JaasAuthenticator
From Resin 3.0
(Difference between revisions)
| Line 40: | Line 40: | ||
= Custom LoginModule = | = Custom LoginModule = | ||
| + | import java.util.*; | ||
| + | |||
| + | import javax.security.auth.*; | ||
| + | import javax.security.auth.spi.*; | ||
| + | import javax.security.auth.callback.*; | ||
| + | import javax.security.auth.login.*; | ||
| + | |||
public class TestLoginModule implements javax.security.auth.spi.LoginModule { | public class TestLoginModule implements javax.security.auth.spi.LoginModule { | ||
private Subject _subject; | private Subject _subject; | ||
| Line 56: | Line 63: | ||
_handler = handler; | _handler = handler; | ||
_state = sharedState; | _state = sharedState; | ||
| − | + | ||
_userName = (String) _options.get("user"); | _userName = (String) _options.get("user"); | ||
_password = (String) _options.get("password"); | _password = (String) _options.get("password"); | ||
Revision as of 19:31, 3 April 2006
Resin provides a JaasAuthenticator for the usage of any JAAS LoginModule. A number of JAAS LoginModule implementations are included with the JDK,
and it is fairly easy to create your own,
Contents |
Example
resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin"> <authenticator type="com.caucho.server.security.JaasAuthenticator"> <init> <login-module>com.sun.security.auth.module.Krb5LoginModule</login-module> <init-param> <debug>true</debug> </init-param> </init> </authenticator> </web-app>
<init-param> directives
<init-param> directives are used to configure the properties of the LoginModule. Existing LoginModules provide documentation of the init-param that are accepted. Custom LoginModule implementations retrieve the init-param values in the initialize method:
LoginModule implementation retrieves init-param
public void initialize(Subject subject,
CallbackHandler callbackHandler,
Map<String,?> sharedState,
Map<String,?> options)
{
// initialize any configured options
_isDebug = "true".equalsIgnoreCase((String) options.get("debug"));
...
}
Custom LoginModule
import java.util.*;
import javax.security.auth.*;
import javax.security.auth.spi.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
public class TestLoginModule implements javax.security.auth.spi.LoginModule {
private Subject _subject;
private CallbackHandler _handler;
private Map _state;
private String _userName;
private String _password;
public void initialize(Subject subject,
CallbackHandler handler,
Map sharedState,
Map options)
{
_subject = subject;
_handler = handler;
_state = sharedState;
_userName = (String) _options.get("user");
_password = (String) _options.get("password");
}
public boolean login()
throws LoginException
{
NameCallback name = new NameCallback("");
PasswordCallback password = new PasswordCallback("", false);
_handler.handle(new Callback[] { name, password });
if (_userName.equals(name.getName()) &&
_password.equals(password.getPassword()) {
_subject.getPrincipals().add(new TestPrincipal(_userName));
return true;
}
else
return false;
}
public boolean abort()
{
return true;
}
public boolean commit()
{
return _subject.getPrincipals().size() > 0;
}
public boolean logout()
{
return true;
}
}
