org.jboss.security.auth.spi

Class CertRolesLoginModule

java.lang.Object

org.jboss.security.auth.spi.AbstractServerLoginModule

org.jboss.security.auth.spi.BaseCertLoginModule

org.jboss.security.auth.spi.CertRolesLoginModule

All Implemented Interfaces:

LoginModule

public class CertRolesLoginModule
extends BaseCertLoginModule

Certificate Login Module that uses a properties file to store role information. This works just like the UsersRolesLoginModule, only without the users.properties file. In fact, all the role handling code was borrowed directly from that class.

Version:

$Revision$

Author:

Jason Essington, Scott.Stark@jboss.org

See Also:

BaseCertLoginModule

Field Summary

Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule

callbackHandler, jbossModuleName, log, loginOk, options, principalClassModuleName, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass

Constructor Summary

Constructors

Constructor and Description
CertRolesLoginModule()

Method Summary

Modifier and Type	Method and Description
protected Group[]	getRoleSets() This method is pretty much straight from the UsersRolesLoginModule.
void	initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options) Initialize this LoginModule.
boolean	login() Perform the authentication of the username and password.

Methods inherited from class org.jboss.security.auth.spi.BaseCertLoginModule

commit, getAliasAndCert, getCredentials, getIdentity, getUsername, validateCredential

Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule

abort, addValidOptions, checkOptions, createGroup, createIdentity, getCallerPrincipalGroup, getUnauthenticatedIdentity, getUseFirstPass, logout

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CertRolesLoginModule

public CertRolesLoginModule()

Method Detail

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map<String,?> sharedState,
                       Map<String,?> options)

Initialize this LoginModule.

Specified by:

initialize in interface LoginModule

Overrides:

initialize in class BaseCertLoginModule

Parameters:

options - - the login module option map. Supported options include: rolesProperties: The name of the properties resource containing user/roles the default is "roles.properties". roleGroupSeperator: The character used to seperate the role group name from the username e.g., '.' in jduke.CallerPrincipal=... . The default = '.'. defaultRolesProperties=string: The name of the properties resource containing the username to roles mappings that will be used as the defaults Properties passed to the usersProperties Properties. This defaults to defaultRoles.properties.

subject - the Subject to update after a successful login.

callbackHandler - the CallbackHandler that will be used to obtain the the user identity and credentials.

sharedState - a Map shared between all configured login module instances

See Also:

SecurityDomain, X509CertificateVerifier

login

public boolean login()
              throws LoginException

Description copied from class: BaseCertLoginModule

Perform the authentication of the username and password.

Specified by:

login in interface LoginModule

Overrides:

login in class BaseCertLoginModule

Throws:

LoginException

getRoleSets

protected Group[] getRoleSets()
                       throws LoginException

This method is pretty much straight from the UsersRolesLoginModule.

Overrides:

getRoleSets in class BaseCertLoginModule

Returns:

Group[] containing the sets of roles

Throws:

LoginException

See Also:

UsersRolesLoginModule.getRoleSets()