Class ClientLoginModule

  • All Implemented Interfaces:
    LoginModule

    public class ClientLoginModule
    extends Object
    implements LoginModule
    A simple implementation of LoginModule for use by JBoss clients for the establishment of the caller identity and credentials. This simply sets the SecurityContext principal to the value of the NameCallback filled in by the CallbackHandler, and the SecurityContext credential to the value of the PasswordCallback filled in by the CallbackHandler. It has the following options:
    • multi-threaded=[true|false] When the multi-threaded option is set to true each login thread has its own principal and credential storage.
    • restore-login-identity=[true|false] When restore-login-identity is true, the SecurityContext principal and credential seen on entry to the login() method are saved and restored on either abort or logout. When false (the default), the abort and logout simply clears the SecurityContext. A restore-login-identity of true is needed if one need to change identities and then restore the original caller identity.
    • password-stacking=tryFirstPass|useFirstPass When password-stacking option is set, this module first looks for a shared username and password using "javax.security.auth.login.name" and "javax.security.auth.login.password" respectively. This allows a module configured prior to this one to establish a valid username and password that should be passed to JBoss.
    Author:
    Oleg Nitz, Scott.Stark@jboss.org, Anil.Saldhana@redhat.com