Examples of LoginModule

com.changestuffs.scrum.client.application.widget.login.LoginModule
com.gwtplatform.carstore.client.application.login.LoginModule
iqq.im.module.LoginModule
登录模块，处理登录和退出 @author solosky
javax.security.auth.spi.LoginModule

{@code LoginModule} describes the interfaceimplemented by authentication technology providers. LoginModules are plugged in under applications to provide a particular type of authentication.
While applications write to the {@code LoginContext} API,authentication technology providers implement the {@code LoginModule} interface.A {@code Configuration} specifies the LoginModule(s)to be used with a particular login application. Therefore different LoginModules can be plugged in under the application without requiring any modifications to the application itself.
The {@code LoginContext} is responsible for reading the{@code Configuration} and instantiating the appropriateLoginModules. Each {@code LoginModule} is initialized witha {@code Subject}, a {@code CallbackHandler}, shared {@code LoginModule} state, and LoginModule-specific options.The {@code Subject} represents the{@code Subject} currently being authenticated and is updatedwith relevant Credentials if authentication succeeds. LoginModules use the {@code CallbackHandler} tocommunicate with users. The {@code CallbackHandler} may beused to prompt for usernames and passwords, for example. Note that the {@code CallbackHandler} may be null. LoginModuleswhich absolutely require a {@code CallbackHandler} to authenticatethe {@code Subject} may throw a {@code LoginException}. LoginModules optionally use the shared state to share information or data among themselves.
The LoginModule-specific options represent the options configured for this {@code LoginModule} by an administrator or userin the login {@code Configuration}. The options are defined by the {@code LoginModule} itselfand control the behavior within it. For example, a {@code LoginModule} may define options to support debugging/testingcapabilities. Options are defined using a key-value syntax, such as debug=true. The {@code LoginModule}stores the options as a {@code Map} so that the values maybe retrieved using the key. Note that there is no limit to the number of options a {@code LoginModule} chooses to define.
The calling application sees the authentication process as a single operation. However, the authentication process within the {@code LoginModule} proceeds in two distinct phases.In the first phase, the LoginModule's {@code login} method gets invoked by the LoginContext's{@code login} method. The {@code login}method for the {@code LoginModule} then performsthe actual authentication (prompt for and verify a password for example) and saves its authentication status as private state information. Once finished, the LoginModule's {@code login}method either returns {@code true} (if it succeeded) or{@code false} (if it should be ignored), or throws a{@code LoginException} to specify a failure.In the failure case, the {@code LoginModule} must not retry theauthentication or introduce delays. The responsibility of such tasks belongs to the application. If the application attempts to retry the authentication, the LoginModule's {@code login} method will becalled again.
In the second phase, if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded), then the {@code commit}method for the {@code LoginModule} gets invoked.The {@code commit} method for a {@code LoginModule} checks itsprivately saved state to see if its own authentication succeeded. If the overall {@code LoginContext} authentication succeededand the LoginModule's own authentication succeeded, then the {@code commit} method associates the relevantPrincipals (authenticated identities) and Credentials (authentication data such as cryptographic keys) with the {@code Subject}located within the {@code LoginModule}.
If the LoginContext's overall authentication failed (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed), then the {@code abort} method for each {@code LoginModule}gets invoked. In this case, the {@code LoginModule} removes/destroysany authentication state originally saved.
Logging out a {@code Subject} involves only one phase.The {@code LoginContext} invokes the LoginModule's {@code logout}method. The {@code logout} method for the {@code LoginModule}then performs the logout procedures, such as removing Principals or Credentials from the {@code Subject} or logging session information.
A {@code LoginModule} implementation must have a constructor withno arguments. This allows classes which load the {@code LoginModule}to instantiate it. @see javax.security.auth.login.LoginContext @see javax.security.auth.login.Configuration
org.apache.geronimo.jee.loginconfig.LoginModule
imo.apache.org/xml/ns/loginconfig-2.0}abstract-login-moduleType"> <sequence> <element name="login-domain-name" type="{http://www.w3.org/2001/XMLSchema}string"/> <element name="login-module-class" type="{http://www.w3.org/2001/XMLSchema}string"/> <element name="option" type="{http://geronimo.apache.org/xml/ns/loginconfig-2.0}optionType" maxOccurs="unbounded" minOccurs="0"/> <element name="xml-option" type="{http://geronimo.apache.org/xml/ns/deployment-1.2}xml-attributeType" maxOccurs="unbounded" minOccurs="0"/> </sequence> </extension> </complexContent> </complexType>
org.nxplanner.security.LoginModule

Examples of javax.security.auth.spi.LoginModule

     * populates them, and sends them back to the server.
     */
    public Callback[] getServerLoginCallbacks(JaasClientId clientHandle, int loginModuleIndex) throws LoginException {
        JaasSecurityContext context = (JaasSecurityContext) activeLogins.get(clientHandle);
        checkContext(context, loginModuleIndex, true);
        LoginModule module = context.getLoginModule(loginModuleIndex);


        context.getHandler().setExploring();
        try {
            module.initialize(context.getSubject(), context.getHandler(), new HashMap(), context.getOptions(loginModuleIndex));
        } catch (Exception e) {
            System.err.println("Failed to initialize module");
            e.printStackTrace();
        }
        try {
            module.login();
        } catch (LoginException e) {
        }
        try {
            module.abort();
        } catch (LoginException e) {
        }
        return context.getHandler().finalizeCallbackList();
    }

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

        });
    }


    public void testCurrentUserHasCustomRole() throws Exception {
        Subject subject = new Subject();
        LoginModule lm = new TestLoginModule(new TestRolePrincipal("foo"));
        lm.initialize(subject, null, null, null);
        lm.login();
        lm.commit();


        Subject.doAs(subject, new PrivilegedAction<Void>() {
            public Void run() {
                assertTrue(KarafMBeanServerGuard.currentUserHasRole(TestRolePrincipal.class.getCanonicalName() + ":foo"));
                assertFalse(KarafMBeanServerGuard.currentUserHasRole("foo"));

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

        });
    }


    private Subject loginWithTestRoles(String... roles) throws LoginException {
        Subject subject = new Subject();
        LoginModule lm = new TestLoginModule(roles);
        lm.initialize(subject, null, null, null);
        lm.login();
        lm.commit();
        return subject;
    }

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

        request.setUserPrincipal( principal );
        try
        {
            // Test using Principal (WebContainerLoginModule succeeds)
            CallbackHandler handler = new WebContainerCallbackHandler( m_engine, request );
            LoginModule module = new WebContainerLoginModule();
            module.initialize( m_subject, handler, 
                              new HashMap<String, Object>(), 
                              new HashMap<String, Object>());
            module.login();
            module.commit();
            Set principals = m_subject.getPrincipals();
            assertEquals( 1, principals.size() );
            assertTrue(  principals.contains( principal ) );
            assertFalse( principals.contains( Role.ANONYMOUS ) );
            assertFalse( principals.contains( Role.ASSERTED ) );

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

        MockHttpServletRequest request = m_engine.newHttpRequest();
        request.setUserPrincipal( principal );
        try
        {
            CallbackHandler handler = new WebContainerCallbackHandler( m_engine, request );
            LoginModule module = new WebContainerLoginModule();
            module.initialize( m_subject, handler, 
                              new HashMap<String, Object>(), 
                              new HashMap<String, Object>());
            module.login();
            module.commit();
            Set principals = m_subject.getPrincipals();
            assertEquals( 1, principals.size() );
            assertTrue( principals.contains( principal ) );
            assertFalse( principals.contains( Role.AUTHENTICATED ) );
            assertFalse( principals.contains( Role.ALL ) );
            module.logout();
            assertEquals( 0, principals.size() );
        }
        catch( LoginException e )
        {
            System.err.println( e.getMessage() );

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

    {
        try
        {
            // Log in with a user that isn't in the database
            CallbackHandler handler = new WikiCallbackHandler( m_engine, null, "user", "password" );
            LoginModule module = new UserDatabaseLoginModule();
            module.initialize( m_subject, handler, 
                              new HashMap<String, Object>(), 
                              new HashMap<String, Object>() );
            module.login();
            module.commit();
            Set principals = m_subject.getPrincipals();
            assertEquals( 1, principals.size() );
            assertTrue( principals.contains( new WikiPrincipal( "user", WikiPrincipal.LOGIN_NAME ) ) );
            assertFalse( principals.contains( Role.AUTHENTICATED ) );
            assertFalse( principals.contains( Role.ALL ) );
            
            // Login with a user that IS in the database
            m_subject = new Subject();
            handler = new WikiCallbackHandler( m_engine, null, "janne", "myP@5sw0rd" );
            module = new UserDatabaseLoginModule();
            module.initialize( m_subject, handler, 
                              new HashMap<String, Object>(), 
                              new HashMap<String, Object>() );
            module.login();
            module.commit();
            principals = m_subject.getPrincipals();
            assertEquals( 1, principals.size() );
            assertTrue( principals.contains( new WikiPrincipal( "janne", WikiPrincipal.LOGIN_NAME ) ) );
            assertFalse( principals.contains( Role.AUTHENTICATED ) );
            assertFalse( principals.contains( Role.ALL ) );

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

    public final void testLogout()
    {
        try
        {
            CallbackHandler handler = new WikiCallbackHandler( m_engine, null, "user", "password" );
            LoginModule module = new UserDatabaseLoginModule();
            module.initialize( m_subject, handler, 
                              new HashMap<String, Object>(), 
                              new HashMap<String, Object>() );
            module.login();
            module.commit();
            Set principals = m_subject.getPrincipals();
            assertEquals( 1, principals.size() );
            assertTrue( principals.contains( new WikiPrincipal( "user",  WikiPrincipal.LOGIN_NAME ) ) );
            assertFalse( principals.contains( Role.AUTHENTICATED ) );
            assertFalse( principals.contains( Role.ALL ) );
            module.logout();
            assertEquals( 0, principals.size() );
        }
        catch( LoginException e )
        {
            System.err.println( e.getMessage() );

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

            // Test using Cookie and IP address (AnonymousLoginModule succeeds)
            Cookie cookie = new Cookie( CookieAssertionLoginModule.PREFS_COOKIE_NAME, "Bullwinkle" );
            request.setCookies( new Cookie[] { cookie } );
            m_subject = new Subject();
            CallbackHandler handler = new WebContainerCallbackHandler( m_engine, request );
            LoginModule module = new CookieAssertionLoginModule();
            module.initialize( m_subject, handler, 
                              new HashMap<String, Object>(), 
                              new HashMap<String, Object>() );
            module.login();
            module.commit();
            Set principals = m_subject.getPrincipals();
            assertEquals( 1, principals.size() );
            assertTrue( principals.contains( new WikiPrincipal( "Bullwinkle" ) ) );
            assertFalse( principals.contains( Role.ASSERTED ) );
            assertFalse( principals.contains( Role.ALL ) );

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

        Cookie cookie = new Cookie( CookieAssertionLoginModule.PREFS_COOKIE_NAME, "Bullwinkle" );
        request.setCookies( new Cookie[] { cookie } );
        try
        {
            CallbackHandler handler = new WebContainerCallbackHandler( m_engine, request );
            LoginModule module = new CookieAssertionLoginModule();
            module.initialize( m_subject, handler, 
                              new HashMap<String, Object>(), 
                              new HashMap<String, Object>() );
            module.login();
            module.commit();
            Set principals = m_subject.getPrincipals();
            assertEquals( 1, principals.size() );
            assertTrue( principals.contains( new WikiPrincipal( "Bullwinkle" ) ) );
            assertFalse( principals.contains( Role.ANONYMOUS ) );
            assertFalse( principals.contains( Role.ALL ) );
            module.logout();
            assertEquals( 0, principals.size() );
        }
        catch( LoginException e )
        {
            System.err.println( e.getMessage() );

View Full Code Here

Examples of javax.security.auth.spi.LoginModule

        HttpServletRequest request = m_engine.newHttpRequest();
        try
        {
            // Test using IP address (AnonymousLoginModule succeeds)
            CallbackHandler handler = new WebContainerCallbackHandler( m_engine, request );
            LoginModule module = new AnonymousLoginModule();
            module.initialize( m_subject, handler, new HashMap<String, Object>(), new HashMap<String, Object>() );
            module.login();
            module.commit();
            Set principals = m_subject.getPrincipals();
            assertEquals( 1, principals.size() );
            assertTrue( principals.contains( new WikiPrincipal( "127.0.0.1" ) ) );
            assertFalse( principals.contains( Role.ANONYMOUS ) );
            assertFalse( principals.contains( Role.ALL ) );

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.