public class AdvancedLdapLoginModule extends CommonLoginModule
Modifier and Type | Field and Description |
---|---|
protected boolean |
allowEmptyPassword |
protected String |
baseCtxDN |
protected String |
baseFilter |
protected String |
bindAuthentication |
protected String |
bindCredential |
protected String |
bindDn |
protected String |
jaasSecurityDomain |
protected boolean |
recurseRoles |
protected String |
referralUserAttributeIDToCheck |
protected String |
roleAttributeID |
protected boolean |
roleAttributeIsDN |
protected String |
roleFilter |
protected String |
roleNameAttributeID |
protected String |
rolesCtxDN |
protected SearchControls |
roleSearchControls |
protected int |
searchTimeLimit |
protected SearchControls |
userSearchControls |
callbackHandler, log, loginOk, options, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
Constructor and Description |
---|
AdvancedLdapLoginModule() |
Modifier and Type | Method and Description |
---|---|
protected void |
authenticate(String userDN) |
protected String |
canonicalize(String searchResult) |
protected LdapContext |
constructLdapContext(String dn,
Object credential,
String authentication) |
protected Properties |
createBaseProperties() |
protected String |
findUserDN(LdapContext ctx) |
protected Group[] |
getRoleSets()
Overriden by subclasses to return the Groups that correspond to the
to the role sets assigned to the user.
|
void |
initialize(Subject subject,
CallbackHandler handler,
Map sharedState,
Map options)
Initialize the login module.
|
protected Boolean |
innerLogin() |
protected void |
loadRoleByRoleNameAttributeID(LdapContext searchContext,
String roleDN) |
boolean |
login()
Looks for javax.security.auth.login.name and javax.security.auth.login.password
values in the sharedState map if the useFirstPass option was true and returns
true if they exist.
|
protected void |
obtainRole(LdapContext searchContext,
String dn,
SearchResult sr) |
protected void |
recurseRolesSearch(LdapContext searchContext,
String roleDN) |
protected void |
rolesSearch(LdapContext searchContext,
String dn) |
protected void |
traceLdapEnv(Properties env) |
getCredential, getIdentity, processIdentityAndCredential, setIdentity
abort, addValidOptions, checkOptions, commit, createGroup, createIdentity, getCallerPrincipalGroup, getUnauthenticatedIdentity, getUseFirstPass, logout
protected String bindAuthentication
protected String bindDn
protected String bindCredential
protected String jaasSecurityDomain
protected String baseCtxDN
protected String baseFilter
protected int searchTimeLimit
protected SearchControls userSearchControls
protected String rolesCtxDN
protected String roleFilter
protected boolean recurseRoles
protected SearchControls roleSearchControls
protected String roleAttributeID
protected boolean roleAttributeIsDN
protected String roleNameAttributeID
protected String referralUserAttributeIDToCheck
protected boolean allowEmptyPassword
public void initialize(Subject subject, CallbackHandler handler, Map sharedState, Map options)
AbstractServerLoginModule
initialize
in interface LoginModule
initialize
in class AbstractServerLoginModule
subject
- the Subject to update after a successful login.handler
- the CallbackHandler that will be used to obtain the
the user identity and credentials.sharedState
- a Map shared between all configured login module instancesoptions
- the parameters passed to the login module.public boolean login() throws LoginException
AbstractServerLoginModule
login
in interface LoginModule
login
in class AbstractServerLoginModule
LoginException
protected Group[] getRoleSets() throws LoginException
AbstractServerLoginModule
getRoleSets
in class AbstractServerLoginModule
LoginException
protected Boolean innerLogin() throws LoginException
LoginException
protected LdapContext constructLdapContext(String dn, Object credential, String authentication) throws LoginException
LoginException
protected Properties createBaseProperties()
protected String findUserDN(LdapContext ctx) throws LoginException
LoginException
protected void authenticate(String userDN) throws LoginException
LoginException
protected void rolesSearch(LdapContext searchContext, String dn) throws LoginException
LoginException
protected void obtainRole(LdapContext searchContext, String dn, SearchResult sr) throws NamingException, LoginException
NamingException
LoginException
protected void loadRoleByRoleNameAttributeID(LdapContext searchContext, String roleDN)
protected void recurseRolesSearch(LdapContext searchContext, String roleDN) throws LoginException
LoginException
protected void traceLdapEnv(Properties env)
Copyright © 2013 JBoss by Red Hat. All Rights Reserved.