Class RoleMappingLoginModule

  • All Implemented Interfaces:
    LoginModule

    public class RoleMappingLoginModule
    extends AbstractServerLoginModule
    JBAS-3323: Role Mapping Login Module that maps application role to declarative role - You will need to provide a properties file name with the option "rolesProperties" which has the role to be replaced as the key and a comma-separated role names as replacements. - This module should be used with the "optional" mode, as it just adds onto the authenticated subject
    Since:
    Jun 22, 2006
    Version:
    $Revision$
    Author:
    Anil Saldhana
    • Field Detail

      • REPLACE_ROLE

        protected boolean REPLACE_ROLE
        Should the matching role be replaced
    • Constructor Detail

      • RoleMappingLoginModule

        public RoleMappingLoginModule()
    • Method Detail

      • initialize

        public void initialize​(Subject subject,
                               CallbackHandler callbackHandler,
                               Map<String,​?> sharedState,
                               Map<String,​?> options)
        Description copied from class: AbstractServerLoginModule
        Initialize the login module. This stores the subject, callbackHandler and sharedState and options for the login session. Subclasses should override if they need to process their own options. A call to super.initialize(...) must be made in the case of an override.

        Specified by:
        initialize in interface LoginModule
        Overrides:
        initialize in class AbstractServerLoginModule
        Parameters:
        subject - the Subject to update after a successful login.
        callbackHandler - the CallbackHandler that will be used to obtain the the user identity and credentials.
        sharedState - a Map shared between all configured login module instances
        options - the parameters passed to the login module.
      • login

        public boolean login()
                      throws LoginException
        Description copied from class: AbstractServerLoginModule
        Looks for javax.security.auth.login.name and javax.security.auth.login.password values in the sharedState map if the useFirstPass option was true and returns true if they exist. If they do not or are null this method returns false. Note that subclasses that override the login method must set the loginOk ivar to true if the login succeeds in order for the commit phase to populate the Subject. This implementation sets loginOk to true if the login() method returns true, otherwise, it sets loginOk to false.
        Specified by:
        login in interface LoginModule
        Overrides:
        login in class AbstractServerLoginModule
        Throws:
        LoginException
        See Also:
        LoginModule.login()