org.jboss.resource.security
Class CallerIdentityLoginModule

java.lang.Object
  extended byorg.jboss.security.auth.spi.AbstractServerLoginModule (src) 
      extended byorg.jboss.resource.security.AbstractPasswordCredentialLoginModule (src) 
          extended byorg.jboss.resource.security.CallerIdentityLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule

public class CallerIdentityLoginModule
extends AbstractPasswordCredentialLoginModule (src)

A simple login module that simply associates the principal making the connection request with the actual EIS connection requirements. The type of Principal class used is org.jboss.security.SimplePrincipal.

See Also:
ConfiguredIdentityLoginModule (src)

Field Summary
 
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule (src)
callbackHandler, loginOk, options, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
 
Constructor Summary
CallerIdentityLoginModule()
          Default Constructor
 
Method Summary
 boolean commit()
          Method to commit the authentication process (phase 2).
protected  java.security.Principal getIdentity()
          Overriden by subclasses to return the Principal that corresponds to the user primary identity.
protected  java.security.acl.Group[] getRoleSets()
          Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user.
 void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler handler, java.util.Map sharedState, java.util.Map options)
          The initialize method sets up some default connection information for basic connections.
 boolean login()
          Performs the login association between the caller and the resource for a 1 to 1 mapping.
 
Methods inherited from class org.jboss.resource.security.AbstractPasswordCredentialLoginModule (src)
getMcf, getServer, logout, removeCredentials
 
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule (src)
abort, createGroup, createIdentity, getUnauthenticatedIdentity, getUseFirstPass
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CallerIdentityLoginModule

public CallerIdentityLoginModule()
Default Constructor

Method Detail

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler handler,
                       java.util.Map sharedState,
                       java.util.Map options)
The initialize method sets up some default connection information for basic connections. This is useful for container initialization connection use or running the application in a non-secure manner. This method is called before the login method.

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Overrides:
initialize in class AbstractPasswordCredentialLoginModule (src)
Parameters:
subject -
handler -
sharedState -
options -

login

public boolean login()
              throws javax.security.auth.login.LoginException
Performs the login association between the caller and the resource for a 1 to 1 mapping. This acts as a login propagation strategy and is useful for single-sign on requirements

Specified by:
login in interface javax.security.auth.spi.LoginModule
Overrides:
login in class AbstractPasswordCredentialLoginModule (src)
Returns:
True if authentication succeeds
Throws:
javax.security.auth.login.LoginException

commit

public boolean commit()
               throws javax.security.auth.login.LoginException
Description copied from class: AbstractServerLoginModule (src)
Method to commit the authentication process (phase 2). If the login method completed successfully as indicated by loginOk == true, this method adds the getIdentity() value to the subject getPrincipals() Set. It also adds the members of each Group returned by getRoleSets() to the subject getPrincipals() Set.

Specified by:
commit in interface javax.security.auth.spi.LoginModule
Overrides:
commit in class AbstractServerLoginModule (src)
Returns:
true always.
Throws:
javax.security.auth.login.LoginException
See Also:
javax.security.auth.Subject;, java.security.acl.Group;

getIdentity

protected java.security.Principal getIdentity()
Description copied from class: AbstractServerLoginModule (src)
Overriden by subclasses to return the Principal that corresponds to the user primary identity.

Specified by:
getIdentity in class AbstractServerLoginModule (src)

getRoleSets

protected java.security.acl.Group[] getRoleSets()
                                         throws javax.security.auth.login.LoginException
Description copied from class: AbstractServerLoginModule (src)
Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity.

Specified by:
getRoleSets in class AbstractServerLoginModule (src)
Returns:
Group[] containing the sets of roles
Throws:
javax.security.auth.login.LoginException