Class RemoteHostTrustLoginModule

  • All Implemented Interfaces:
    LoginModule

    public class RemoteHostTrustLoginModule
    extends UsernamePasswordLoginModule
    Trust specific hosts so that when usernames are passed in and the host that passes them in is "trusted" it returns true regardless of any password or credentials. Must be used in conjunction with the RemoteHostValve. trustedHosts - comma del list of hosts (ips) that are trusted to have already authenticated the user roles - list of roles (comma del) that the user is given as a result of this login module
    Version:
    $Revision: 0 $
    Author:
    Andrew C. Oliver acoliver@gmail.com
    • Constructor Detail

      • RemoteHostTrustLoginModule

        public RemoteHostTrustLoginModule()
    • Method Detail

      • initialize

        public void initialize​(Subject subject,
                               CallbackHandler callbackHandler,
                               Map sharedState,
                               Map options)
        Initialize this LoginModule.
        Specified by:
        initialize in interface LoginModule
        Overrides:
        initialize in class UsernamePasswordLoginModule
        Parameters:
        options - - trustedHosts: a comma delimited list of trusted hosts allowed to pass principals without credentials and be "trusted" roles: automatically granted to any users authenticated
        subject - the Subject to update after a successful login.
        callbackHandler - the CallbackHandler that will be used to obtain the the user identity and credentials.
        sharedState - a Map shared between all configured login module instances
      • validatePassword

        protected boolean validatePassword​(String inputPassword,
                                           String expectedPassword)
        Description copied from class: UsernamePasswordLoginModule
        A hook that allows subclasses to change the validation of the input password against the expected password. This version checks that neither inputPassword or expectedPassword are null that that inputPassword.equals(expectedPassword) is true;
        Overrides:
        validatePassword in class UsernamePasswordLoginModule
        Returns:
        true if the inputPassword is valid, false otherwise.
      • getRealHost

        protected String getRealHost()
        Returns:
        the hostname of the client
      • getRoleSets

        protected Group[] getRoleSets()
                               throws LoginException
        Description copied from class: AbstractServerLoginModule
        Overriden by subclasses to return the Groups that correspond to the to the role sets assigned to the user. Subclasses should create at least a Group named "Roles" that contains the roles assigned to the user. A second common group is "CallerPrincipal" that provides the application identity of the user rather than the security domain identity.
        Specified by:
        getRoleSets in class AbstractServerLoginModule
        Returns:
        Group[] containing the sets of roles
        Throws:
        LoginException