gov.nih.nci.caarray.services.security
Class CaArrayLoginModule

java.lang.Object
  extended by org.jboss.security.auth.spi.AbstractServerLoginModule
      extended by gov.nih.nci.caarray.services.security.CaArrayLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule

public class CaArrayLoginModule
extends org.jboss.security.auth.spi.AbstractServerLoginModule

This Custom Login module extends AbstractServerLogin Module. It calls the caarray security ejb to get the authentication as well as authorization information. It also checks for unauthenticable public users and assigns them a principal with name "Public" and role of "User". This needs to be populated in the security database as such.


Field Summary
 
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
log, loginOk, principalClassName, unauthenticatedIdentity, useFirstPass
 
Constructor Summary
CaArrayLoginModule()
           
 
Method Summary
 boolean abort()
           This method is called if the LoginContext's overall authentication failed.
 boolean commit()
           This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
protected  java.security.Principal getIdentity()
           
protected  java.security.acl.Group[] getRoleSets()
           
 void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
          Initialize this LoginModule.
 boolean login()
          Authenticate the user by prompting for a user name and password.
 boolean logout()
          Logout the user.
 
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
createGroup, createIdentity, getUnauthenticatedIdentity, getUseFirstPass
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CaArrayLoginModule

public CaArrayLoginModule()
Method Detail

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map sharedState,
                       java.util.Map options)
Initialize this LoginModule.

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Overrides:
initialize in class org.jboss.security.auth.spi.AbstractServerLoginModule
Parameters:
subject - the Subject to be authenticated.

callbackHandler - a CallbackHandler for communicating with the end user (prompting for user names and passwords, for example).

sharedState - shared LoginModule state.

options - options specified in the login Configuration for this particular LoginModule.

login

public boolean login()
              throws javax.security.auth.login.LoginException
Authenticate the user by prompting for a user name and password.

Specified by:
login in interface javax.security.auth.spi.LoginModule
Overrides:
login in class org.jboss.security.auth.spi.AbstractServerLoginModule
Returns:
true in all cases since this LoginModule should not be ignored.
Throws:
javax.security.auth.login.FailedLoginException - if the authentication fails.

javax.security.auth.login.LoginException - if this LoginModule is unable to perform the authentication.

commit

public boolean commit()
               throws javax.security.auth.login.LoginException

This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates a CaArrayPrincipal with the Subject located in the LoginModule. If this LoginModule's own authentication attempted failed, then this method removes any state that was originally saved.

Specified by:
commit in interface javax.security.auth.spi.LoginModule
Overrides:
commit in class org.jboss.security.auth.spi.AbstractServerLoginModule
Returns:
true if this LoginModule's own login and commit attempts succeeded, or false otherwise.
Throws:
javax.security.auth.login.LoginException - if the commit fails.

abort

public boolean abort()
              throws javax.security.auth.login.LoginException

This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login and commit methods), then this method cleans up any state that was originally saved.

Specified by:
abort in interface javax.security.auth.spi.LoginModule
Overrides:
abort in class org.jboss.security.auth.spi.AbstractServerLoginModule
Returns:
false if this LoginModule's own login and/or commit attempts failed, and true otherwise.
Throws:
javax.security.auth.login.LoginException - if the abort fails.

logout

public boolean logout()
               throws javax.security.auth.login.LoginException
Logout the user.

This method removes the CaArrayPrincipal that was added by the commit method.

Specified by:
logout in interface javax.security.auth.spi.LoginModule
Overrides:
logout in class org.jboss.security.auth.spi.AbstractServerLoginModule
Returns:
true in all cases since this LoginModule should not be ignored.
Throws:
javax.security.auth.login.LoginException - if the logout fails.

getRoleSets

protected java.security.acl.Group[] getRoleSets()
                                         throws javax.security.auth.login.LoginException
Specified by:
getRoleSets in class org.jboss.security.auth.spi.AbstractServerLoginModule
Throws:
javax.security.auth.login.LoginException

getIdentity

protected java.security.Principal getIdentity()
Specified by:
getIdentity in class org.jboss.security.auth.spi.AbstractServerLoginModule