Class AbstractLoginModule

    • Field Detail


        public static final String LOGIN_PASSWORD
        Constant for login password stored in shared state.
        See Also:
        Constant Field Values
      • logger

        protected final Logger logger
        Logger for this class.
      • defaultRole

        protected final List<LdapRole> defaultRole
        Default roles.
      • subject

        protected Subject subject
        Initialized subject.
      • callbackHandler

        protected CallbackHandler callbackHandler
        Initialized callback handler.
      • sharedState

        protected Map sharedState
        Shared state from other login module.
      • useFirstPass

        protected boolean useFirstPass
        Whether credentials from the shared state should be used.
      • tryFirstPass

        protected boolean tryFirstPass
        Whether credentials from the shared state should be used if they are available.
      • storePass

        protected boolean storePass
        Whether credentials should be stored in the shared state map.
      • clearPass

        protected boolean clearPass
        Whether credentials should be removed from the shared state map.
      • setLdapPrincipal

        protected boolean setLdapPrincipal
        Whether ldap principal data should be set.
      • setLdapDnPrincipal

        protected boolean setLdapDnPrincipal
        Whether ldap dn principal data should be set.
      • setLdapCredential

        protected boolean setLdapCredential
        Whether ldap credential data should be set.
      • principalGroupName

        protected String principalGroupName
        Name of group to add all principals to.
      • roleGroupName

        protected String roleGroupName
        Name of group to add all roles to.
      • loginSuccess

        protected boolean loginSuccess
        Whether authentication was successful.
      • commitSuccess

        protected boolean commitSuccess
        Whether commit was successful.
      • principals

        protected Set<Principal> principals
        Principals to add to the subject.
      • credentials

        protected Set<LdapCredential> credentials
        Credentials to add to the subject.
      • roles

        protected Set<Principal> roles
        Roles to add to the subject.
    • Constructor Detail

      • AbstractLoginModule

        public AbstractLoginModule()
    • Method Detail

      • login

        protected abstract boolean login​(NameCallback nameCb,
                                         PasswordCallback passCb)
                                  throws LoginException
        Authenticates a Subject with the supplied callbacks.
        nameCb - callback handler for subject's name
        passCb - callback handler for subject's password
        true if authentication succeeded, false to ignore this module
        LoginException - if the authentication fails
      • clearState

        protected void clearState()
        Removes any stateful principals, credentials, or roles stored by login. Also removes shared state name, dn, and password if clearPass is set.
      • getCredentials

        protected void getCredentials​(NameCallback nameCb,
                                      PasswordCallback passCb,
                                      boolean useCallback)
                               throws LoginException
        Attempts to retrieve credentials for the supplied name and password callbacks. If useFirstPass or tryFirstPass is set, then name and password data is retrieved from shared state. Otherwise, a callback handler is used to get the data. Set useCallback to force a callback handler to be used.
        nameCb - to set name for
        passCb - to set password for
        useCallback - whether to force a callback handler
        LoginException - if the callback handler fails
      • storeCredentials

        protected void storeCredentials​(NameCallback nameCb,
                                        PasswordCallback passCb,
                                        String loginDn)
        Stores the supplied name, password, and entry dn in the stored state map. storePass must be set for this method to have any affect.
        nameCb - to store
        passCb - to store
        loginDn - to store