Package org.apache.catalina.realm
Class JAASMemoryLoginModule
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.realm.RealmBase
-
- org.apache.catalina.realm.MemoryRealm
-
- org.apache.catalina.realm.JAASMemoryLoginModule
-
- All Implemented Interfaces:
MBeanRegistration
,LoginModule
,Contained
,JmxEnabled
,Lifecycle
,Realm
public class JAASMemoryLoginModule extends MemoryRealm implements LoginModule
Implementation of the JAAS LoginModule interface, primarily for use in testing
JAASRealm
. It utilizes an XML-format data file of username/password/role information identical to that supported byorg.apache.catalina.realm.MemoryRealm
.This class recognizes the following string-valued options, which are specified in the configuration file and passed to
initialize(Subject, CallbackHandler, Map, Map)
in theoptions
argument:- pathname - Relative (to the pathname specified by the
"catalina.base" system property) or absolute pathname to the
XML file containing our user information, in the format supported by
MemoryRealm
. The default value matches the MemoryRealm default. - credentialHandlerClassName - The fully qualified class
name of the CredentialHandler to use. If not specified,
MessageDigestCredentialHandler
will be used. - Any additional options will be used to identify and call setters on the
CredentialHandler
. For example,algorithm=SHA256
would result in a call toMessageDigestCredentialHandler.setAlgorithm(String)
with a parameter of"SHA256"
IMPLEMENTATION NOTE - This class implements
Realm
only to satisfy the calling requirements of theGenericPrincipal
constructor. It does not actually perform the functionality required of aRealm
implementation.- Author:
- Craig R. McClanahan
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase
RealmBase.AllRolesMode
-
Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse
-
-
Field Summary
Fields Modifier and Type Field Description protected CallbackHandler
callbackHandler
The callback handler responsible for answering our requests.protected boolean
committed
Has our owncommit()
returned successfully?protected Map<String,?>
options
The configuration information for thisLoginModule
.protected String
pathname
The absolute or relative pathname to the XML configuration file.protected Principal
principal
ThePrincipal
identified by our validation, ornull
if validation failed.protected Map<String,?>
sharedState
The state information that is shared with other configuredLoginModule
instances.protected Subject
subject
The subject for which we are performing authentication.-
Fields inherited from class org.apache.catalina.realm.RealmBase
allRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
-
Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase
mserver
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description JAASMemoryLoginModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
abort()
Phase 2 of authenticating aSubject
when Phase 1 fails.boolean
commit()
Phase 2 of authenticating aSubject
when Phase 1 was successful.void
initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
Initialize thisLoginModule
with the specified configuration information.protected void
load()
Load the contents of our configuration file.boolean
login()
Phase 1 of authenticating aSubject
.boolean
logout()
Log out this user.-
Methods inherited from class org.apache.catalina.realm.MemoryRealm
authenticate, getDigester, getPassword, getPathname, getPrincipal, setPathname, startInternal
-
Methods inherited from class org.apache.catalina.realm.RealmBase
addPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getRoles, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, stopInternal, toString
-
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
-
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.apache.catalina.Realm
isAvailable
-
-
-
-
Field Detail
-
callbackHandler
protected CallbackHandler callbackHandler
The callback handler responsible for answering our requests.
-
committed
protected boolean committed
Has our owncommit()
returned successfully?
-
pathname
protected String pathname
The absolute or relative pathname to the XML configuration file.
-
principal
protected Principal principal
ThePrincipal
identified by our validation, ornull
if validation failed.
-
sharedState
protected Map<String,?> sharedState
The state information that is shared with other configuredLoginModule
instances.
-
subject
protected Subject subject
The subject for which we are performing authentication.
-
-
Method Detail
-
abort
public boolean abort() throws LoginException
Phase 2 of authenticating aSubject
when Phase 1 fails. This method is called if theLoginContext
failed somewhere in the overall authentication chain.- Specified by:
abort
in interfaceLoginModule
- Returns:
true
if this method succeeded, orfalse
if thisLoginModule
should be ignored- Throws:
LoginException
- if the abort fails
-
commit
public boolean commit() throws LoginException
Phase 2 of authenticating aSubject
when Phase 1 was successful. This method is called if theLoginContext
succeeded in the overall authentication chain.- Specified by:
commit
in interfaceLoginModule
- Returns:
true
if the authentication succeeded, orfalse
if thisLoginModule
should be ignored- Throws:
LoginException
- if the commit fails
-
initialize
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
Initialize thisLoginModule
with the specified configuration information.- Specified by:
initialize
in interfaceLoginModule
- Parameters:
subject
- TheSubject
to be authenticatedcallbackHandler
- ACallbackHandler
for communicating with the end user as necessarysharedState
- State information shared with otherLoginModule
instancesoptions
- Configuration information for this specificLoginModule
instance
-
login
public boolean login() throws LoginException
Phase 1 of authenticating aSubject
.- Specified by:
login
in interfaceLoginModule
- Returns:
true
if the authentication succeeded, orfalse
if thisLoginModule
should be ignored- Throws:
LoginException
- if the authentication fails
-
logout
public boolean logout() throws LoginException
Log out this user.- Specified by:
logout
in interfaceLoginModule
- Returns:
true
in all cases because theLoginModule
should not be ignored- Throws:
LoginException
- if logging out failed
-
load
protected void load()
Load the contents of our configuration file.
-
-