Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.portal.identity.sso.josso
Class JOSSOLoginModule

java.lang.Object
  extended by org.josso.tc55.agent.jaas.SSOGatewayLoginModule
      extended by org.jboss.portal.identity.sso.josso.JOSSOLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule
public class JOSSOLoginModule
extends org.josso.tc55.agent.jaas.SSOGatewayLoginModule

SSOGatewayLogin Module for JBoss.

It specialized the SSOGatewayLoginModule by associating an additional group called ("Roles") which contains user roles. The original SSOGatewayLoginModule associates the user and its roles directly as Subject's Principals. This won't work in JBoss since it obtains user roles from a special Group that must be called "Roles". This LoginModule adds this special group, adds the roles as members of it and associates such group to the Subject as built by the SSOGatewayLoginModule.

To configure this JAAS Login Module module, add to the $JBOSS_HOME/server/default/conf/login-config.xml file the following entry : 

<policy>
   <!-- Used by JOSSO Agents for authenticating users against the Gateway -->
   <application-policy name = "josso">
      <authentication>
         <login-module code = "org.josso.jb32.agent.JBossSSOGatewayLoginModule"
            flag = "required">
            <module-option name="debug">true</module-option>
         </login-module>
      </authentication>
   </application-policy>
   ...
 </policy>

Version:
CVS $Id: JBossSSOGatewayLoginModule.java 338 2006-02-09 16:53:07Z sgonzalez $
Author:
Gianluca Brigandi

Field Summary
protected  org.josso.gateway.identity.SSOUser _unauthenticatedIdentity
          the principal to use when user is not authenticated
 
Fields inherited from class org.josso.tc55.agent.jaas.SSOGatewayLoginModule
_ssoRolePrincipals, _ssoUserPrincipal, _succeeded, commitSucceeded
 
Constructor Summary
JOSSOLoginModule()
           
 
Method Summary
 boolean commit()
           
protected  org.josso.gateway.identity.SSOUser createIdentity(java.lang.String username)
           
protected  org.josso.gateway.identity.SSORole[] getRoleSets()
           
 void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
          Initialize this LoginModule .
 boolean login()
          This method supports the unauthenticatedIdentity property used by JBoss.
 
Methods inherited from class org.josso.tc55.agent.jaas.SSOGatewayLoginModule
abort, logout
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

_unauthenticatedIdentity

protected org.josso.gateway.identity.SSOUser _unauthenticatedIdentity
the principal to use when user is not authenticated

Constructor Detail

JOSSOLoginModule

public JOSSOLoginModule()
Method Detail

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map sharedState,
                       java.util.Map options)
Initialize this LoginModule . Save the received Subject to change it when commit() gets invoked.

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Overrides:
initialize in class org.josso.tc55.agent.jaas.SSOGatewayLoginModule
Parameters:
subject - the Subject to be authenticated.
callbackHandler - a CallbackHandler for communicating with the end user (prompting for user names and passwords, for example).
sharedState - shared LoginModule state.
options - options specified in the login Configuration for this particular LoginModule.

login

public boolean login()
              throws javax.security.auth.login.LoginException
This method supports the unauthenticatedIdentity property used by JBoss.

Specified by:
login in interface javax.security.auth.spi.LoginModule
Overrides:
login in class org.josso.tc55.agent.jaas.SSOGatewayLoginModule
Throws:
javax.security.auth.login.LoginException

commit

public boolean commit()
               throws javax.security.auth.login.LoginException
Specified by:
commit in interface javax.security.auth.spi.LoginModule
Overrides:
commit in class org.josso.tc55.agent.jaas.SSOGatewayLoginModule
Throws:
javax.security.auth.login.LoginException

createIdentity

protected org.josso.gateway.identity.SSOUser createIdentity(java.lang.String username)

getRoleSets

protected org.josso.gateway.identity.SSORole[] getRoleSets()
                                                    throws javax.security.auth.login.LoginException
Overrides:
getRoleSets in class org.josso.tc55.agent.jaas.SSOGatewayLoginModule
Throws:
javax.security.auth.login.LoginException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD