Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS (src)    NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.resource.security
Class SecureIdentityLoginModule

java.lang.Object
  extended byorg.jboss.security.auth.spi.AbstractServerLoginModule (src) 
      extended byorg.jboss.resource.security.AbstractPasswordCredentialLoginModule (src) 
          extended byorg.jboss.resource.security.SecureIdentityLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule
public class SecureIdentityLoginModule
extends AbstractPasswordCredentialLoginModule (src)

An example of how one could encrypt the database password for a jca connection factory. The corresponding sa -207a6df87216de44 jboss.jca:servce=LocalTxCM,name=DefaultDS This uses a hard-coded cipher algo of Blowfish, and key derived from the phrase 'jaas is the way'. Adjust to your requirements.

Field Summary
 
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule (src)
callbackHandler, loginOk, options, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
 
Constructor Summary
SecureIdentityLoginModule()
           
 
Method Summary
 boolean abort()
          Method to abort the authentication process (phase 2).
 boolean commit()
          Method to commit the authentication process (phase 2).
protected  java.security.Principal getIdentity()
          Overriden by subclasses to return the Principal that corresponds to the user primary identity.
protected  java.security.acl.Group[] getRoleSets()
          Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user.
 void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler handler, java.util.Map sharedState, java.util.Map options)
          Initialize the login module.
 boolean login()
          Return false if there is no mcf, else return super.login().
static void main(java.lang.String[] args)
          Main entry point to encrypt a password using the hard-coded pass phrase
 
Methods inherited from class org.jboss.resource.security.AbstractPasswordCredentialLoginModule (src)
getMcf, getServer, logout, removeCredentials
 
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule (src)
createGroup, createIdentity, getUnauthenticatedIdentity, getUseFirstPass
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecureIdentityLoginModule

public SecureIdentityLoginModule()
Method Detail

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler handler,
                       java.util.Map sharedState,
                       java.util.Map options)
Description copied from class: AbstractServerLoginModule (src)
Initialize the login module. This stores the subject, callbackHandler and sharedState and options for the login session. Subclasses should override if they need to process their own options. A call to super.initialize(...) must be made in the case of an override.

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Overrides:
initialize in class AbstractPasswordCredentialLoginModule (src)

login

public boolean login()
              throws javax.security.auth.login.LoginException
Description copied from class: AbstractPasswordCredentialLoginModule (src)
Return false if there is no mcf, else return super.login(). Override to provide custom authentication.

Specified by:
login in interface javax.security.auth.spi.LoginModule
Overrides:
login in class AbstractPasswordCredentialLoginModule (src)
Returns:
false if there is no mcf, else return super.login().
Throws:
javax.security.auth.login.LoginException - if an error occurs

commit

public boolean commit()
               throws javax.security.auth.login.LoginException
Description copied from class: AbstractServerLoginModule (src)
Method to commit the authentication process (phase 2). If the login method completed successfully as indicated by loginOk == true, this method adds the getIdentity() value to the subject getPrincipals() Set. It also adds the members of each Group returned by getRoleSets() to the subject getPrincipals() Set.

Specified by:
commit in interface javax.security.auth.spi.LoginModule
Overrides:
commit in class AbstractServerLoginModule (src)
Returns:
true always.
Throws:
javax.security.auth.login.LoginException
See Also:
javax.security.auth.Subject;, java.security.acl.Group;

abort

public boolean abort()
Description copied from class: AbstractServerLoginModule (src)
Method to abort the authentication process (phase 2).

Specified by:
abort in interface javax.security.auth.spi.LoginModule
Overrides:
abort in class AbstractServerLoginModule (src)
Returns:
true alaways

getIdentity

protected java.security.Principal getIdentity()
Description copied from class: AbstractServerLoginModule (src)
Overriden by subclasses to return the Principal that corresponds to the user primary identity.

Specified by:
getIdentity in class AbstractServerLoginModule (src)

getRoleSets

protected java.security.acl.Group[] getRoleSets()
                                         throws javax.security.auth.login.LoginException
Description copied from class: AbstractServerLoginModule (src)
Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity.

Specified by:
getRoleSets in class AbstractServerLoginModule (src)
Returns:
Group[] containing the sets of roles
Throws:
javax.security.auth.login.LoginException

main

public static void main(java.lang.String[] args)
                 throws java.lang.Exception
Main entry point to encrypt a password using the hard-coded pass phrase

Parameters:
args - - [0] = the password to encode
Throws:
java.lang.Exception
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS (src)    NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD