org.apache.catalina.realm
Class JAASMemoryLoginModule

java.lang.Object
  org.apache.catalina.util.LifecycleBase
      org.apache.catalina.util.LifecycleMBeanBase
          org.apache.catalina.realm.RealmBase
              org.apache.catalina.realm.MemoryRealm
                  org.apache.catalina.realm.JAASMemoryLoginModule

All Implemented Interfaces:

MBeanRegistration, LoginModule, Lifecycle, Realm

public class JAASMemoryLoginModule
extends MemoryRealm
implements LoginModule

Implementation of the JAAS LoginModule interface, primarily for use in testing JAASRealm. It utilizes an XML-format data file of username/password/role information identical to that supported by org.apache.catalina.realm.MemoryRealm (except that digested passwords are not supported).

This class recognizes the following string-valued options, which are specified in the configuration file (and passed to our constructor in the options argument:

• debug - Set to "true" to get debugging messages generated to System.out. The default value is false.
• pathname - Relative (to the pathname specified by the "catalina.base" system property) or absolute pathname to the XML file containing our user information, in the format supported by MemoryRealm. The default value matches the MemoryRealm default.

IMPLEMENTATION NOTE - This class implements Realm only to satisfy the calling requirements of the GenericPrincipal constructor. It does not actually perform the functionality required of a Realm implementation.

Version:

$Id: JAASMemoryLoginModule.java 1189224 2011-10-26 14:02:40Z kkolinko $

Author:

Craig R. McClanahan

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBase

RealmBase.AllRolesMode

Field Summary

protected CallbackHandler	callbackHandler The callback handler responsible for answering our requests.
protected boolean	committed Has our own commit() returned successfully?
protected Map<String,?>	options The configuration information for this LoginModule.
protected String	pathname The absolute or relative pathname to the XML configuration file.
protected Principal	principal The Principal identified by our validation, or null if validation failed.
protected Map<String,?>	sharedState The state information that is shared with other configured LoginModule instances.
protected Subject	subject The subject for which we are performing authentication.

Fields inherited from class org.apache.catalina.realm.MemoryRealm

info, name

Fields inherited from class org.apache.catalina.realm.RealmBase

allRolesMode, container, containerLog, digest, digestEncoding, md, md5Encoder, md5Helper, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassName

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase

mserver

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

JAASMemoryLoginModule()

Method Summary

boolean	abort() Phase 2 of authenticating a Subject when Phase 1 fails.
boolean	commit() Phase 2 of authenticating a Subject when Phase 1 was successful.
void	initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options) Initialize this LoginModule with the specified configuration information.
protected void	load() Load the contents of our configuration file.
boolean	login() Phase 1 of authenticating a Subject.
boolean	logout() Log out this user.

Methods inherited from class org.apache.catalina.realm.MemoryRealm

authenticate, getDigester, getInfo, getName, getPassword, getPathname, getPrincipal, getPrincipals, setPathname, startInternal

Methods inherited from class org.apache.catalina.realm.RealmBase

addPropertyChangeListener, authenticate, authenticate, authenticate, backgroundProcess, digest, Digest, findSecurityConstraints, getAllRolesMode, getContainer, getDigest, getDigest, getDigestCharset, getDigestEncoding, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setContainer, setDigest, setDigestEncoding, setRealmPath, setStripRealmForGss, setValidate, setX509UsernameRetrieverClassName, stopInternal, toString

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase

destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister

Methods inherited from class org.apache.catalina.util.LifecycleBase

addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

callbackHandler

protected CallbackHandler callbackHandler

The callback handler responsible for answering our requests.

committed

protected boolean committed

Has our own commit() returned successfully?

options

protected Map<String,?> options

The configuration information for this LoginModule.

pathname

protected String pathname

The absolute or relative pathname to the XML configuration file.

principal

protected Principal principal

The Principal identified by our validation, or null if validation failed.

sharedState

protected Map<String,?> sharedState

The state information that is shared with other configured LoginModule instances.

subject

protected Subject subject

The subject for which we are performing authentication.

Constructor Detail

JAASMemoryLoginModule

public JAASMemoryLoginModule()

Method Detail

abort

public boolean abort()
              throws LoginException

Phase 2 of authenticating a Subject when Phase 1 fails. This method is called if the LoginContext failed somewhere in the overall authentication chain.

Specified by:

abort in interface LoginModule

Returns:

true if this method succeeded, or false if this LoginModule should be ignored

Throws:

LoginException - if the abort fails

commit

public boolean commit()
               throws LoginException

Phase 2 of authenticating a Subject when Phase 1 was successful. This method is called if the LoginContext succeeded in the overall authentication chain.

Specified by:

commit in interface LoginModule

Returns:

true if the authentication succeeded, or false if this LoginModule should be ignored

Throws:

LoginException - if the commit fails

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map<String,?> sharedState,
                       Map<String,?> options)

Initialize this LoginModule with the specified configuration information.

Specified by:

initialize in interface LoginModule

Parameters:

subject - The Subject to be authenticated

callbackHandler - A CallbackHandler for communicating with the end user as necessary

sharedState - State information shared with other LoginModule instances

options - Configuration information for this specific LoginModule instance

login

public boolean login()
              throws LoginException

Phase 1 of authenticating a Subject.

Specified by:

login in interface LoginModule

Returns:

true if the authentication succeeded, or false if this LoginModule should be ignored

Throws:

LoginException - if the authentication fails

logout

public boolean logout()
               throws LoginException

Log out this user.

Specified by:

logout in interface LoginModule

Returns:

true in all cases because the LoginModule should not be ignored

Throws:

LoginException - if logging out failed

load

protected void load()

Load the contents of our configuration file.