public class SecurityContextLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule
LoginModule
that uses a Spring Security
SecurityContext
to
provide authentication.
This LoginModule provides opposite functionality to the
JaasAuthenticationProvider
API, and should not really be used in conjunction
with it.
The JaasAuthenticationProvider
allows Spring Security to authenticate against
Jaas.
The SecurityContextLoginModule allows a Jaas based application to authenticate against
Spring Security. If there is no Authentication in the SecurityContextHolder
the
login() method will throw a LoginException by default. This functionality can be
changed with the ignoreMissingAuthentication option by setting it to "true".
Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to
simply return false and be ignored if the authentication is null.
Constructor and Description |
---|
SecurityContextLoginModule() |
Modifier and Type | Method and Description |
---|---|
boolean |
abort()
Abort the authentication process by forgetting the Spring Security
Authentication . |
boolean |
commit()
Authenticate the
Subject (phase two) by adding the Spring Security
Authentication to the Subject 's principals. |
void |
initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler callbackHandler,
java.util.Map sharedState,
java.util.Map options)
Initialize this
LoginModule . |
boolean |
login()
Authenticate the
Subject (phase one) by extracting the Spring Security
Authentication from the current SecurityContext . |
boolean |
logout()
Log out the
Subject . |
public boolean abort()
Authentication
.abort
in interface javax.security.auth.spi.LoginModule
LoginModule
should be ignored.javax.security.auth.login.LoginException
- if the abort failspublic boolean commit()
Subject
(phase two) by adding the Spring Security
Authentication
to the Subject
's principals.commit
in interface javax.security.auth.spi.LoginModule
LoginModule
should be ignored.javax.security.auth.login.LoginException
- if the commit failspublic void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
LoginModule
. Ignores the callback handler, since the
code establishing the LoginContext
likely won't provide one that
understands Spring Security. Also ignores the sharedState
and
options
parameters, since none are recognized.initialize
in interface javax.security.auth.spi.LoginModule
subject
- the Subject
to be authenticated.callbackHandler
- is ignoredsharedState
- is ignoredoptions
- are ignoredpublic boolean login() throws javax.security.auth.login.LoginException
Subject
(phase one) by extracting the Spring Security
Authentication
from the current SecurityContext
.login
in interface javax.security.auth.spi.LoginModule
LoginModule
should be ignored.javax.security.auth.login.LoginException
- if the authentication failspublic boolean logout()
Subject
.logout
in interface javax.security.auth.spi.LoginModule
LoginModule
should be ignored.javax.security.auth.login.LoginException
- if the logout fails