|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Objectcom.ibm.security.auth.module.NTActiveLoginModule
public class NTActiveLoginModule
This LoginModule interacts with the
NT security subsystem to login as a local user, then
renders a user's NT security information as some number of
Principals
and associates them with a Subject.
One use of this capability might be to log in as a
particular NT user, then perform a
ThreadSubject.doAs((LoginContext)lc.getSubject(), PrivilegedAction there).
This would run the PrivilegedAction as that user, from the perspective of both
Java and NT.
This LoginModule may actually be used in either of
two ways. If no CallbackHandlers were specified on the creation of the
LoginContext that is constructing this LoginModule
then this just queries the underlying OS for the current identity.
If, however, CallbackHandlers were specified, then this LoginModule
drives a NameCallback and a PasswordCallback to get
enough information to perform an OS-level login.
This LoginModule recognizes the debug option. If set to true in the login Configuration, debug messages will be output to the output stream, System.out.
This class will be replaced by NTActiveLoginModule2000
in future releases of JAAS.
LoginModule,
NameCallback,
PasswordCallback,
LoginContext,
NTActiveLoginModule2000| Constructor Summary | |
|---|---|
NTActiveLoginModule()
|
|
| Method Summary | |
|---|---|
boolean |
abort()
This method is called if the LoginContext's overall authentication failed. |
boolean |
commit()
This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded). |
void |
initialize(Subject subject,
CallbackHandler callbackHandler,
java.util.Map<java.lang.String,?> sharedState,
java.util.Map<java.lang.String,?> options)
Initialize this LoginModule. |
boolean |
login()
Authenticate the user by prompting for a username and password. |
boolean |
logout()
Logout the user. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public NTActiveLoginModule()
| Method Detail |
|---|
public void initialize(Subject subject,
CallbackHandler callbackHandler,
java.util.Map<java.lang.String,?> sharedState,
java.util.Map<java.lang.String,?> options)
LoginModule.
initialize in interface LoginModulesubject - the Subject to be authenticated. callbackHandler - a CallbackHandler for communicating
with the end user (prompting for usernames and
passwords, for example). sharedState - shared LoginModule state. options - options specified in the login
Configuration for this particular
LoginModule.
public boolean login()
throws LoginException
login in interface LoginModuleLoginModule
should not be ignored.
FailedLoginException - if the authentication fails.
LoginException - if this LoginModule
is unable to perform the authentication.
public boolean commit()
throws LoginException
This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
If this LoginModule's own authentication attempt
succeeded (checked by retrieving the private state saved by the
login method), then this method associates some
number of various Principals
with the Subject located in the
LoginModuleContext. If this LoginModule's own
authentication attempted failed, then this method removes
any state that was originally saved.
commit in interface LoginModuleLoginException - if the commit fails.
public boolean abort()
throws LoginException
This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).
If this LoginModule's own authentication attempt
succeeded (checked by retrieving the private state saved by the
login and commit methods),
then this method cleans up any state that was originally saved.
abort in interface LoginModuleLoginException - if the abort fails.
public boolean logout()
throws LoginException
This method removes the NTUserPrincipal,
NTDomainPrincipal, NTSidUserPrincipal,
NTSidDomainPrincipal, NTSidGroupPrincipals,
NTSidPrimaryGroupPrincipal and NTNumericCredential
that may have been added by the commit method.
logout in interface LoginModuleLoginModule
should not be ignored.
LoginException - if the logout fails.
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||