org.apache.geronimo.security.realm.providers
Class CertificateChainLoginModule
java.lang.Object
org.apache.geronimo.security.realm.providers.CertificateChainLoginModule
- All Implemented Interfaces:
- LoginModule
public class CertificateChainLoginModule
- extends Object
- implements LoginModule
An example LoginModule that reads a list of users and group from a file on disk.
Authentication is provided by the SSL layer supplying the client certificate.
All we check is that it is present. The
file should be formatted using standard Java properties syntax. Expects
to be run by a GenericSecurityRealm (doesn't work on its own).
The usersURI property file should have lines of the form token=certificatename
where certificate name is X509Certificate.getSubjectX500Principal().getName()
The groupsURI property file should have lines of the form group=token1,token2,...
where the tokens were associated to the certificate names in the usersURI properties file.
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
CertificateChainLoginModule
public CertificateChainLoginModule()
initialize
public void initialize(Subject subject,
CallbackHandler callbackHandler,
Map sharedState,
Map options)
- Specified by:
initialize in interface LoginModule
login
public boolean login()
throws LoginException
- Specified by:
login in interface LoginModule
- Throws:
LoginException
commit
public boolean commit()
throws LoginException
- Specified by:
commit in interface LoginModule
- Throws:
LoginException
abort
public boolean abort()
throws LoginException
- Specified by:
abort in interface LoginModule
- Throws:
LoginException
logout
public boolean logout()
throws LoginException
- Specified by:
logout in interface LoginModule
- Throws:
LoginException
getPrincipalClassNames
public String[] getPrincipalClassNames()
- Gets the names of all principal classes that may be populated into
a Subject.
Copyright © 2006 Apache Software Foundation. All Rights Reserved.