org.jboss.mq.sm.file
Class DynamicLoginModule

java.lang.Object
  extended byorg.jboss.security.auth.spi.AbstractServerLoginModule (src) 
      extended byorg.jboss.security.auth.spi.UsernamePasswordLoginModule (src) 
          extended byorg.jboss.mq.sm.file.DynamicLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule

public class DynamicLoginModule
extends UsernamePasswordLoginModule (src)

JAAS LoginModule that is backed by the DynamicStateManager. Must have the attribute sm.objectname set, and may have the unauthenticatedIdentity set to some value.


Field Summary
 
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule (src)
callbackHandler, log, loginOk, options, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
 
Constructor Summary
DynamicLoginModule()
           
 
Method Summary
protected  java.security.acl.Group[] getRoleSets()
          Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user.
protected  java.lang.String getUsersPassword()
          Overriden to return an empty password string as typically one cannot obtain a user's password.
 void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
          Override the superclass method to look for the following options after first invoking the super version.
 boolean login()
          Check we have contact to a state manager.
protected  boolean validatePassword(java.lang.String inputPassword, java.lang.String expectedPassword)
          Validate the password againts the state manager.
 
Methods inherited from class org.jboss.security.auth.spi.UsernamePasswordLoginModule (src)
createPasswordHash, getCredentials, getIdentity, getUnauthenticatedIdentity, getUsername, getUsernameAndPassword
 
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule (src)
abort, commit, createGroup, createIdentity, getUseFirstPass, logout
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DynamicLoginModule

public DynamicLoginModule()
Method Detail

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map sharedState,
                       java.util.Map options)
Description copied from class: UsernamePasswordLoginModule (src)
Override the superclass method to look for the following options after first invoking the super version.

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Overrides:
initialize in class UsernamePasswordLoginModule (src)
Parameters:
options - :

login

public boolean login()
              throws javax.security.auth.login.LoginException
Check we have contact to a state manager.

Specified by:
login in interface javax.security.auth.spi.LoginModule
Overrides:
login in class UsernamePasswordLoginModule (src)
Throws:
javax.security.auth.login.LoginException

getUsersPassword

protected java.lang.String getUsersPassword()
                                     throws javax.security.auth.login.LoginException
Overriden to return an empty password string as typically one cannot obtain a user's password. We also override the validatePassword so this is ok.

Specified by:
getUsersPassword in class UsernamePasswordLoginModule (src)
Returns:
and empty password String
Throws:
javax.security.auth.login.LoginException

validatePassword

protected boolean validatePassword(java.lang.String inputPassword,
                                   java.lang.String expectedPassword)
Validate the password againts the state manager.

Overrides:
validatePassword in class UsernamePasswordLoginModule (src)
Parameters:
inputPassword - the password to validate.
expectedPassword - ignored
Returns:
true if the inputPassword is valid, false otherwise.

getRoleSets

protected java.security.acl.Group[] getRoleSets()
                                         throws javax.security.auth.login.LoginException
Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity. Only a Roles Group is returned.

Specified by:
getRoleSets in class AbstractServerLoginModule (src)
Returns:
Group[] containing the sets of roles
Throws:
javax.security.auth.login.LoginException