Package org.jboss.security.auth.spi
Class SimpleServerLoginModule
- java.lang.Object
-
- org.jboss.security.auth.spi.AbstractServerLoginModule
-
- org.jboss.security.auth.spi.UsernamePasswordLoginModule
-
- org.jboss.security.auth.spi.SimpleServerLoginModule
-
- All Implemented Interfaces:
LoginModule
public class SimpleServerLoginModule extends UsernamePasswordLoginModule
A simple server login module useful to quick setup of security for testing purposes. It implements the following simple algorithm:- if password is null, authenticate the user and assign an identity of "guest" and a role of "guest".
- else if password is equal to the user name, assign an identity equal to the username and both "user" and "guest" roles
- else authentication fails.
- Version:
- $Revision$
- Author:
- Oleg Nitz, Scott.Stark@jboss.org
-
-
Field Summary
-
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
callbackHandler, jbossModuleName, log, loginOk, options, principalClassModuleName, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
-
-
Constructor Summary
Constructors Constructor Description SimpleServerLoginModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected Principal
getIdentity()
Overriden by subclasses to return the Principal that corresponds to the user primary identity.protected Group[]
getRoleSets()
Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user.protected String
getUsersPassword()
Get the expected password for the current username available via the getUsername() method.boolean
logout()
Remove the user identity and roles added to the Subject during commit.protected boolean
validatePassword(String inputPassword, String expectedPassword)
A hook that allows subclasses to change the validation of the input password against the expected password.-
Methods inherited from class org.jboss.security.auth.spi.UsernamePasswordLoginModule
createPasswordHash, getCredentials, getUnauthenticatedIdentity, getUsername, getUsernameAndPassword, getValidateError, initialize, login, safeClose, setValidateError
-
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
abort, addValidOptions, checkOptions, commit, createGroup, createIdentity, getCallerPrincipalGroup, getUseFirstPass
-
-
-
-
Method Detail
-
getIdentity
protected Principal getIdentity()
Description copied from class:AbstractServerLoginModule
Overriden by subclasses to return the Principal that corresponds to the user primary identity.- Overrides:
getIdentity
in classUsernamePasswordLoginModule
-
validatePassword
protected boolean validatePassword(String inputPassword, String expectedPassword)
Description copied from class:UsernamePasswordLoginModule
A hook that allows subclasses to change the validation of the input password against the expected password. This version checks that neither inputPassword or expectedPassword are null that that inputPassword.equals(expectedPassword) is true;- Overrides:
validatePassword
in classUsernamePasswordLoginModule
- Returns:
- true if the inputPassword is valid, false otherwise.
-
getRoleSets
protected Group[] getRoleSets() throws LoginException
Description copied from class:AbstractServerLoginModule
Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity.- Specified by:
getRoleSets
in classAbstractServerLoginModule
- Returns:
- Group[] containing the sets of roles
- Throws:
LoginException
-
getUsersPassword
protected String getUsersPassword() throws LoginException
Description copied from class:UsernamePasswordLoginModule
Get the expected password for the current username available via the getUsername() method. This is called from within the login() method after the CallbackHandler has returned the username and candidate password.- Specified by:
getUsersPassword
in classUsernamePasswordLoginModule
- Returns:
- the valid password String
- Throws:
LoginException
-
logout
public boolean logout() throws LoginException
Description copied from class:AbstractServerLoginModule
Remove the user identity and roles added to the Subject during commit.- Specified by:
logout
in interfaceLoginModule
- Overrides:
logout
in classAbstractServerLoginModule
- Returns:
- true always.
- Throws:
LoginException
-
-