Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

edu.uiuc.ncsa.myproxy.jaas
Class MyProxyLoginModule

java.lang.Object
  extended byedu.uiuc.ncsa.myproxy.jaas.MyProxyLoginModule
All Implemented Interfaces:
LoginModule
public class MyProxyLoginModule
extends Object
implements LoginModule

MyProxyLoginModule authenticates users against a MyProxy server.

Version:
1.0.0, 10 Aug 2006
Author:
Kevin J. Price
See Also:
LoginContext, MyProxy

Field Summary
static String VERSION
          Version string
 
Constructor Summary
MyProxyLoginModule()
           
 
Method Summary
 boolean abort()
          This method is called if the LoginContext's overall authentication failed.
 boolean commit()
          This method is called if the LoginContext's overall authentication succeeded.
 void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
          Initialize this MyProxyLoginModule.
 boolean login()
          Authenticate the user by prompting for a username and pass phrase, and optionally a credential name.
 boolean logout()
          Logout the user.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

VERSION

public static final String VERSION

Version string

See Also:
Constant Field Values
Constructor Detail

MyProxyLoginModule

public MyProxyLoginModule()
Method Detail

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map sharedState,
                       Map options)
Initialize this MyProxyLoginModule. Load all options from the options Map.

Specified by:
initialize in interface LoginModule
Parameters:
subject - the Subject to be authenticated
callbackHandler - a CallbackHandler for communicating with the end user (prompting for usernames and passwords, for example)
sharedState - state shared with other configured LoginModules
options - options specified by the LoginContext for this particular LoginModule

login

public boolean login()
              throws LoginException
Authenticate the user by prompting for a username and pass phrase, and optionally a credential name. If configured, the shared state will be checked for this information and/or this information will be saved to the shared state. Once this information is obtained, a connection to the MyProxy server is opened, and authentication is attempted. A principal is generated from the returned credential's DN, and both the principal and the credential are stored pending a commit() or abort()

Specified by:
login in interface LoginModule
Returns:
true if the authentication succeeds, or false if this module should be ignored
Throws:
FailedLoginException - if the MyProxy authentication failed
LoginException - if this module is unable to perform the authentication

commit

public boolean commit()
               throws LoginException

This method is called if the LoginContext's overall authentication succeeded. (The relevant LoginModules succeeded.)

If this module's own authentication succeeded, the stored GlobusPrincipal is added to the Subject's principal Set, and the stored GSSCredential is added to the Subject's private credentials Set.

If this module's own authentation failed, then any saved state data is removed.

Specified by:
commit in interface LoginModule
Returns:
true if this method succeeded, or false if this LoginModule should be ingored
Throws:
LoginException - if the commit fails.

abort

public boolean abort()
              throws LoginException

This method is called if the LoginContext's overall authentication failed.

This method cleans up any saved state date and other

Specified by:
abort in interface LoginModule
Returns:
true if this method succeeded, or false if this LoginModule should be ingored
Throws:
LoginException - if the abort fails.

logout

public boolean logout()
               throws LoginException
Logout the user.

This method removes the GlobusPrincipal and the GSSCredential that were added to the Subject by the commit method.

Specified by:
logout in interface LoginModule
Returns:
true if this method succeeded, or false if this LoginModule should be ingored
Throws:
LoginException - if the logout fails.
Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
©2000-2006 Board of Trustees of the University of Illinois.