AbstractLoginModule (Cams API Documentation)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.cafesoft.cams.auth.login.module
Class AbstractLoginModule

java.lang.Object
  |
  +--com.cafesoft.cams.auth.login.module.AbstractLoginModule

All Implemented Interfaces:: Destroyable, LoggerClient, LoginModule, ServiceClient

public abstract class AbstractLoginModule
extends Object
implements LoginModule, LoggerClient, ServiceClient, Destroyable

Abstract implementation of the LoginModule interface. This class provides implementation for standard methods used to plug LoginModules into the Cams policy server infrastructure. For instance, the ability to set the Logger and ServiceFinder objects. In addition, this method has stubbed out the methods that must be implemented by subclasses.

Since:: 09/09/05
See Also:: LoggerClient, ServiceClient, LoginModule

Field Summary

protected CallbackHandler callbackHandler
          CallbackHandler that provides the means for accessing user supplied data.

protected boolean debug
          Enables/disables debugging.

protected Logger logger
          LoginModule's logger.

protected Map options
          The LoginModule's configuration options.

protected ServiceFinder serviceFinder
          ServiceFinder that makes Cams services available to the LoginModule.

protected Map sharedState
          Map that contains state shared with other configured LoginModules.

protected Subject subject
          The subject being authenticated.

Constructor Summary

AbstractLoginModule()
          Creates a new AbstractLoginModule.

Method Summary

boolean abort()
          Method to abort the authentication process (phase 2).

protected abstract boolean abortAuthentication()
          Abort authentication attempt.

protected abstract boolean associateRoles()
          Associate the roles with the user.

protected abstract boolean authenticate()
          Authenticate the user.

boolean commit()
          Method to commit the authentication process (phase 2).

void destroy()
          Destroy the object and it's resources.

void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
          Initialize this LoginModule.

boolean login()
          Method to authenticate a Subject (phase 1).

boolean logout()
          Method which logs out a Subject.

protected abstract boolean logoutUser()
          Log an authenticated user out.

void setLogger(Logger logger)
          Sets the logger.

void setServiceFinder(ServiceFinder finder)
          Set the ServiceFinder.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

callbackHandler

protected CallbackHandler callbackHandler

CallbackHandler that provides the means for accessing user supplied data.

Since:: 1.0

debug

protected boolean debug

Enables/disables debugging.

Since:: 1.0

logger

protected Logger logger

LoginModule's logger. This logger will write all debug to the security domain specific log file.

Since:: 1.0

options

protected Map options

The LoginModule's configuration options.

Since:: 1.0

serviceFinder

protected ServiceFinder serviceFinder

ServiceFinder that makes Cams services available to the LoginModule.

Since:: 1.0

sharedState

protected Map sharedState

Map that contains state shared with other configured LoginModules.

Since:: 1.0

subject

protected Subject subject

The subject being authenticated.

Constructor Detail

AbstractLoginModule

public AbstractLoginModule()

Creates a new AbstractLoginModule.
Since:: 1.0

Method Detail

setLogger

public final void setLogger(Logger logger)

Sets the logger.

Specified by:: setLogger in interface LoggerClient

Parameters:: logger - logs messages.
Since:: 1.0

setServiceFinder

public final void setServiceFinder(ServiceFinder finder)

Set the ServiceFinder.

Specified by:: setServiceFinder in interface ServiceClient

Parameters:: finder - the class used by find Services by the ServiceClient.
Since:: 1.0

destroy

public void destroy()

Destroy the object and it's resources.

This method when called should free all resources used by this object. In addition, it should render the object unusable. Therefore, this method should only be called once per object.

Specified by:: destroy in interface Destroyable

Since:: 1.0

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map sharedState,
                       Map options)

Initialize this LoginModule.

This method is called by the LoginContext after this LoginModule has been instantiated. The purpose of this method is to initialize this LoginModule with the relevant information. If this LoginModule does not understand any of the data stored in sharedState or options parameters, they can be ignored.

Specified by:: initialize in interface LoginModule

Parameters:: subject - the Subject to be authenticated.; callbackHandler - a CallbackHandler for communicating with the end user (prompting for usernames and passwords, for example).; sharedState - state shared with other configured LoginModules.; options - options specified in the login Configuration for this particular LoginModule.
Since:: 1.0

login

public final boolean login()
                    throws LoginException

Method to authenticate a Subject (phase 1).

The implementation of this method authenticates a Subject. For example, it may prompt for Subject information such as a username and password and then attempt to verify the password. This method saves the result of the authentication attempt as private state within the LoginModule.

Specified by:: login in interface LoginModule

Returns:: true if the authentication succeeded, or false if this LoginModule should be ignored.
Throws:: LoginException - if the authentication fails.
Since:: 1.0

commit

public final boolean commit()
                     throws LoginException

Method to commit the authentication process (phase 2).

This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates relevant Principals and Credentials with the Subject located in the LoginModule. If this LoginModule's own authentication attempted failed, then this method removes/destroys any state that was originally saved.

Specified by:: commit in interface LoginModule

Returns:: true if this method succeeded, or false if this LoginModule should be ignored.
Throws:: LoginException - if the commit fails.
Since:: 1.0

abort

public final boolean abort()
                    throws LoginException

Method to abort the authentication process (phase 2).

This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method cleans up any state that was originally saved.

Specified by:: abort in interface LoginModule

Returns:: true if this method succeeded, or false if this LoginModule should be ignored.
Throws:: LoginException - if the abort fails.
Since:: 1.0

logout

public final boolean logout()
                     throws LoginException

Method which logs out a Subject.

An implementation of this method might remove/destroy a Subject's Principals and Credentials.

Specified by:: logout in interface LoginModule

Returns:: true if this method succeeded, or false if this LoginModule should be ignored.
Throws:: LoginException - if the logout fails

authenticate

protected abstract boolean authenticate()
                                 throws LoginException

Authenticate the user.

Returns:: true if the authentication succeeds, false otherwise.
Throws:: LoginException - if an error occurs authenticating.
Since:: 1.0

associateRoles

protected abstract boolean associateRoles()
                                   throws LoginException

Associate the roles with the user.

Returns:: true if roles successfully are assigned, false otherwise.
Throws:: LoginException - if an error occurs associating user roles.
Since:: 1.0

abortAuthentication

protected abstract boolean abortAuthentication()
                                        throws LoginException

Abort authentication attempt.

Returns:: true if abort succeeded, false otherwise.
Throws:: LoginException - if an error occurs aborting authentication.
Since:: 1.0

logoutUser

protected abstract boolean logoutUser()
                               throws LoginException

Log an authenticated user out.

Returns:: true if logout succeeded, false otherwise.
Throws:: LoginException - if an error occurs logging user out.
Since:: 1.0