org.picketlink.identity.federation.core.wstrust.auth
Class STSIssuingLoginModule
java.lang.Object
org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule
org.picketlink.identity.federation.core.wstrust.auth.STSIssuingLoginModule
- All Implemented Interfaces:
- LoginModule
public class STSIssuingLoginModule
- extends AbstractSTSLoginModule
JAAS LoginModule for JBoss STS (Security Token Service) that issues security tokens.
Configuration example
<application-policy name="saml-issue-token">
<authentication>
<login-module code="org.picketlink.identity.federation.core.wstrust.auth.STSIssuingLoginModule" flag="required">
<module-option name="configFile">/sts-client.properties</module-option>
<module-option name="endpointURI"></module-option>
<module-option name="tokenType"></module-option>
</login-module>
</authentication>
</application-policy>
This login module expects to be created with a callback handler that can handle NameCallback
and a
PasswordCallback
, which should be match the username and password for whom a security token will be issued.
- Author:
- Daniel Bevenius
Fields inherited from class org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule |
callbackHandler, enableCacheInvalidation, ENDPOINT_ADDRESS, injectCallerPrincipalGroup, IS_BATCH, isBatch, logger, options, OPTIONS_CREDENTIALS, OPTIONS_PW_STACKING, PASSWORD_KEY, passwordStacking, PORT_NAME, ROLE_KEY, roleKey, samlToken, securityDomain, SERVICE_NAME, SHARED_TOKEN, sharedState, STS_CONFIG_FILE, subject, success, useFirstPass, useOptionsCredentials, USERNAME_KEY |
Methods inherited from class org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule |
abort, commit, createBuilder, createWSTrustClient, getCallbackHandler, getConfiguration, getMappingManager, getOptions, getRequiredOption, getSharedPassword, getSharedToken, getSharedUsername, getSubject, isSuccess, isUseFirstPass, isUseOptionsConfig, isUsePasswordStacking, login, logout, populateSubject, removeAllSamlCredentials, setSamlToken, setSharedToken, setSuccess, useCredentialsFromCallback, useCredentialsFromOptions, useCredentialsFromSharedState |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ENDPOINT_OPTION
public static final String ENDPOINT_OPTION
- See Also:
- Constant Field Values
TOKEN_TYPE_OPTION
public static final String TOKEN_TYPE_OPTION
- See Also:
- Constant Field Values
STSIssuingLoginModule
public STSIssuingLoginModule()
initialize
public void initialize(Subject subject,
CallbackHandler callbackHandler,
Map<String,?> sharedState,
Map<String,?> options)
- Description copied from class:
AbstractSTSLoginModule
- Initialized this login module. Simple stores the passed in fields and also validates the options.
- Specified by:
initialize
in interface LoginModule
- Overrides:
initialize
in class AbstractSTSLoginModule
- Parameters:
subject
- The subject to authenticate/populate.callbackHandler
- The callbackhandler that will gather information required by this login module.sharedState
- State that is shared with other login modules. Used when modules are chained/stacked.options
- The options that were specified for this login module.
invokeSTS
public Element invokeSTS(STSClient stsClient)
throws WSTrustException
- This method will issue a token for the configured user.
- Specified by:
invokeSTS
in class AbstractSTSLoginModule
- Returns:
- Element The issued element.
- Throws:
LoginException
- If an error occurs while trying to perform the authentication.
WSTrustException
Copyright © 2013 JBoss by Red Hat. All Rights Reserved.