passed to initialize(Subject, CallbackHandler, Map, Map) in the options
argument:
- pathname - Relative (to the pathname specified by the
"catalina.base" system property) or absolute pathname to the
XML file containing our user information, in the format supported by
MemoryRealm. The default value matches the MemoryRealm default. - credentialHandlerClassName - The fully qualified class
name of the CredentialHandler to use. If not specified,
MessageDigestCredentialHandlerwill be used. - Any additional options will be used to identify and call setters on the
CredentialHandler. For example,algorithm=SHA256would result in a call toMessageDigestCredentialHandler.setAlgorithm(String)with a parameter of"SHA256"
IMPLEMENTATION NOTE - This class implements
Realm only to satisfy the calling requirements of the
GenericPrincipal constructor. It does not actually perform
the functionality required of a Realm implementation.
- Author:
- Craig R. McClanahan
-
Nested Class Summary
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
RealmBase.AllRolesModeNested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse -
Field Summary
FieldsModifier and TypeFieldDescriptionprotected CallbackHandlerThe callback handler responsible for answering our requests.protected booleanHas our owncommit()returned successfully?The configuration information for thisLoginModule.protected StringThe absolute or relative pathname to the XML configuration file.protected PrincipalThePrincipalidentified by our validation, ornullif validation failed.The state information that is shared with other configuredLoginModuleinstances.protected SubjectThe subject for which we are performing authentication.Fields inherited from class org.apache.catalina.realm.RealmBase
allRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassNameFields inherited from class org.apache.catalina.util.LifecycleMBeanBase
mserverFields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleanabort()Phase 2 of authenticating aSubjectwhen Phase 1 fails.booleancommit()Phase 2 of authenticating aSubjectwhen Phase 1 was successful.voidinitialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) Initialize thisLoginModulewith the specified configuration information.protected voidload()Load the contents of our configuration file.booleanlogin()Phase 1 of authenticating aSubject.booleanlogout()Log out this user.Methods inherited from class org.apache.catalina.realm.MemoryRealm
authenticate, getDigester, getPassword, getPathname, getPrincipal, setPathname, startInternalMethods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getRoles, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, stopInternal, toStringMethods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregisterMethods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stopMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface org.apache.catalina.Realm
isAvailable
-
Field Details
-
callbackHandler
The callback handler responsible for answering our requests. -
committed
protected boolean committedHas our owncommit()returned successfully? -
options
The configuration information for thisLoginModule. -
pathname
The absolute or relative pathname to the XML configuration file. -
principal
ThePrincipalidentified by our validation, ornullif validation failed. -
subject
The subject for which we are performing authentication.
-
-
Constructor Details
-
JAASMemoryLoginModule
public JAASMemoryLoginModule()
-
-
Method Details
-
abort
Phase 2 of authenticating aSubjectwhen Phase 1 fails. This method is called if theLoginContextfailed somewhere in the overall authentication chain.- Specified by:
abortin interfaceLoginModule- Returns:
trueif this method succeeded, orfalseif thisLoginModuleshould be ignored- Throws:
LoginException- if the abort fails
-
commit
Phase 2 of authenticating aSubjectwhen Phase 1 was successful. This method is called if theLoginContextsucceeded in the overall authentication chain.- Specified by:
commitin interfaceLoginModule- Returns:
trueif the authentication succeeded, orfalseif thisLoginModuleshould be ignored- Throws:
LoginException- if the commit fails
-
initialize
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) Initialize thisLoginModulewith the specified configuration information.- Specified by:
initializein interfaceLoginModule- Parameters:
subject- TheSubjectto be authenticatedcallbackHandler- ACallbackHandlerfor communicating with the end user as necessarysharedState- State information shared with otherLoginModuleinstancesoptions- Configuration information for this specificLoginModuleinstance
-
login
Phase 1 of authenticating aSubject.- Specified by:
loginin interfaceLoginModule- Returns:
trueif the authentication succeeded, orfalseif thisLoginModuleshould be ignored- Throws:
LoginException- if the authentication fails
-
logout
Log out this user.- Specified by:
logoutin interfaceLoginModule- Returns:
truein all cases because theLoginModuleshould not be ignored- Throws:
LoginException- if logging out failed
-
load
protected void load()Load the contents of our configuration file.
-