Package org.apache.catalina.realm

Class JAASMemoryLoginModule

  • All Implemented Interfaces:
    javax.management.MBeanRegistration, javax.security.auth.spi.LoginModule, Contained, JmxEnabled, Lifecycle, Realm
    public class JAASMemoryLoginModule
extends MemoryRealm
implements javax.security.auth.spi.LoginModule

    Implementation of the JAAS LoginModule interface, primarily for use in testing JAASRealm. It utilizes an XML-format data file of username/password/role information identical to that supported by org.apache.catalina.realm.MemoryRealm.

    This class recognizes the following string-valued options, which are specified in the configuration file and passed to initialize(Subject, CallbackHandler, Map, Map) in the options argument:

    • pathname - Relative (to the pathname specified by the "catalina.base" system property) or absolute pathname to the XML file containing our user information, in the format supported by MemoryRealm. The default value matches the MemoryRealm default.
    • credentialHandlerClassName - The fully qualified class name of the CredentialHandler to use. If not specified, MessageDigestCredentialHandler will be used.
    • Any additional options will be used to identify and call setters on the CredentialHandler. For example, algorithm=SHA256 would result in a call to MessageDigestCredentialHandler.setAlgorithm(String) with a parameter of "SHA256"

    IMPLEMENTATION NOTE - This class implements Realm only to satisfy the calling requirements of the GenericPrincipal constructor. It does not actually perform the functionality required of a Realm implementation.

    Author:
    Craig R. McClanahan

    • Field Detail

      • callbackHandler

        protected javax.security.auth.callback.CallbackHandler callbackHandler
        The callback handler responsible for answering our requests.

      • committed

        protected boolean committed
        Has our own commit() returned successfully?

      • options

        protected java.util.Map<java.lang.String,​?> options
        The configuration information for this LoginModule.

      • pathname

        protected java.lang.String pathname
        The absolute or relative pathname to the XML configuration file.

      • principal

        protected java.security.Principal principal
        The Principal identified by our validation, or null if validation failed.

      • sharedState

        protected java.util.Map<java.lang.String,​?> sharedState
        The state information that is shared with other configured LoginModule instances.

      • subject

        protected javax.security.auth.Subject subject
        The subject for which we are performing authentication.

    • Constructor Detail

      • JAASMemoryLoginModule

        public JAASMemoryLoginModule()

    • Method Detail

      • abort

        public boolean abort()
              throws javax.security.auth.login.LoginException
        Phase 2 of authenticating a Subject when Phase 1 fails. This method is called if the LoginContext failed somewhere in the overall authentication chain.
        Specified by:
        abort in interface javax.security.auth.spi.LoginModule
        Returns:
        true if this method succeeded, or false if this LoginModule should be ignored
        Throws:
        javax.security.auth.login.LoginException - if the abort fails

      • commit

        public boolean commit()
               throws javax.security.auth.login.LoginException
        Phase 2 of authenticating a Subject when Phase 1 was successful. This method is called if the LoginContext succeeded in the overall authentication chain.
        Specified by:
        commit in interface javax.security.auth.spi.LoginModule
        Returns:
        true if the authentication succeeded, or false if this LoginModule should be ignored
        Throws:
        javax.security.auth.login.LoginException - if the commit fails

      • initialize

        public void initialize​(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map<java.lang.String,​?> sharedState,
                       java.util.Map<java.lang.String,​?> options)
        Initialize this LoginModule with the specified configuration information.
        Specified by:
        initialize in interface javax.security.auth.spi.LoginModule
        Parameters:
        subject - The Subject to be authenticated
        callbackHandler - A CallbackHandler for communicating with the end user as necessary
        sharedState - State information shared with other LoginModule instances
        options - Configuration information for this specific LoginModule instance

      • login

        public boolean login()
              throws javax.security.auth.login.LoginException
        Phase 1 of authenticating a Subject.
        Specified by:
        login in interface javax.security.auth.spi.LoginModule
        Returns:
        true if the authentication succeeded, or false if this LoginModule should be ignored
        Throws:
        javax.security.auth.login.LoginException - if the authentication fails

      • logout

        public boolean logout()
               throws javax.security.auth.login.LoginException
        Log out this user.
        Specified by:
        logout in interface javax.security.auth.spi.LoginModule
        Returns:
        true in all cases because the LoginModule should not be ignored
        Throws:
        javax.security.auth.login.LoginException - if logging out failed

      • load

        protected void load()
        Load the contents of our configuration file.