An example of how one could encrypt the database password for a jca
connection factory. The corresponding
This uses a hard-coded cipher algo of Blowfish, and key derived from the
phrase 'jaas is the way'. Adjust to your requirements.
$Revision: 71545 $
Scott.Stark@jboss.org, Noel Rocher 29, june 2004 username & userName issue
Initialize the login module. This stores the subject, callbackHandler
and sharedState and options for the login session. Subclasses should override
if they need to process their own options. A call to super.initialize(...)
must be made in the case of an override.
Looks for javax.security.auth.login.name and javax.security.auth.login.password
values in the sharedState map if the useFirstPass option was true and returns
true if they exist. If they do not or are null this method returns false.
Note that subclasses that override the login method must set the loginOk
ivar to true if the login succeeds in order for the commit phase to
populate the Subject. This implementation sets loginOk to true if the
login() method returns true, otherwise, it sets loginOk to false.
Method to commit the authentication process (phase 2). If the login
method completed successfully as indicated by loginOk == true, this
method adds the getIdentity() value to the subject getPrincipals() Set.
It also adds the members of each Group returned by getRoleSets()
to the subject getPrincipals() Set.
Overriden by subclasses to return the Groups that correspond to the
to the role sets assigned to the user. Subclasses should create at
least a Group named "Roles" that contains the roles assigned to the user.
A second common group is "CallerPrincipal" that provides the application
identity of the user rather than the security domain identity.