Class SecurityContextLoginModule

java.lang.Object
org.springframework.security.authentication.jaas.SecurityContextLoginModule
All Implemented Interfaces:
LoginModule

public class SecurityContextLoginModule extends Object implements LoginModule
An implementation of LoginModule that uses a Spring Security SecurityContext to provide authentication.

This LoginModule provides opposite functionality to the JaasAuthenticationProvider API, and should not really be used in conjunction with it.

The JaasAuthenticationProvider allows Spring Security to authenticate against Jaas.

The SecurityContextLoginModule allows a Jaas based application to authenticate against Spring Security. If there is no Authentication in the SecurityContextHolder the login() method will throw a LoginException by default. This functionality can be changed with the ignoreMissingAuthentication option by setting it to "true". Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to simply return false and be ignored if the authentication is null.

  • Constructor Details

    • SecurityContextLoginModule

      public SecurityContextLoginModule()
  • Method Details

    • abort

      public boolean abort()
      Abort the authentication process by forgetting the Spring Security Authentication.
      Specified by:
      abort in interface LoginModule
      Returns:
      true if this method succeeded, or false if this LoginModule should be ignored.
    • commit

      public boolean commit()
      Authenticate the Subject (phase two) by adding the Spring Security Authentication to the Subject's principals.
      Specified by:
      commit in interface LoginModule
      Returns:
      true if this method succeeded, or false if this LoginModule should be ignored.
    • setSecurityContextHolderStrategy

      public void setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy)
      Sets the SecurityContextHolderStrategy to use. The default action is to use the SecurityContextHolderStrategy stored in SecurityContextHolder.
      Since:
      5.8
    • initialize

      public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
      Initialize this LoginModule. Ignores the callback handler, since the code establishing the LoginContext likely won't provide one that understands Spring Security. Also ignores the sharedState and options parameters, since none are recognized.
      Specified by:
      initialize in interface LoginModule
      Parameters:
      subject - the Subject to be authenticated.
      callbackHandler - is ignored
      sharedState - is ignored
      options - are ignored
    • login

      public boolean login() throws LoginException
      Authenticate the Subject (phase one) by extracting the Spring Security Authentication from the current SecurityContext.
      Specified by:
      login in interface LoginModule
      Returns:
      true if the authentication succeeded, or false if this LoginModule should be ignored.
      Throws:
      LoginException - if the authentication fails
    • logout

      public boolean logout()
      Log out the Subject.
      Specified by:
      logout in interface LoginModule
      Returns:
      true if this method succeeded, or false if this LoginModule should be ignored.