AbstractLoginModule (VT LDAP Libraries 3.3.4 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

edu.vt.middleware.ldap.jaas
Class AbstractLoginModule

java.lang.Object
  edu.vt.middleware.ldap.jaas.AbstractLoginModule

All Implemented Interfaces:: LoginModule

Direct Known Subclasses:: LdapDnAuthorizationModule, LdapLoginModule, LdapRoleAuthorizationModule

public abstract class AbstractLoginModule
extends Object
implements LoginModule
extends Object
implements LoginModule

AbstractLoginModule provides functionality common to ldap based login modules.

Version:: $Revision: 1878 $ $Date: 2011-04-05 11:15:00 -0400 (Tue, 05 Apr 2011) $
Author:: Middleware Services

Field Summary
`protected CallbackHandler`	`callbackHandler` Initialized callback handler.
`protected boolean`	`clearPass` Whether credentials should be removed from the shared state map.
`protected boolean`	`commitSuccess` Whether commit was successful.
`protected Set<LdapCredential>`	`credentials` Credentials to add to the subject.
`protected List<LdapRole>`	`defaultRole` Default roles.
`protected org.apache.commons.logging.Log`	`logger` Log for this class.
`static String`	`LOGIN_DN` Constant for entryDn stored in shared state.
`static String`	`LOGIN_NAME` Constant for login name stored in shared state.
`static String`	`LOGIN_PASSWORD` Constant for login password stored in shared state.
`protected boolean`	`loginSuccess` Whether login was successful.
`protected String`	`principalGroupName` Name of group to add all principals to.
`protected Set<Principal>`	`principals` Principals to add to the subject.
`protected String`	`roleGroupName` Name of group to add all roles to.
`protected Set<Principal>`	`roles` Roles to add to the subject.
`protected boolean`	`setLdapCredential` Whether ldap credential data should be set.
`protected boolean`	`setLdapDnPrincipal` Whether ldap dn principal data should be set.
`protected boolean`	`setLdapPrincipal` Whether ldap principal data should be set.
`protected Map`	`sharedState` Shared state from other login module.
`protected boolean`	`storePass` Whether credentials should be stored in the shared state map.
`protected Subject`	`subject` Initialized subject.
`protected boolean`	`tryFirstPass` Whether credentials from the shared state should be used if they are available.
`protected boolean`	`useFirstPass` Whether credentials from the shared state should be used.

Constructor Summary
`AbstractLoginModule()`

Method Summary
`boolean`	`abort()`
`protected List<LdapRole>`	`attributesToRoles(Attributes attributes)` This parses the supplied attributes and returns them as a list of `LdapRole`s.
`protected void`	`clearState()` Removes any stateful principals, credentials, or roles stored by login.
`boolean`	`commit()`
`static Authenticator`	`createAuthenticator(Map<String,?> options)` This constructs a new `Authenticator` with the supplied jaas options.
`static Ldap`	`createLdap(Map<String,?> options)` This constructs a new `Ldap` with the supplied jaas options.
`protected void`	`getCredentials(NameCallback nameCb, PasswordCallback passCb, boolean useCallback)` This attempts to retrieve credentials for the supplied name and password callbacks.
`void`	`initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)`
`abstract boolean`	`login()`
`boolean`	`logout()`
`protected void`	`storeCredentials(NameCallback nameCb, PasswordCallback passCb, String loginDn)` This will store the supplied name, password, and entry dn in the stored state map.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

LOGIN_NAME

public static final String LOGIN_NAME

Constant for login name stored in shared state.

See Also:: Constant Field Values

LOGIN_DN

public static final String LOGIN_DN

Constant for entryDn stored in shared state.

See Also:: Constant Field Values

LOGIN_PASSWORD

public static final String LOGIN_PASSWORD

Constant for login password stored in shared state.

See Also:: Constant Field Values

logger

protected final org.apache.commons.logging.Log logger

Log for this class.

subject

protected Subject subject

Initialized subject.

callbackHandler

protected CallbackHandler callbackHandler

Initialized callback handler.

sharedState

protected Map sharedState

Shared state from other login module.

useFirstPass

protected boolean useFirstPass

Whether credentials from the shared state should be used.

tryFirstPass

protected boolean tryFirstPass

Whether credentials from the shared state should be used if they are available.

storePass

protected boolean storePass

Whether credentials should be stored in the shared state map.

clearPass

protected boolean clearPass

Whether credentials should be removed from the shared state map.

setLdapPrincipal

protected boolean setLdapPrincipal

Whether ldap principal data should be set.

setLdapDnPrincipal

protected boolean setLdapDnPrincipal

Whether ldap dn principal data should be set.

setLdapCredential

protected boolean setLdapCredential

Whether ldap credential data should be set.

defaultRole

protected List<LdapRole> defaultRole

Default roles.

principalGroupName

protected String principalGroupName

Name of group to add all principals to.

roleGroupName

protected String roleGroupName

Name of group to add all roles to.

loginSuccess

protected boolean loginSuccess

Whether login was successful.

commitSuccess

protected boolean commitSuccess

Whether commit was successful.

principals

protected Set<Principal> principals

Principals to add to the subject.

credentials

protected Set<LdapCredential> credentials

Credentials to add to the subject.

roles

protected Set<Principal> roles

Roles to add to the subject.

Constructor Detail

AbstractLoginModule

public AbstractLoginModule()

Method Detail

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map<String,?> sharedState,
                       Map<String,?> options)

Specified by:: initialize in interface LoginModule

login

public abstract boolean login()
                       throws LoginException

Specified by:: login in interface LoginModule

Throws:: LoginException

commit

public boolean commit()
               throws LoginException

Specified by:: commit in interface LoginModule

Throws:: LoginException

abort

public boolean abort()
              throws LoginException

Specified by:: abort in interface LoginModule

Throws:: LoginException

logout

public boolean logout()
               throws LoginException

Specified by:: logout in interface LoginModule

Throws:: LoginException

createLdap

public static Ldap createLdap(Map<String,?> options)

This constructs a new Ldap with the supplied jaas options.

Parameters:: options - Map
Returns:: Ldap

createAuthenticator

public static Authenticator createAuthenticator(Map<String,?> options)

This constructs a new Authenticator with the supplied jaas options.

Parameters:: options - Map
Returns:: Authenticator

clearState

protected void clearState()

Removes any stateful principals, credentials, or roles stored by login. Also removes shared state name, dn, and password if clearPass is set.

getCredentials

protected void getCredentials(NameCallback nameCb,
                              PasswordCallback passCb,
                              boolean useCallback)
                       throws LoginException

This attempts to retrieve credentials for the supplied name and password callbacks. If useFirstPass or tryFirstPass is set, then name and password data is retrieved from shared state. Otherwise a callback handler is used to get the data. Set useCallback to force a callback handler to be used.

Parameters:: nameCb - to set name for; passCb - to set password for; useCallback - whether to force a callback handler
Throws:: LoginException - if the callback handler fails

storeCredentials

protected void storeCredentials(NameCallback nameCb,
                                PasswordCallback passCb,
                                String loginDn)

This will store the supplied name, password, and entry dn in the stored state map. storePass must be set for this method to have any affect.

Parameters:: nameCb - to store; passCb - to store; loginDn - to store

attributesToRoles

protected List<LdapRole> attributesToRoles(Attributes attributes)
                                    throws NamingException

This parses the supplied attributes and returns them as a list of


 LdapRole

Parameters:: attributes - Attributes
Returns:: List
Throws:: NamingException - if the attributes cannot be parsed