JaasAuthenticator
From Resin 3.0
(Difference between revisions)
Line 37: | Line 37: | ||
... | ... | ||
} | } | ||
+ | |||
+ | = Custom LoginModule = | ||
+ | |||
+ | public class TestLoginModule implements javax.security.auth.spi.LoginModule { | ||
+ | private Subject _subject; | ||
+ | private CallbackHandler _handler; | ||
+ | private Map _state; | ||
+ | |||
+ | private String _userName; | ||
+ | private String _password; | ||
+ | |||
+ | public void initialize(Subject subject, | ||
+ | CallbackHandler handler, | ||
+ | Map sharedState, | ||
+ | Map options) | ||
+ | { | ||
+ | _subject = subject; | ||
+ | _handler = handler; | ||
+ | _state = sharedState; | ||
+ | |||
+ | _userName = (String) _options.get("user"); | ||
+ | _password = (String) _options.get("password"); | ||
+ | } | ||
+ | |||
+ | public boolean login() | ||
+ | throws LoginException | ||
+ | { | ||
+ | NameCallback name = new NameCallback(""); | ||
+ | PasswordCallback password = new PasswordCallback("", false); | ||
+ | |||
+ | _handler.handle(new Callback[] { name, password }); | ||
+ | |||
+ | if (_userName.equals(name.getName()) && | ||
+ | _password.equals(password.getPassword()) { | ||
+ | _subject.getPrincipals().add(new TestPrincipal(_userName)); | ||
+ | return true; | ||
+ | } | ||
+ | else | ||
+ | return false; | ||
+ | } | ||
+ | |||
+ | public boolean abort() | ||
+ | { | ||
+ | return true; | ||
+ | } | ||
+ | |||
+ | public boolean commit() | ||
+ | { | ||
+ | return _subject.getPrincipals().size() > 0); | ||
+ | } | ||
+ | |||
+ | public boolean logout() | ||
+ | { | ||
+ | return true; | ||
+ | } | ||
+ | } |
Revision as of 19:28, 3 April 2006
Resin provides a JaasAuthenticator for the usage of any JAAS LoginModule. A number of JAAS LoginModule implementations are included with the JDK,
and it is fairly easy to create your own,
Contents |
Example
resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin"> <authenticator type="com.caucho.server.security.JaasAuthenticator"> <init> <login-module>com.sun.security.auth.module.Krb5LoginModule</login-module> <init-param> <debug>true</debug> </init-param> </init> </authenticator> </web-app>
<init-param> directives
<init-param> directives are used to configure the properties of the LoginModule. Existing LoginModules provide documentation of the init-param that are accepted. Custom LoginModule implementations retrieve the init-param values in the initialize method:
LoginModule implementation retrieves init-param
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options) { // initialize any configured options _isDebug = "true".equalsIgnoreCase((String) options.get("debug")); ... }
Custom LoginModule
public class TestLoginModule implements javax.security.auth.spi.LoginModule { private Subject _subject; private CallbackHandler _handler; private Map _state; private String _userName; private String _password; public void initialize(Subject subject, CallbackHandler handler, Map sharedState, Map options) { _subject = subject; _handler = handler; _state = sharedState;
_userName = (String) _options.get("user"); _password = (String) _options.get("password"); } public boolean login() throws LoginException { NameCallback name = new NameCallback(""); PasswordCallback password = new PasswordCallback("", false); _handler.handle(new Callback[] { name, password });
if (_userName.equals(name.getName()) && _password.equals(password.getPassword()) { _subject.getPrincipals().add(new TestPrincipal(_userName)); return true; } else return false; } public boolean abort() { return true; } public boolean commit() { return _subject.getPrincipals().size() > 0); } public boolean logout() { return true; } }