Package org.apache.catalina.realm
Class JAASMemoryLoginModule
- java.lang.Object
- 
- org.apache.catalina.util.LifecycleBase
- 
- org.apache.catalina.util.LifecycleMBeanBase
- 
- org.apache.catalina.realm.RealmBase
- 
- org.apache.catalina.realm.MemoryRealm
- 
- org.apache.catalina.realm.JAASMemoryLoginModule
 
 
 
 
 
- 
- All Implemented Interfaces:
- javax.management.MBeanRegistration,- javax.security.auth.spi.LoginModule,- Contained,- JmxEnabled,- Lifecycle,- Realm
 
 public class JAASMemoryLoginModule extends MemoryRealm implements javax.security.auth.spi.LoginModule Implementation of the JAAS LoginModule interface, primarily for use in testing JAASRealm. It utilizes an XML-format data file of username/password/role information identical to that supported byorg.apache.catalina.realm.MemoryRealm.This class recognizes the following string-valued options, which are specified in the configuration file and passed to initialize(Subject, CallbackHandler, Map, Map)in theoptionsargument:- pathname - Relative (to the pathname specified by the
     "catalina.base" system property) or absolute pathname to the
     XML file containing our user information, in the format supported by
     MemoryRealm. The default value matches the MemoryRealm default.
- credentialHandlerClassName - The fully qualified class
     name of the CredentialHandler to use. If not specified, MessageDigestCredentialHandlerwill be used.
- Any additional options will be used to identify and call setters on the
     CredentialHandler. For example,algorithm=SHA256would result in a call toMessageDigestCredentialHandler.setAlgorithm(String)with a parameter of"SHA256"
 IMPLEMENTATION NOTE - This class implements Realmonly to satisfy the calling requirements of theGenericPrincipalconstructor. It does not actually perform the functionality required of aRealmimplementation.- Author:
- Craig R. McClanahan
 
- 
- 
Nested Class Summary- 
Nested classes/interfaces inherited from class org.apache.catalina.realm.RealmBaseRealmBase.AllRolesMode
 - 
Nested classes/interfaces inherited from interface org.apache.catalina.LifecycleLifecycle.SingleUse
 
- 
 - 
Field SummaryFields Modifier and Type Field Description protected javax.security.auth.callback.CallbackHandlercallbackHandlerThe callback handler responsible for answering our requests.protected booleancommittedHas our owncommit()returned successfully?protected java.util.Map<java.lang.String,?>optionsThe configuration information for thisLoginModule.protected java.lang.StringpathnameThe absolute or relative pathname to the XML configuration file.protected java.security.PrincipalprincipalThePrincipalidentified by our validation, ornullif validation failed.protected java.util.Map<java.lang.String,?>sharedStateThe state information that is shared with other configuredLoginModuleinstances.protected javax.security.auth.SubjectsubjectThe subject for which we are performing authentication.- 
Fields inherited from class org.apache.catalina.realm.RealmBaseallRolesMode, container, containerLog, realmPath, sm, stripRealmForGss, support, validate, x509UsernameRetriever, x509UsernameRetrieverClassName
 - 
Fields inherited from interface org.apache.catalina.LifecycleAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
 
- 
 - 
Constructor SummaryConstructors Constructor Description JAASMemoryLoginModule()
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanabort()Phase 2 of authenticating aSubjectwhen Phase 1 fails.booleancommit()Phase 2 of authenticating aSubjectwhen Phase 1 was successful.voidinitialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)Initialize thisLoginModulewith the specified configuration information.protected voidload()Load the contents of our configuration file.booleanlogin()Phase 1 of authenticating aSubject.booleanlogout()Log out this user.- 
Methods inherited from class org.apache.catalina.realm.MemoryRealmauthenticate, getDigester, getPassword, getPathname, getPrincipal, setPathname, startInternal
 - 
Methods inherited from class org.apache.catalina.realm.RealmBaseaddPropertyChangeListener, authenticate, authenticate, authenticate, authenticate, authenticate, backgroundProcess, findSecurityConstraints, getAllRolesMode, getContainer, getCredentialHandler, getDigest, getDomainInternal, getObjectNameKeyProperties, getPrincipal, getPrincipal, getRealmPath, getRealmSuffix, getServer, getTransportGuaranteeRedirectStatus, getValidate, getX509UsernameRetrieverClassName, hasMessageDigest, hasResourcePermission, hasRole, hasRoleInternal, hasUserDataPermission, initInternal, isStripRealmForGss, main, removePropertyChangeListener, setAllRolesMode, setContainer, setCredentialHandler, setRealmPath, setStripRealmForGss, setTransportGuaranteeRedirectStatus, setValidate, setX509UsernameRetrieverClassName, stopInternal, toString
 - 
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBasedestroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
 - 
Methods inherited from class org.apache.catalina.util.LifecycleBaseaddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
 - 
Methods inherited from class java.lang.Objectclone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 - 
Methods inherited from interface org.apache.catalina.RealmisAvailable
 
- 
 
- 
- 
- 
Field Detail- 
callbackHandlerprotected javax.security.auth.callback.CallbackHandler callbackHandler The callback handler responsible for answering our requests.
 - 
committedprotected boolean committed Has our owncommit()returned successfully?
 - 
optionsprotected java.util.Map<java.lang.String,?> options The configuration information for thisLoginModule.
 - 
pathnameprotected java.lang.String pathname The absolute or relative pathname to the XML configuration file.
 - 
principalprotected java.security.Principal principal ThePrincipalidentified by our validation, ornullif validation failed.
 - 
sharedStateprotected java.util.Map<java.lang.String,?> sharedState The state information that is shared with other configuredLoginModuleinstances.
 - 
subjectprotected javax.security.auth.Subject subject The subject for which we are performing authentication.
 
- 
 - 
Method Detail- 
abortpublic boolean abort() throws javax.security.auth.login.LoginExceptionPhase 2 of authenticating aSubjectwhen Phase 1 fails. This method is called if theLoginContextfailed somewhere in the overall authentication chain.- Specified by:
- abortin interface- javax.security.auth.spi.LoginModule
- Returns:
- trueif this method succeeded, or- falseif this- LoginModuleshould be ignored
- Throws:
- javax.security.auth.login.LoginException- if the abort fails
 
 - 
commitpublic boolean commit() throws javax.security.auth.login.LoginExceptionPhase 2 of authenticating aSubjectwhen Phase 1 was successful. This method is called if theLoginContextsucceeded in the overall authentication chain.- Specified by:
- commitin interface- javax.security.auth.spi.LoginModule
- Returns:
- trueif the authentication succeeded, or- falseif this- LoginModuleshould be ignored
- Throws:
- javax.security.auth.login.LoginException- if the commit fails
 
 - 
initializepublic void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)Initialize thisLoginModulewith the specified configuration information.- Specified by:
- initializein interface- javax.security.auth.spi.LoginModule
- Parameters:
- subject- The- Subjectto be authenticated
- callbackHandler- A- CallbackHandlerfor communicating with the end user as necessary
- sharedState- State information shared with other- LoginModuleinstances
- options- Configuration information for this specific- LoginModuleinstance
 
 - 
loginpublic boolean login() throws javax.security.auth.login.LoginExceptionPhase 1 of authenticating aSubject.- Specified by:
- loginin interface- javax.security.auth.spi.LoginModule
- Returns:
- trueif the authentication succeeded, or- falseif this- LoginModuleshould be ignored
- Throws:
- javax.security.auth.login.LoginException- if the authentication fails
 
 - 
logoutpublic boolean logout() throws javax.security.auth.login.LoginExceptionLog out this user.- Specified by:
- logoutin interface- javax.security.auth.spi.LoginModule
- Returns:
- truein all cases because the- LoginModuleshould not be ignored
- Throws:
- javax.security.auth.login.LoginException- if logging out failed
 
 - 
loadprotected void load() Load the contents of our configuration file.
 
- 
 
-