Package org.jboss.security.auth.spi
Class DatabaseCertLoginModule
- java.lang.Object
-
- org.jboss.security.auth.spi.AbstractServerLoginModule
-
- org.jboss.security.auth.spi.BaseCertLoginModule
-
- org.jboss.security.auth.spi.DatabaseCertLoginModule
-
- All Implemented Interfaces:
LoginModule
public class DatabaseCertLoginModule extends BaseCertLoginModule
A Certificate Login Module that gets its role information from a database. This module is the functional equivelant of theDatabaseServerLoginModule
minus the usersQuery.- Version:
- $Revision$
- Author:
- Jason Essington, Scott.Stark@jboss.org
- See Also:
DatabaseServerLoginModule
-
-
Field Summary
Fields Modifier and Type Field Description protected boolean
suspendResume
Whether to suspend resume transactions during database operationsprotected String
txManagerJndiName
The JNDI name of the transaction manager-
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
callbackHandler, jbossModuleName, log, loginOk, options, principalClassModuleName, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
-
-
Constructor Summary
Constructors Constructor Description DatabaseCertLoginModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected Group[]
getRoleSets()
Subclasses need to override this to provide the roles for authorizationvoid
initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
Override the super version to pickup the following options after first calling the super method.-
Methods inherited from class org.jboss.security.auth.spi.BaseCertLoginModule
commit, getAliasAndCert, getCredentials, getIdentity, getUsername, login, validateCredential
-
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
abort, addValidOptions, checkOptions, createGroup, createIdentity, getCallerPrincipalGroup, getUnauthenticatedIdentity, getUseFirstPass, logout
-
-
-
-
Field Detail
-
txManagerJndiName
protected String txManagerJndiName
The JNDI name of the transaction manager
-
suspendResume
protected boolean suspendResume
Whether to suspend resume transactions during database operations
-
-
Method Detail
-
initialize
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
Description copied from class:BaseCertLoginModule
Override the super version to pickup the following options after first calling the super method. option: securityDomain - the name of the SecurityDomain to obtain the trust and keystore from. option: verifier - the class name of the X509CertificateVerifier to use for verification of the login certificate- Specified by:
initialize
in interfaceLoginModule
- Overrides:
initialize
in classBaseCertLoginModule
- Parameters:
options
- - dsJndiName: The name of the DataSource of the database containing the Principals, Roles tables rolesQuery: The prepared statement query, equivalent to: "select Role, RoleGroup from Roles where PrincipalID=?"subject
- the Subject to update after a successful login.callbackHandler
- the CallbackHandler that will be used to obtain the the user identity and credentials.sharedState
- a Map shared between all configured login module instances- See Also:
SecurityDomain
,X509CertificateVerifier
-
getRoleSets
protected Group[] getRoleSets() throws LoginException
Description copied from class:BaseCertLoginModule
Subclasses need to override this to provide the roles for authorization- Overrides:
getRoleSets
in classBaseCertLoginModule
- Returns:
- Group[] containing the sets of roles
- Throws:
LoginException
- See Also:
DatabaseServerLoginModule.getRoleSets()
-
-