org.picketlink.identity.federation.bindings.jboss.auth

Class RegExUserNameLoginModule

java.lang.Object

org.jboss.security.auth.spi.AbstractServerLoginModule

org.jboss.security.auth.spi.UsernamePasswordLoginModule

org.picketlink.identity.federation.bindings.jboss.auth.RegExUserNameLoginModule

All Implemented Interfaces:

LoginModule

public class RegExUserNameLoginModule
extends UsernamePasswordLoginModule

PLINK-359: Login Module that extracts user name from the principal based on a regular expression

Since:

February 10, 2014

Author:

Anil Saldhana

Field Summary

Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule

callbackHandler, jbossModuleName, log, loginOk, options, principalClassModuleName, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass

Constructor Summary

Constructors

Constructor and Description
RegExUserNameLoginModule()

Method Summary

Modifier and Type	Method and Description
protected String	extractUserName(String theName)
protected Group[]	getRoleSets() Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user.
protected String	getUsersPassword() Get the expected password for the current username available via the getUsername() method.
void	initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options) Override the superclass method to look for the following options after first invoking the super version.
boolean	login() Perform the authentication of the username and password.

Methods inherited from class org.jboss.security.auth.spi.UsernamePasswordLoginModule

createPasswordHash, getCredentials, getIdentity, getUnauthenticatedIdentity, getUsername, getUsernameAndPassword, getValidateError, safeClose, setValidateError, validatePassword

Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule

abort, addValidOptions, checkOptions, commit, createGroup, createIdentity, getCallerPrincipalGroup, getUseFirstPass, logout

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RegExUserNameLoginModule

public RegExUserNameLoginModule()

Method Detail

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map<String,?> sharedState,
                       Map<String,?> options)

Description copied from class: UsernamePasswordLoginModule

Override the superclass method to look for the following options after first invoking the super version.

Specified by:

initialize in interface LoginModule

Overrides:

initialize in class UsernamePasswordLoginModule

Parameters:

subject - the Subject to update after a successful login.

callbackHandler - the CallbackHandler that will be used to obtain the the user identity and credentials.

sharedState - a Map shared between all configured login module instances

options - : option: hashAlgorithm - the message digest algorithm used to hash passwords. If null then plain passwords will be used. option: hashCharset - the name of the charset/encoding to use when converting the password String to a byte array. Default is the platform's default encoding. option: hashEncoding - the string encoding format to use. Defaults to base64. option: ignorePasswordCase: A flag indicating if the password comparison should ignore case. option: digestCallback - The class name of the DigestCallback DigestCallback implementation that includes pre/post digest content like salts for hashing the input password. Only used if hashAlgorithm has been specified. option: hashStorePassword - A flag indicating if the store password returned from #getUsersPassword() should be hashed . option: hashUserPassword - A flag indicating if the user entered password should be hashed. option: storeDigestCallback - The class name of the DigestCallback DigestCallback implementation that includes pre/post digest content like salts for hashing the store/expected password. Only used if hashStorePassword or hashUserPassword is true and hashAlgorithm has been specified.

login

public boolean login()
              throws LoginException

Description copied from class: UsernamePasswordLoginModule

Perform the authentication of the username and password.

Specified by:

login in interface LoginModule

Overrides:

login in class UsernamePasswordLoginModule

Throws:

LoginException

getUsersPassword

protected String getUsersPassword()
                           throws LoginException

Description copied from class: UsernamePasswordLoginModule

Get the expected password for the current username available via the getUsername() method. This is called from within the login() method after the CallbackHandler has returned the username and candidate password.

Specified by:

getUsersPassword in class UsernamePasswordLoginModule

Returns:

the valid password String

Throws:

LoginException

getRoleSets

protected Group[] getRoleSets()
                       throws LoginException

Description copied from class: AbstractServerLoginModule

Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity.

Specified by:

getRoleSets in class AbstractServerLoginModule

Returns:

Group[] containing the sets of roles

Throws:

LoginException

extractUserName

protected String extractUserName(String theName)