BaseCertificateLoginModule (Payara Project 4.1.2.174 API)

java.lang.Object
- com.sun.enterprise.security.BaseCertificateLoginModule

All Implemented Interfaces:

LoginModule

Direct Known Subclasses:

AppservCertificateLoginModule
```
public abstract class BaseCertificateLoginModule
extends Object
implements LoginModule
```
Abstract base class for certificate-based login modules.
Subclasses need to implement the authenticateUser() method and later call commitUserAuthentication().

Field Summary

Fields
Modifier and Type	Field and Description
`protected static Logger`	`_logger` System Logger.
`protected Map<String,?>`	`_options` Options configured for this LoginModule.
`protected Map<String,?>`	`_sharedState` State shared with other login modules.

Constructor Summary

Constructors
Constructor and Description

BaseCertificateLoginModule()

Constructors
Constructor and Description
`BaseCertificateLoginModule()`

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`abort()`
`protected abstract void`	`authenticateUser()` Perform authentication decision.
`boolean`	`commit()`
`protected void`	`commitUserAuthentication(String[] groups)` This is a convenience method which can be used by subclasses
`protected String`	`getAppName()` Get the application name.
`protected X509Certificate[]`	`getCerts()` Get the certificate chain presented by the client.
`protected Subject`	`getSubject()` Return the subject being authenticated.
`protected X500Principal`	`getX500Principal()` Returns the subject (subject distinguished name) value from the first certificate, in the client certificate chain, as an `X500Principal`.
`void`	`initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)`
`boolean`	`login()`
`boolean`	`logout()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - _sharedState
```
protected Map<String,?> _sharedState
```
    State shared with other login modules.
  - _options
```
protected Map<String,?> _options
```
    Options configured for this LoginModule.
  - _logger
```
protected static final Logger _logger
```
    System Logger.
- Constructor Detail
  - BaseCertificateLoginModule
```
public BaseCertificateLoginModule()
```
- Method Detail
  - initialize
```
public final void initialize(Subject subject,
                             CallbackHandler callbackHandler,
                             Map<String,?> sharedState,
                             Map<String,?> options)
```
    Specified by:
    
    initialize in interface LoginModule
  - login
```
public final boolean login()
                    throws LoginException
```
    Specified by:
    
    login in interface LoginModule
    
    Throws:
    
    LoginException
  - commit
```
public final boolean commit()
                     throws LoginException
```
    Specified by:
    
    commit in interface LoginModule
    
    Throws:
    
    LoginException
  - abort
```
public final boolean abort()
                    throws LoginException
```
    Specified by:
    
    abort in interface LoginModule
    
    Throws:
    
    LoginException
  - logout
```
public final boolean logout()
                     throws LoginException
```
    Specified by:
    
    logout in interface LoginModule
    
    Throws:
    
    LoginException
  - commitUserAuthentication
```
protected final void commitUserAuthentication(String[] groups)
```
    This is a convenience method which can be used by subclasses
    Note that this method is called after the authentication has succeeded. If authentication failed do not call this method. This method sets the authentication status to success if the groups parameter is non-null.
    
    Parameters:
    
    groups - String array of group memberships for user (could be empty).
  - authenticateUser
```
protected abstract void authenticateUser()
                                  throws LoginException
```
    Perform authentication decision. Method returns silently on success and returns a LoginException on failure.
    Must be overridden to add custom functionality.
    
    Throws:
    
    LoginException - on authentication failure.
  - getAppName
```
protected final String getAppName()
```
    Get the application name.
    This may be useful when a single LoginModule has to handle multiple applications that use certificates.
    
    Returns:
    
    the application name. Non-null only for web container.
  - getCerts
```
protected X509Certificate[] getCerts()
```
    Get the certificate chain presented by the client.
    
    Returns:
    
    the certificate chain from the client.
  - getX500Principal
```
protected X500Principal getX500Principal()
```
    Returns the subject (subject distinguished name) value from the first certificate, in the client certificate chain, as an X500Principal. If the subject value is empty, then the getName() method of the returned X500Principal object returns an empty string ("").
    
    Returns:
    
    an X500Principal representing the subject distinguished name from thr first certificate, in the client certificate chain;
  - getSubject
```
protected Subject getSubject()
```
    Return the subject being authenticated.
    
    Returns:
    
    the subject being authenticated.

Class BaseCertificateLoginModule

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

_sharedState

_options

_logger

Constructor Detail

BaseCertificateLoginModule

Method Detail

initialize

login

commit

abort

logout

commitUserAuthentication

authenticateUser

getAppName

getCerts

getX500Principal

getSubject