Package org.apache.jackrabbit.oak.spi.security.authentication

Class GuestLoginModule

  • All Implemented Interfaces:
    javax.security.auth.spi.LoginModule
    public final class GuestLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule
    The GuestLoginModule is intended to provide backwards compatibility with the login handling present in the JCR reference implementation located in jackrabbit-core. While the specification claims that Repository.login(javax.jcr.Credentials, java.lang.String) with null Credentials implies that the authentication process is handled externally, the default implementation jackrabbit-core treated it as 'anonymous' login such as covered by using GuestCredentials.

    This LoginModule implementation performs the following tasks upon login().

    1. Try to retrieve JCR credentials from the CallbackHandler using the CredentialsCallback
    2. In case no credentials could be obtained it pushes a new instance of GuestCredentials to the shared stated. Subsequent login modules in the authentication process may retrieve the GuestCredentials instead of failing to obtain any credentials.
    If this login module pushed GuestLoginModule to the shared state in phase 1 it will add those credentials and the EveryonePrincipal to the subject in phase 2 of the login process. Subsequent login modules my choose to provide additional principals/credentials associated with a guest login.

    The authentication configuration using this LoginModule could for example look as follows: 

    
    jackrabbit.oak {
            org.apache.jackrabbit.oak.spi.security.authentication.GuestLoginModule  optional;
            org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl required;
    };
    In this case calling Repository.login() would be equivalent to repository.login(new GuestCredentials().

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean abort()  
      boolean commit()  
      void initialize​(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,​?> sharedState, java.util.Map<java.lang.String,​?> options)  
      boolean login()  
      boolean logout()  

      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • GuestLoginModule

        public GuestLoginModule()

    • Method Detail

      • initialize

        public void initialize​(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map<java.lang.String,​?> sharedState,
                       java.util.Map<java.lang.String,​?> options)
        Specified by:
        initialize in interface javax.security.auth.spi.LoginModule

      • login

        public boolean login()
        Specified by:
        login in interface javax.security.auth.spi.LoginModule

      • commit

        public boolean commit()
        Specified by:
        commit in interface javax.security.auth.spi.LoginModule

      • abort

        public boolean abort()
        Specified by:
        abort in interface javax.security.auth.spi.LoginModule

      • logout

        public boolean logout()
        Specified by:
        logout in interface javax.security.auth.spi.LoginModule