Class CallerIdentityLoginModule

    • Constructor Detail

      • CallerIdentityLoginModule

        public CallerIdentityLoginModule()
        Default Constructor
    • Method Detail

      • initialize

        public void initialize​(Subject subject,
                               CallbackHandler handler,
                               Map<String,​?> sharedState,
                               Map<String,​?> options)
        The initialize method sets up some default connection information for basic connections. This is useful for container initialization connection use or running the application in a non-secure manner. This method is called before the login method.
        Specified by:
        initialize in interface LoginModule
        Overrides:
        initialize in class AbstractServerLoginModule
        Parameters:
        subject -
        handler -
        sharedState -
        options -
      • login

        public boolean login()
                      throws LoginException
        Performs the login association between the caller and the resource for a 1 to 1 mapping. This acts as a login propagation strategy and is useful for single-sign on requirements
        Specified by:
        login in interface LoginModule
        Overrides:
        login in class AbstractServerLoginModule
        Returns:
        True if authentication succeeds
        Throws:
        LoginException
      • commit

        public boolean commit()
                       throws LoginException
        Description copied from class: AbstractServerLoginModule
        Method to commit the authentication process (phase 2). If the login method completed successfully as indicated by loginOk == true, this method adds the getIdentity() value to the subject getPrincipals() Set. It also adds the members of each Group returned by getRoleSets() to the subject getPrincipals() Set.
        Specified by:
        commit in interface LoginModule
        Overrides:
        commit in class AbstractServerLoginModule
        Returns:
        true always.
        Throws:
        LoginException
      • getRoleSets

        protected Group[] getRoleSets()
                               throws LoginException
        Description copied from class: AbstractServerLoginModule
        Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity.
        Specified by:
        getRoleSets in class AbstractServerLoginModule
        Returns:
        Group[] containing the sets of roles
        Throws:
        LoginException