org.ldaptive.jaas

Class LdapRoleAuthorizationModule

java.lang.Object

org.ldaptive.jaas.AbstractLoginModule

org.ldaptive.jaas.LdapRoleAuthorizationModule

All Implemented Interfaces:

LoginModule

public class LdapRoleAuthorizationModule
extends AbstractLoginModule

Provides a JAAS authentication hook into LDAP roles. No authentication is performed in this module. Role data is set for the login name in the shared state or for the name returned by the CallbackHandler.

Field Summary

Fields

Modifier and Type	Field and Description
private boolean	noResultsIsError Whether failing to find any roles should raise an exception.
private String[]	roleAttribute Role attribute to add to role data.
private String	roleFilter Ldap filter for role searches.
private RoleResolver	roleResolver To search for roles.
private RoleResolverFactory	roleResolverFactory Factory for creating role resolvers with JAAS options.
private SearchRequest	searchRequest Search request to use for roles.

Fields inherited from class org.ldaptive.jaas.AbstractLoginModule

callbackHandler, clearPass, commitSuccess, credentials, defaultRole, logger, LOGIN_DN, LOGIN_NAME, LOGIN_PASSWORD, loginSuccess, principalGroupName, principals, roleGroupName, roles, setLdapCredential, setLdapDnPrincipal, setLdapPrincipal, sharedState, storePass, subject, tryFirstPass, useFirstPass

Constructor Summary

Constructors

Constructor and Description
LdapRoleAuthorizationModule()

Method Summary

Modifier and Type	Method and Description
void	initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
protected boolean	login(NameCallback nameCb, PasswordCallback passCb) Authenticates a Subject with the supplied callbacks.
static void	main(String[] args) This provides command line access to this JAAS module.

Methods inherited from class org.ldaptive.jaas.AbstractLoginModule

abort, clearState, commit, getCredentials, login, logout, storeCredentials

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

roleFilter

private String roleFilter

Ldap filter for role searches.

roleAttribute

private String[] roleAttribute

Role attribute to add to role data.

noResultsIsError

private boolean noResultsIsError

Whether failing to find any roles should raise an exception.

roleResolverFactory

private RoleResolverFactory roleResolverFactory

Factory for creating role resolvers with JAAS options.

roleResolver

private RoleResolver roleResolver

To search for roles.

searchRequest

private SearchRequest searchRequest

Search request to use for roles.

Constructor Detail

LdapRoleAuthorizationModule

public LdapRoleAuthorizationModule()

Method Detail

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map<String,?> sharedState,
                       Map<String,?> options)

Specified by:

initialize in interface LoginModule

Overrides:

initialize in class AbstractLoginModule

login

protected boolean login(NameCallback nameCb,
                        PasswordCallback passCb)
                 throws LoginException

Description copied from class: AbstractLoginModule

Authenticates a Subject with the supplied callbacks.

Specified by:

login in class AbstractLoginModule

Parameters:

nameCb - callback handler for subject's name

passCb - callback handler for subject's password

Returns:

true if authentication succeeded, false to ignore this module

Throws:

LoginException - if the authentication fails

main

public static void main(String[] args)
                 throws Exception

This provides command line access to this JAAS module.

Parameters:

args - command line arguments

Throws:

Exception - if an error occurs