|
||||||||||
PREV CLASS (src) NEXT CLASS (src) | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.jboss.security.srp.jaas.SRPLoginModule
A login module that uses the SRP protocol documented in RFC2945 to authenticate a username & password in a secure fashion without using an encrypted channel. The supported configuration options include:
Constructor Summary | |
SRPLoginModule()
Creates new SRPLoginModule |
Method Summary | |
boolean |
abort()
|
boolean |
commit()
All login modules have completed the login() phase, comit if we succeeded. |
void |
initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler handler,
java.util.Map sharedState,
java.util.Map options)
|
boolean |
login()
This is where the SRP protocol exchange occurs. |
boolean |
logout()
Remove the userPrincipal associated with the subject. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public SRPLoginModule()
Method Detail |
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler handler, java.util.Map sharedState, java.util.Map options)
initialize
in interface javax.security.auth.spi.LoginModule
subject
- - the subject to authenticatehandler
- - the app CallbackHandler used to obtain username & passwordsharedState
- - used to propagate the authenticated principal and
credential hash.options
- - the login module options. These include:
principalClassName: the java.security.Principal class name implimentation to use.
srpServerJndiName: the jndi name of the SRPServerInterface implimentation to use. This
is tried before srpServerRmiUrl.
srpServerRmiUrl: the rmi url for the SRPServerInterface implimentation to use.
externalRandomA: a true/false flag indicating if the random component of
the client public key A should come from the user callback.
hasAuxChallenge: A true/false flag indicating an that a string will be sent to the
server as an additional challenge for the server to validate. If the client session
supports an encryption cipher then a temporary cipher will be created and the challenge
object sent as a SealedObject.
multipleSessions: a true/false flag indicating if a given client may have multiple
SRP login session active simultaneously.public boolean login() throws javax.security.auth.login.LoginException
login
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
- thrown on login failure.public boolean commit() throws javax.security.auth.login.LoginException
commit
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
- thrown on failure to create a Principal.public boolean abort() throws javax.security.auth.login.LoginException
abort
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public boolean logout() throws javax.security.auth.login.LoginException
logout
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
- thrown on exception during remove of the Principal
added during the commit.
|
||||||||||
PREV CLASS (src) NEXT CLASS (src) | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |