CertificateLoginModule (RedHat JBoss A-MQ distribution of ActiveMQ 5.8.0.redhat-60024 API)

java.lang.Object
- org.apache.activemq.jaas.CertificateLoginModule

All Implemented Interfaces:

javax.security.auth.spi.LoginModule

Direct Known Subclasses:

TextFileCertificateLoginModule
```
public abstract class CertificateLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule
```
A LoginModule that allows for authentication based on SSL certificates. Allows for subclasses to define methods used to verify user certificates and find user groups. Uses CertificateCallbacks to retrieve certificates.

Author:

sepandm@gmail.com (Sepand)

Constructor Summary

Constructors
Constructor and Description

CertificateLoginModule()

Constructors
Constructor and Description
`CertificateLoginModule()`

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`abort()` Standard JAAS override.
`boolean`	`commit()` Overriding to complete login process.
`protected java.lang.String`	`getDistinguishedName(java.security.cert.X509Certificate[] certs)`
`protected abstract java.util.Set<java.lang.String>`	`getUserGroups(java.lang.String username)` Should return a set of the groups this user belongs to.
`protected abstract java.lang.String`	`getUserNameForCertificates(java.security.cert.X509Certificate[] certs)` Should return a unique name corresponding to the certificates given.
`void`	`initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)` Overriding to allow for proper initialization.
`boolean`	`login()` Overriding to allow for certificate-based login.
`boolean`	`logout()` Standard JAAS override.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CertificateLoginModule
```
public CertificateLoginModule()
```
- Method Detail
  - initialize
```
public void initialize(javax.security.auth.Subject subject,
              javax.security.auth.callback.CallbackHandler callbackHandler,
              java.util.Map sharedState,
              java.util.Map options)
```
    Overriding to allow for proper initialization. Standard JAAS.
    
    Specified by:
    
    initialize in interface javax.security.auth.spi.LoginModule
  - login
```
public boolean login()
              throws javax.security.auth.login.LoginException
```
    Overriding to allow for certificate-based login. Standard JAAS.
    
    Specified by:
    
    login in interface javax.security.auth.spi.LoginModule
    
    Throws:
    
    javax.security.auth.login.LoginException
  - commit
```
public boolean commit()
               throws javax.security.auth.login.LoginException
```
    Overriding to complete login process. Standard JAAS.
    
    Specified by:
    
    commit in interface javax.security.auth.spi.LoginModule
    
    Throws:
    
    javax.security.auth.login.LoginException
  - abort
```
public boolean abort()
              throws javax.security.auth.login.LoginException
```
    Standard JAAS override.
    
    Specified by:
    
    abort in interface javax.security.auth.spi.LoginModule
    
    Throws:
    
    javax.security.auth.login.LoginException
  - logout
```
public boolean logout()
```
    Standard JAAS override.
    
    Specified by:
    
    logout in interface javax.security.auth.spi.LoginModule
  - getUserNameForCertificates
```
protected abstract java.lang.String getUserNameForCertificates(java.security.cert.X509Certificate[] certs)
                                                        throws javax.security.auth.login.LoginException
```
    Should return a unique name corresponding to the certificates given. The name returned will be used to look up access levels as well as group associations.
    
    Parameters:
    certs - The distinguished name.
    
    Returns:
    The unique name if the certificate is recognized, null otherwise.
    
    Throws:
    
    javax.security.auth.login.LoginException
  - getUserGroups
```
protected abstract java.util.Set<java.lang.String> getUserGroups(java.lang.String username)
                                                          throws javax.security.auth.login.LoginException
```
    Should return a set of the groups this user belongs to. The groups returned will be added to the user's credentials.
    
    Parameters:
    username - The username of the client. This is the same name that getUserNameForDn returned for the user's DN.
    
    Returns:
    A Set of the names of the groups this user belongs to.
    
    Throws:
    
    javax.security.auth.login.LoginException
  - getDistinguishedName
```
protected java.lang.String getDistinguishedName(java.security.cert.X509Certificate[] certs)
```

Class CertificateLoginModule

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CertificateLoginModule

Method Detail

initialize

login

commit

abort

logout

getUserNameForCertificates

getUserGroups

getDistinguishedName