org.n52.security.authentication.loginmodule
Class AbstractPasswordLoginModule

java.lang.Object
  extended by org.n52.security.authentication.loginmodule.AbstractLoginModule
      extended by org.n52.security.authentication.loginmodule.AbstractPasswordLoginModule
All Implemented Interfaces:
java.io.Serializable, javax.security.auth.spi.LoginModule
Direct Known Subclasses:
SingleUserLoginModule

public abstract class AbstractPasswordLoginModule
extends AbstractLoginModule
implements java.io.Serializable

Class AbstractPasswordLoginModule provides a frame implementation for login modules which use username and password credentials to authenticate a user.

This class complete supports the PAM flags try_first_pass, try_mapped_pass, use_first_pass and use_mapped_pass in invokes according to their rules the login(String,char[]) method.

It also supports the moduleBanner and disabled flag.

Sub classes have to implement the methods:
AbstractLoginModule.getDescription()
AbstractLoginModule.initialize()
login(String,char[]) and
AbstractLoginModule.prepareCommitState().

Version:
$Revision: $
Author:
Marko Reiprecht Created on 16.09.2007
See Also:
the LoginModule Developer's Guide for more information about the PAM rules , Serialized Form

Field Summary
 
Fields inherited from class org.n52.security.authentication.loginmodule.AbstractLoginModule
m_callbackHandler, m_commitSucceeded, m_loginSucceeded, m_options, m_principals, m_privateCredentials, m_publicCredentials, m_sharedState, m_subject
 
Constructor Summary
AbstractPasswordLoginModule()
           
 
Method Summary
protected  void clearAuthenticationState()
          This clears the internaly stored username and password.
protected  char[] getPassword()
          Method gets the password.
protected  java.lang.String getUsername()
          Method gets the username.
protected  boolean isEqual(char[] allowedPassword, char[] password, boolean ignorecase)
          Method isEqual tests the both char[] on equality.
protected abstract  boolean login(java.lang.String username, char[] password)
          Method login authenticates a user with a given username and password.
 boolean performLogin()
          Method performs login via username/password after the PAM-Rules.
 
Methods inherited from class org.n52.security.authentication.loginmodule.AbstractLoginModule
abort, addPrincipal, addPrivateCredential, addPublicCredential, clearInternalState, commit, commitState, destroy, getCallbackHandler, getDescription, getOptions, getPrincipals, getPrivateCredentials, getPublicCredentials, getSharedState, getSubject, handleCallbacks, initialize, initialize, isCallbackHandlerSet, isCommitSucceeded, isLoginSucceeded, login, logout, prepareCommitState, setCommitSucceeded, setLoginSucceeded, showModuleBanner
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AbstractPasswordLoginModule

public AbstractPasswordLoginModule()
Method Detail

getPassword

protected char[] getPassword()
Method gets the password.

Returns:
char[].

getUsername

protected java.lang.String getUsername()
Method gets the username.

Returns:
String.

performLogin

public boolean performLogin()
                     throws javax.security.auth.login.LoginException
Method performs login via username/password after the PAM-Rules.

This means that the flags try_first_pass, try_mapped_pass, use_first_pass and use_mapped_pass are recognized. If one of these are true, the login module will check the shared state for already provided credentials and use them for the login.

It also checks for the moduleBanner option and invokes a TextOutputCallback if the flag is true.

Specified by:
performLogin in class AbstractLoginModule
Returns:
boolean.
Throws:
javax.security.auth.login.LoginException - if error occurs.
See Also:
Options.OPTION_TRY_FIRST_PASS, Options.OPTION_TRY_MAPPED_PASS, Options.OPTION_USE_FIRST_PASS, Options.OPTION_USE_MAPPED_PASS

clearAuthenticationState

protected void clearAuthenticationState()
                                 throws javax.security.auth.login.LoginException
This clears the internaly stored username and password.

Specified by:
clearAuthenticationState in class AbstractLoginModule
Throws:
javax.security.auth.login.LoginException - if error occurs.
See Also:
AbstractLoginModule.clearAuthenticationState()

isEqual

protected boolean isEqual(char[] allowedPassword,
                          char[] password,
                          boolean ignorecase)
Method isEqual tests the both char[] on equality.

Parameters:
allowedPassword - the allowedPassword.
password - the password to check.
ignorecase - ignores case during check.
Returns:
only true if both char[] equal.

login

protected abstract boolean login(java.lang.String username,
                                 char[] password)
                          throws javax.security.auth.login.LoginException
Method login authenticates a user with a given username and password.

An implementation class shall not store the given parameters in member variables, they are allready stored in this class and can be retrieved with the getUsername() and getPassword() methods.

Parameters:
username - the username.
password - the password.
Returns:
boolean.
Throws:
javax.security.auth.login.LoginException - if error occurs.


Copyright © 2004-2009 52north.org. All Rights Reserved.