public abstract class SAML2CommonLoginModule extends UsernamePasswordLoginModule
The password sent to this module should be ServiceProviderSAMLContext.EMPTY_PASSWORD
The username is available from ServiceProviderSAMLContext.getUserName()
and roles is available from
ServiceProviderSAMLContext.getRoles()
. If the roles is null, then plugged in login modules in the stack have to
provide the roles.
Modifier and Type | Field and Description |
---|---|
protected String |
groupName |
callbackHandler, jbossModuleName, log, loginOk, options, principalClassModuleName, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
Constructor and Description |
---|
SAML2CommonLoginModule() |
Modifier and Type | Method and Description |
---|---|
protected Principal |
getIdentity()
Overriden by subclasses to return the Principal that corresponds to
the user primary identity.
|
protected Group[] |
getRoleSets()
Overriden by subclasses to return the Groups that correspond to the
to the role sets assigned to the user.
|
protected String |
getUsersPassword()
Get the expected password for the current username available via
the getUsername() method.
|
void |
initialize(Subject subject,
CallbackHandler callbackHandler,
Map<String,?> sharedState,
Map<String,?> options)
Override the superclass method to look for the following options after
first invoking the super version.
|
createPasswordHash, getCredentials, getUnauthenticatedIdentity, getUsername, getUsernameAndPassword, getValidateError, login, safeClose, setValidateError, validatePassword
abort, addValidOptions, checkOptions, commit, createGroup, createIdentity, getCallerPrincipalGroup, getUseFirstPass, logout
protected String groupName
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
UsernamePasswordLoginModule
initialize
in interface LoginModule
initialize
in class UsernamePasswordLoginModule
subject
- the Subject to update after a successful login.callbackHandler
- the CallbackHandler that will be used to obtain the
the user identity and credentials.sharedState
- a Map shared between all configured login module instancesoptions
- :
option: hashAlgorithm - the message digest algorithm used to hash passwords.
If null then plain passwords will be used.
option: hashCharset - the name of the charset/encoding to use when converting
the password String to a byte array. Default is the platform's default
encoding.
option: hashEncoding - the string encoding format to use. Defaults to base64.
option: ignorePasswordCase: A flag indicating if the password comparison
should ignore case.
option: digestCallback - The class name of the DigestCallback DigestCallback
implementation that includes pre/post digest content like salts for hashing
the input password. Only used if hashAlgorithm has been specified.
option: hashStorePassword - A flag indicating if the store password returned
from #getUsersPassword() should be hashed .
option: hashUserPassword - A flag indicating if the user entered password should be hashed.
option: storeDigestCallback - The class name of the DigestCallback DigestCallback
implementation that includes pre/post digest content like salts for hashing
the store/expected password. Only used if hashStorePassword or hashUserPassword is true and
hashAlgorithm has been specified.protected Principal getIdentity()
AbstractServerLoginModule
getIdentity
in class UsernamePasswordLoginModule
protected Group[] getRoleSets() throws LoginException
AbstractServerLoginModule
getRoleSets
in class AbstractServerLoginModule
LoginException
protected String getUsersPassword() throws LoginException
UsernamePasswordLoginModule
getUsersPassword
in class UsernamePasswordLoginModule
LoginException
Copyright © 2016 JBoss by Red Hat. All rights reserved.