@ProviderType public abstract class AbstractLoginModule extends java.lang.Object implements javax.security.auth.spi.LoginModule
LoginModuleinterface that can act as base class for login modules that aim to authenticate subjects against information stored in the content repository.
Initialize: Initialization of this abstract module sets the following protected instance fields:
Logout: If the authenticated subject is not empty this logout implementation attempts to clear both principals and public credentials and returns
Abort: Clears the state of this login module by setting all private instance variables created in phase 1 or 2 to
null. Subclasses are in charge of releasing their own state information by either overriding
clearState(): Clears all private state information that has be created during login. This method in called in
abort()and subclasses are expected to override this method.
getSupportedCredentials(): Abstract method used by
getCredentials()that reveals which credential implementations are supported by the
getCredentials(): Tries to retrieve valid (supported) Credentials in the following order:
getSharedCredentials(): This method returns credentials passed to the login module with the share state. The key to share credentials with a another module extending from this base class is
SHARED_KEY_CREDENTIALS. Note, that this method does not verify if the credentials provided by the shared state are
getSharedLoginName(): If the shared state contains an entry for
SHARED_KEY_LOGIN_NAMEthis method returns the value as login name.
getSecurityProvider(): Returns the configured security provider or
getRoot(): Provides access to the latest state of the repository in order to retrieve user or principal information required to authenticate the subject as well as to write back information during
getUserManager(): Returns an instance of the configured
getPrincipalProvider(): Returns an instance of the configured principal provider or
getPrincipals(String): Utility that returns all principals associated with a given user id. This method might be be called after successful authentication in order to be able to populate the subject during
LoginModule.commit(). The implementation is a shortcut for calling
getPrincipals(String userIdon the provider exposed by
|Modifier and Type||Field and Description|
Key of the sharedState entry referring to public attributes that are shared between multiple login modules.
Key of the sharedState entry referring to validated Credentials that is shared between multiple login modules.
Key of the sharedState entry referring to a valid login ID that is shared between multiple login modules.
Key of the sharedState entry referring to pre authenticated login information that is shared between multiple login modules.
|Constructor and Description|
|Modifier and Type||Method and Description|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
public static final java.lang.String SHARED_KEY_CREDENTIALS
public static final java.lang.String SHARED_KEY_LOGIN_NAME
public static final java.lang.String SHARED_KEY_ATTRIBUTES
public static final java.lang.String SHARED_KEY_PRE_AUTH_LOGIN
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)
public boolean logout() throws javax.security.auth.login.LoginException
LoginModule.logout(), which removes all principals and all public credentials of type
AuthInfofrom the subject. It will return
false, if either principal set or credentials set is empty. Note, that this implementation is not able to only remove those principals/credentials that have been added by
thisvery login module instance. Therefore subclasses should overwrite this method to provide a fully compliant solution of
logout(). They may however take advantage of
logout(Set, Set)in order to simplify the implementation of a logout that is compatible with the
LoginModule.logout()contract incorporating the additional recommendations highlighted at JAAS LoginModule Dev Guide
trueif neither principals nor public credentials of type
AuthInfostored in the
javax.security.auth.login.LoginException- if the subject is readonly and destroying
Destroyablecredentials fails with
public boolean abort() throws javax.security.auth.login.LoginException
Copyright © 2010 - 2020 Adobe. All Rights Reserved