org.jboss.security.auth.spi.otp

Class JBossTimeBasedOTPLoginModule

java.lang.Object

org.jboss.security.auth.spi.otp.JBossTimeBasedOTPLoginModule

All Implemented Interfaces:

LoginModule

public class JBossTimeBasedOTPLoginModule
extends Object
implements LoginModule

Login Module that can be configured to validate a Time based OTP.

Usage: This login module needs to be configured along with one of the other JBoss login modules such as org.jboss.security.auth.spi.DatabaseServerLoginModule or org.jboss.security.auth.spi.LdapLoginModule

Example configuration:

 
 <application-policy name="otp">
    <authentication>
      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
        flag="required">
        <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
        <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
      </login-module>
      <login-module code="org.jboss.security.auth.spi.otp.JBossTimeBasedOTPLoginModule" />
    </authentication>
  </application-policy>
 
 

Configurable Options:

• algorithm: either "HmacSHA1", "HmacSHA256" or "HmacSHA512" [Default: "HmacSHA1"]
• numOfDigits: Number of digits in the TOTP. Default is 6.
• additionalRoles: any additional roles that you want to add into the authenticated subject (on success). For multiple roles, separate with a comma

This login module requires the presence of "otp-users.properties" on the class path with the format: username=key

An example of otp-users.properties is:

    admin=35cae61d6d51a7b3af
   

Since:

Sep 21, 2010

Author:

Anil.Saldhana@redhat.com

Field Summary

Fields

Modifier and Type	Field and Description
static String	TOTP

Constructor Summary

Constructors

Constructor and Description
JBossTimeBasedOTPLoginModule()

Method Summary

Modifier and Type	Method and Description
boolean	abort()
boolean	commit()
void	initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
boolean	login()
boolean	logout()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

TOTP

public static final String TOTP

See Also:

Constant Field Values

Constructor Detail

JBossTimeBasedOTPLoginModule

public JBossTimeBasedOTPLoginModule()

Method Detail

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map<String,?> sharedState,
                       Map<String,?> options)

Specified by:

initialize in interface LoginModule

login

public boolean login()
              throws LoginException

Specified by:

login in interface LoginModule

Throws:

LoginException

See Also:

LoginModule#login()}

commit

public boolean commit()
               throws LoginException

Specified by:

commit in interface LoginModule

Throws:

LoginException

See Also:

LoginModule#commit()}

abort

public boolean abort()
              throws LoginException

Specified by:

abort in interface LoginModule

Throws:

LoginException

See Also:

LoginModule#abort()}

logout

public boolean logout()
               throws LoginException

Specified by:

logout in interface LoginModule

Throws:

LoginException

See Also:

LoginModule#logout()}