|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.tivoli.mts.PDLoginModule
This PDLoginModule
represents the JAAS authentication
mechanism for Policy Director.
A CallbackHandler
is required
to retrieve a Policy Director username and password pair.
The objective of the PDLoginModule
class is to authenticate
a Policy Director user, create a PDPrincipal
based on the
username as well as a PDCredential
containing the user's
Policy Director credentials if authentication is successful.
This LoginModule recognizes the debug option. If set to true in the login Configuration, debug messages will be output to the output stream, System.out.
This LoginModule recognizes the nameOnly option. If set to true in the login Configuration, the login method will not prompt for a password through the Callback mechanism, but will only prompt for a name.
Constructor Summary | |
PDLoginModule()
|
Method Summary | |
boolean |
abort()
Abort the authentication (second phase). |
boolean |
commit()
Commit the authentication (second phase). |
void |
initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler callbackHandler,
java.util.Map sharedState,
java.util.Map options)
Initialize this LoginModule . |
boolean |
login()
Authenticate the user (first phase). |
boolean |
logout()
Logout the user |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public PDLoginModule()
Method Detail |
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
LoginModule
.
initialize
in interface javax.security.auth.spi.LoginModule
subject
- the Subject
to be authenticated. callbackHandler
- a CallbackHandler
for communicating
with the end user (prompting for usernames and
passwords, for example). sharedState
- shared LoginModule
state. options
- options specified in the login
Configuration
for this particular
LoginModule
.public boolean login() throws javax.security.auth.login.AccountExpiredException, javax.security.auth.login.CredentialExpiredException, javax.security.auth.login.FailedLoginException, javax.security.auth.login.LoginException
This method attempts to authenticate the user to Policy Director and retrieve the user's credentials.
login
in interface javax.security.auth.spi.LoginModule
LoginModule
should not be ignored).javax.security.auth.login.AccountExpiredException
- if the account has been disabled.javax.security.auth.login.CredentialExpiredException
- if the password is rejected.javax.security.auth.login.LoginException
- if environmental or setup errors occur when trying to login.javax.security.auth.login.FailedLoginException
- if any other difficulties occur when trying to login.public boolean commit() throws javax.security.auth.login.LoginException
This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
If this LoginModule's own authentication attempt
succeeded (the importing of the Policy Director authentication
information succeeded), then this method associates the Policy Director
Principals with the Subject
currently tied to the
LoginModule
. If this LoginModule's
authentication attempted failed, then this method removes
any state that was originally saved.
commit
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
- if the commit failspublic boolean abort() throws javax.security.auth.login.LoginException
This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).
This method cleans up any state that was originally saved
as part of the authentication attempt from the login
and commit
methods.
abort
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
- if the abort failspublic boolean logout() throws javax.security.auth.login.LoginException
This method removes the Principals associated
with the Subject
.
logout
in interface javax.security.auth.spi.LoginModule
LoginModule
should not be ignored).javax.security.auth.login.LoginException
- if the logout fails
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |