Class JAASMemoryLoginModule

  • All Implemented Interfaces:
    javax.management.MBeanRegistration, javax.security.auth.spi.LoginModule, Contained, GSSRealm, JmxEnabled, Lifecycle, Realm

    public class JAASMemoryLoginModule
    extends MemoryRealm
    implements javax.security.auth.spi.LoginModule

    Implementation of the JAAS LoginModule interface, primarily for use in testing JAASRealm. It utilizes an XML-format data file of username/password/role information identical to that supported by org.apache.catalina.realm.MemoryRealm.

    This class recognizes the following string-valued options, which are specified in the configuration file and passed to initialize(Subject, CallbackHandler, Map, Map) in the options argument:

    • pathname - Relative (to the pathname specified by the "catalina.base" system property) or absolute pathname to the XML file containing our user information, in the format supported by MemoryRealm. The default value matches the MemoryRealm default.
    • credentialHandlerClassName - The fully qualified class name of the CredentialHandler to use. If not specified, MessageDigestCredentialHandler will be used.
    • Any additional options will be used to identify and call setters on the CredentialHandler. For example, algorithm=SHA256 would result in a call to MessageDigestCredentialHandler.setAlgorithm(String) with a parameter of "SHA256"

    IMPLEMENTATION NOTE - This class implements Realm only to satisfy the calling requirements of the GenericPrincipal constructor. It does not actually perform the functionality required of a Realm implementation.

    Author:
    Craig R. McClanahan
    • Field Detail

      • callbackHandler

        protected javax.security.auth.callback.CallbackHandler callbackHandler
        The callback handler responsible for answering our requests.
      • committed

        protected boolean committed
        Has our own commit() returned successfully?
      • options

        protected java.util.Map<java.lang.String,​?> options
        The configuration information for this LoginModule.
      • pathname

        protected java.lang.String pathname
        The absolute or relative pathname to the XML configuration file.
      • principal

        protected java.security.Principal principal
        The Principal identified by our validation, or null if validation failed.
      • sharedState

        protected java.util.Map<java.lang.String,​?> sharedState
        The state information that is shared with other configured LoginModule instances.
      • subject

        protected javax.security.auth.Subject subject
        The subject for which we are performing authentication.
    • Constructor Detail

      • JAASMemoryLoginModule

        public JAASMemoryLoginModule()
    • Method Detail

      • abort

        public boolean abort()
                      throws javax.security.auth.login.LoginException
        Specified by:
        abort in interface javax.security.auth.spi.LoginModule
        Throws:
        javax.security.auth.login.LoginException
      • commit

        public boolean commit()
                       throws javax.security.auth.login.LoginException
        Specified by:
        commit in interface javax.security.auth.spi.LoginModule
        Throws:
        javax.security.auth.login.LoginException
      • initialize

        public void initialize​(javax.security.auth.Subject subject,
                               javax.security.auth.callback.CallbackHandler callbackHandler,
                               java.util.Map<java.lang.String,​?> sharedState,
                               java.util.Map<java.lang.String,​?> options)
        Specified by:
        initialize in interface javax.security.auth.spi.LoginModule
      • login

        public boolean login()
                      throws javax.security.auth.login.LoginException
        Specified by:
        login in interface javax.security.auth.spi.LoginModule
        Throws:
        javax.security.auth.login.LoginException
      • logout

        public boolean logout()
                       throws javax.security.auth.login.LoginException
        Specified by:
        logout in interface javax.security.auth.spi.LoginModule
        Throws:
        javax.security.auth.login.LoginException
      • load

        protected void load()
        Load the contents of our configuration file.