Class SecurityContextLoginModule
- java.lang.Object
- 
- org.springframework.security.authentication.jaas.SecurityContextLoginModule
 
- 
- All Implemented Interfaces:
- javax.security.auth.spi.LoginModule
 
 public class SecurityContextLoginModule extends java.lang.Object implements javax.security.auth.spi.LoginModuleAn implementation ofLoginModulethat uses a Spring SecuritySecurityContextto provide authentication.This LoginModule provides opposite functionality to the JaasAuthenticationProviderAPI, and should not really be used in conjunction with it.The JaasAuthenticationProviderallows Spring Security to authenticate against Jaas.The SecurityContextLoginModule allows a Jaas based application to authenticate against Spring Security. If there is no Authentication in the SecurityContextHolderthe login() method will throw a LoginException by default. This functionality can be changed with the ignoreMissingAuthentication option by setting it to "true". Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to simply return false and be ignored if the authentication is null.
- 
- 
Constructor SummaryConstructors Constructor Description SecurityContextLoginModule()
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanabort()Abort the authentication process by forgetting the Spring SecurityAuthentication.booleancommit()Authenticate theSubject(phase two) by adding the Spring SecurityAuthenticationto theSubject's principals.voidinitialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)Initialize thisLoginModule.booleanlogin()Authenticate theSubject(phase one) by extracting the Spring SecurityAuthenticationfrom the currentSecurityContext.booleanlogout()Log out theSubject.
 
- 
- 
- 
Method Detail- 
abortpublic boolean abort() Abort the authentication process by forgetting the Spring SecurityAuthentication.- Specified by:
- abortin interface- javax.security.auth.spi.LoginModule
- Returns:
- true if this method succeeded, or false if this LoginModuleshould be ignored.
- Throws:
- javax.security.auth.login.LoginException- if the abort fails
 
 - 
commitpublic boolean commit() Authenticate theSubject(phase two) by adding the Spring SecurityAuthenticationto theSubject's principals.- Specified by:
- commitin interface- javax.security.auth.spi.LoginModule
- Returns:
- true if this method succeeded, or false if this LoginModuleshould be ignored.
- Throws:
- javax.security.auth.login.LoginException- if the commit fails
 
 - 
initializepublic void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)Initialize thisLoginModule. Ignores the callback handler, since the code establishing theLoginContextlikely won't provide one that understands Spring Security. Also ignores thesharedStateandoptionsparameters, since none are recognized.- Specified by:
- initializein interface- javax.security.auth.spi.LoginModule
- Parameters:
- subject- the- Subjectto be authenticated.
- callbackHandler- is ignored
- sharedState- is ignored
- options- are ignored
 
 - 
loginpublic boolean login() throws javax.security.auth.login.LoginExceptionAuthenticate theSubject(phase one) by extracting the Spring SecurityAuthenticationfrom the currentSecurityContext.- Specified by:
- loginin interface- javax.security.auth.spi.LoginModule
- Returns:
- true if the authentication succeeded, or false if this
 LoginModuleshould be ignored.
- Throws:
- javax.security.auth.login.LoginException- if the authentication fails
 
 - 
logoutpublic boolean logout() Log out theSubject.- Specified by:
- logoutin interface- javax.security.auth.spi.LoginModule
- Returns:
- true if this method succeeded, or false if this LoginModuleshould be ignored.
- Throws:
- javax.security.auth.login.LoginException- if the logout fails
 
 
- 
 
-