org.n52.security.authentication.loginmodule
Class SingleUserLoginModule

java.lang.Object
  extended by org.n52.security.authentication.loginmodule.AbstractLoginModule
      extended by org.n52.security.authentication.loginmodule.AbstractPasswordLoginModule
          extended by org.n52.security.authentication.loginmodule.SingleUserLoginModule
All Implemented Interfaces:
java.io.Serializable, javax.security.auth.spi.LoginModule

public class SingleUserLoginModule
extends AbstractPasswordLoginModule
implements java.io.Serializable

Class SingleUserLoginModule is a simple login module wich only knows a single user.

This user and his credentials are configured by the options of this login module.

Besides the role principals, creates this login module also a LoginNamePrincipal which holds the login name identiy of the user and his authentication date.

Version:
$Revision: $
Author:
Marko Reiprecht Created on 16.09.2007
See Also:
Serialized Form

Field Summary
protected static java.lang.String OPTION_ALLOWED_PASSWORD
          Field OPTION_ALLOWED_PASSWORD identifies the 'allowedPassword' option.
protected static java.lang.String OPTION_ALLOWED_USERNAME
          Field OPTION_ALLOWED_USERNAME identifies the 'allowedUsername' option.
protected static java.lang.String OPTION_PASSWORD_ENCRYPTION_ALG
          Field OPTION_PASSWORD_ENCRYPTION_ALG identifies the 'pwdEncAlg' option.
protected static java.lang.String OPTION_USERROLES
          Field OPTION_USERROLES identifies the 'userRoles' option.
 
Fields inherited from class org.n52.security.authentication.loginmodule.AbstractLoginModule
m_callbackHandler, m_commitSucceeded, m_loginSucceeded, m_options, m_principals, m_privateCredentials, m_publicCredentials, m_sharedState, m_subject
 
Constructor Summary
SingleUserLoginModule()
           
 
Method Summary
protected  java.lang.String getDescription()
          Gets a short description of this login module.
protected  void initialize()
          This initializes the login module.
protected  boolean login(java.lang.String username, char[] password)
          This checks for the correct username and password, they must be equal to the values of the options allowedUsername and allowedPassword.
protected  void prepareCommitState()
          Prepares a LoginNamePrincipal with out of the username, and some RolePrincipals from the userRoles option, all within the global scope.
 
Methods inherited from class org.n52.security.authentication.loginmodule.AbstractPasswordLoginModule
clearAuthenticationState, getPassword, getUsername, isEqual, performLogin
 
Methods inherited from class org.n52.security.authentication.loginmodule.AbstractLoginModule
abort, addPrincipal, addPrivateCredential, addPublicCredential, clearInternalState, commit, commitState, destroy, getCallbackHandler, getOptions, getPrincipals, getPrivateCredentials, getPublicCredentials, getSharedState, getSubject, handleCallbacks, initialize, isCallbackHandlerSet, isCommitSucceeded, isLoginSucceeded, login, logout, setCommitSucceeded, setLoginSucceeded, showModuleBanner
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

OPTION_ALLOWED_PASSWORD

protected static final java.lang.String OPTION_ALLOWED_PASSWORD
Field OPTION_ALLOWED_PASSWORD identifies the 'allowedPassword' option. A m_value of this option must be a valid password (encrypted or plain)

See Also:
OPTION_PASSWORD_ENCRYPTION_ALG, Constant Field Values

OPTION_PASSWORD_ENCRYPTION_ALG

protected static final java.lang.String OPTION_PASSWORD_ENCRYPTION_ALG
Field OPTION_PASSWORD_ENCRYPTION_ALG identifies the 'pwdEncAlg' option. A m_value of this option must be a valid encryption type. Valid encryption algorithms are:
'plain' - no encryption 'md5' - MD5 Hash 'sha' - SHA Hash

See Also:
Constant Field Values

OPTION_ALLOWED_USERNAME

protected static final java.lang.String OPTION_ALLOWED_USERNAME
Field OPTION_ALLOWED_USERNAME identifies the 'allowedUsername' option. A m_value of this option must be a valid username.

See Also:
Constant Field Values

OPTION_USERROLES

protected static final java.lang.String OPTION_USERROLES
Field OPTION_USERROLES identifies the 'userRoles' option. A m_value of this option must be a pipe separated string of role names.

See Also:
Constant Field Values
Constructor Detail

SingleUserLoginModule

public SingleUserLoginModule()
Method Detail

getDescription

protected java.lang.String getDescription()
Gets a short description of this login module.

Specified by:
getDescription in class AbstractLoginModule
Returns:
String message.
See Also:
AbstractLoginModule.getDescription()

initialize

protected void initialize()
This initializes the login module.

It gets the values for the options allowedUsername and allowedPassword from the login module options and stores them localy.

Specified by:
initialize in class AbstractLoginModule
See Also:
AbstractLoginModule.initialize()

login

protected boolean login(java.lang.String username,
                        char[] password)
                 throws javax.security.auth.login.LoginException
This checks for the correct username and password, they must be equal to the values of the options allowedUsername and allowedPassword.

If the options "try_mapped_pass" or "use_mapped_pass" are set and the allowed password is encrypted, than the method tries to calculate the hash for the given password. Otherwise the password is treaten as string representation of the hash and directly compared. A string representation of one hash byte is a his hexadecimal m_value written with two digits.

Specified by:
login in class AbstractPasswordLoginModule
Parameters:
username - the username.
password - the password.
Returns:
true if login succeeded, otherwise an exception is thrown.
Throws:
javax.security.auth.login.LoginException - if the username or password are incorrect or the login module is wrong configured.
See Also:
AbstractPasswordLoginModule.login(String,char[])

prepareCommitState

protected void prepareCommitState()
                           throws javax.security.auth.login.LoginException
Prepares a LoginNamePrincipal with out of the username, and some RolePrincipals from the userRoles option, all within the global scope.

Specified by:
prepareCommitState in class AbstractLoginModule
Throws:
javax.security.auth.login.LoginException - if an error occurs.
See Also:
AbstractLoginModule.prepareCommitState()


Copyright © 2004-2009 52north.org. All Rights Reserved.