Class UnixLoginModule
- All Implemented Interfaces:
LoginModule
LoginModule imports a user's Unix
Principal information (UnixPrincipal,
UnixNumericUserPrincipal,
and UnixNumericGroupPrincipal)
and associates them with the current Subject.
This LoginModule recognizes the debug option. If set to true in the login Configuration, debug messages will be output to the output stream, System.out.
- Since:
- 1.4
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleanabort()Abort the authentication (second phase).booleancommit()Commit the authentication (second phase).voidinitialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) Initialize thisLoginModule.booleanlogin()Authenticate the user (first phase).booleanlogout()Logout the user
-
Constructor Details
-
UnixLoginModule
public UnixLoginModule()Creates aUnixLoginModule.
-
-
Method Details
-
initialize
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) Initialize thisLoginModule.- Specified by:
initializein interfaceLoginModule- Parameters:
subject- theSubjectto be authenticated.callbackHandler- aCallbackHandlerfor communicating with the end user (prompting for usernames and passwords, for example).sharedState- sharedLoginModulestate.options- options specified in the loginConfigurationfor this particularLoginModule.
-
login
Authenticate the user (first phase).The implementation of this method attempts to retrieve the user's Unix
Subjectinformation by making a native Unix system call.- Specified by:
loginin interfaceLoginModule- Returns:
- true in all cases (this
LoginModuleshould not be ignored). - Throws:
FailedLoginException- if attempts to retrieve the underlying system information fail.LoginException- if the authentication fails
-
commit
Commit the authentication (second phase).This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
If this LoginModule's own authentication attempt succeeded (the importing of the Unix authentication information succeeded), then this method associates the Unix Principals with the
Subjectcurrently tied to theLoginModule. If this LoginModule's authentication attempted failed, then this method removes any state that was originally saved.- Specified by:
commitin interfaceLoginModule- Returns:
- true if this LoginModule's own login and commit attempts succeeded, or false otherwise.
- Throws:
LoginException- if the commit fails
-
abort
Abort the authentication (second phase).This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).
This method cleans up any state that was originally saved as part of the authentication attempt from the
loginandcommitmethods.- Specified by:
abortin interfaceLoginModule- Returns:
- false if this LoginModule's own login and/or commit attempts failed, and true otherwise.
- Throws:
LoginException- if the abort fails
-
logout
Logout the userThis method removes the Principals associated with the
Subject.- Specified by:
logoutin interfaceLoginModule- Returns:
- true in all cases (this
LoginModuleshould not be ignored). - Throws:
LoginException- if the logout fails
-