JaasAuthenticator
From Resin 3.0
(Difference between revisions)
Line 100: | Line 100: | ||
} | } | ||
} | } | ||
+ | |||
+ | |||
+ | ==== resin-web.xml ==== | ||
+ | <web-app xmlns="http://caucho.com/ns/resin"> | ||
+ | |||
+ | <authenticator type="com.caucho.server.security.JaasAuthenticator"> | ||
+ | <init> | ||
+ | <login-module>example.TestModule</login-module> | ||
+ | <init-param> | ||
+ | <user>Harry</user> | ||
+ | <password>quidditch</password> | ||
+ | </init-param> | ||
+ | </init> | ||
+ | </authenticator> | ||
+ | |||
+ | </web-app> |
Revision as of 19:32, 3 April 2006
Resin provides a JaasAuthenticator for the usage of any JAAS LoginModule. A number of JAAS LoginModule implementations are included with the JDK,
and it is fairly easy to create your own,
Contents |
Example
resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin"> <authenticator type="com.caucho.server.security.JaasAuthenticator"> <init> <login-module>com.sun.security.auth.module.Krb5LoginModule</login-module> <init-param> <debug>true</debug> </init-param> </init> </authenticator> </web-app>
<init-param> directives
<init-param> directives are used to configure the properties of the LoginModule. Existing LoginModules provide documentation of the init-param that are accepted. Custom LoginModule implementations retrieve the init-param values in the initialize method:
LoginModule implementation retrieves init-param
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options) { // initialize any configured options _isDebug = "true".equalsIgnoreCase((String) options.get("debug")); ... }
Custom LoginModule
import java.util.*; import javax.security.auth.*; import javax.security.auth.spi.*; import javax.security.auth.callback.*; import javax.security.auth.login.*; public class TestLoginModule implements javax.security.auth.spi.LoginModule { private Subject _subject; private CallbackHandler _handler; private Map _state; private String _userName; private String _password; public void initialize(Subject subject, CallbackHandler handler, Map sharedState, Map options) { _subject = subject; _handler = handler; _state = sharedState; _userName = (String) _options.get("user"); _password = (String) _options.get("password"); } public boolean login() throws LoginException { NameCallback name = new NameCallback(""); PasswordCallback password = new PasswordCallback("", false); _handler.handle(new Callback[] { name, password }); if (_userName.equals(name.getName()) && _password.equals(password.getPassword()) { _subject.getPrincipals().add(new TestPrincipal(_userName)); return true; } else return false; } public boolean abort() { return true; } public boolean commit() { return _subject.getPrincipals().size() > 0; } public boolean logout() { return true; } }
resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin"> <authenticator type="com.caucho.server.security.JaasAuthenticator"> <init> <login-module>example.TestModule</login-module> <init-param> <user>Harry</user> <password>quidditch</password> </init-param> </init> </authenticator> </web-app>