|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.ibm.security.auth.module.NTActiveLoginModule2000
public class NTActiveLoginModule2000
This LoginModule
interacts with the
NT security subsystem to login as a local user, then
renders a user's NT security information as some number of
Principal
s
and associates them with a Subject
.
One use of this capability might be to log in as a
particular NT user, then perform a
ThreadSubject.doAs((LoginContext)lc.getSubject(), PrivilegedAction there)
.
This would run the PrivilegedAction as that user, from the perspective of both
Java and NT.
This LoginModule
may actually be used in either of
two ways. If no CallbackHandlers were specified on the creation of the
LoginContext
that is constructing this LoginModule
then this just queries the underlying OS for the current identity.
If, however, CallbackHandlers were specified, then this LoginModule
drives a NameCallback
and a PasswordCallback
to get
enough information to perform an OS-level login.
This LoginModule recognizes the debug option. If set to true in the login Configuration, debug messages will be output to the output stream, System.out.
LoginModule
,
NameCallback
,
PasswordCallback
,
LoginContext
Constructor Summary | |
---|---|
NTActiveLoginModule2000()
|
Method Summary | |
---|---|
boolean |
abort()
This method is called if the LoginContext's overall authentication failed. |
boolean |
commit()
This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded). |
void |
initialize(Subject subject,
CallbackHandler callbackHandler,
java.util.Map<java.lang.String,?> sharedState,
java.util.Map<java.lang.String,?> options)
Initialize this LoginModule . |
boolean |
login()
Authenticate the user by prompting for a username and password. |
boolean |
logout()
Logout the user. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public NTActiveLoginModule2000()
Method Detail |
---|
public void initialize(Subject subject, CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)
LoginModule
.
initialize
in interface LoginModule
subject
- the Subject
to be authenticated. callbackHandler
- a CallbackHandler
for communicating
with the end user (prompting for usernames and
passwords, for example). sharedState
- shared LoginModule
state. options
- options specified in the login
Configuration
for this particular
LoginModule
.public boolean login() throws LoginException
login
in interface LoginModule
LoginModule
should not be ignored.
FailedLoginException
- if the authentication fails.
LoginException
- if this LoginModule
is unable to perform the authentication.public boolean commit() throws LoginException
This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
If this LoginModule's own authentication attempt
succeeded (checked by retrieving the private state saved by the
login
method), then this method associates some
number of various Principal
s
with the Subject
located in the
LoginModuleContext
. If this LoginModule's own
authentication attempted failed, then this method removes
any state that was originally saved.
commit
in interface LoginModule
LoginException
- if the commit fails.public boolean abort() throws LoginException
This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).
If this LoginModule's own authentication attempt
succeeded (checked by retrieving the private state saved by the
login
and commit
methods),
then this method cleans up any state that was originally saved.
abort
in interface LoginModule
LoginException
- if the abort fails.public boolean logout() throws LoginException
This method removes the UsernamePrincipal
,
UserIDPrincipal
, DomainPrincipal
,
DomainIDPrincipal
, GroupIDPrincipal
s,
PrimaryGroupIDPrincipal
and NTNumericCredential
that may have been added by the commit
method.
logout
in interface LoginModule
LoginModule
should not be ignored.
LoginException
- if the logout fails.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |