Class SecurityContextLoginModule
- java.lang.Object
-
- org.springframework.security.authentication.jaas.SecurityContextLoginModule
-
- All Implemented Interfaces:
javax.security.auth.spi.LoginModule
public class SecurityContextLoginModule extends java.lang.Object implements javax.security.auth.spi.LoginModule
An implementation ofLoginModule
that uses a Spring SecuritySecurityContext
to provide authentication.This LoginModule provides opposite functionality to the
JaasAuthenticationProvider
API, and should not really be used in conjunction with it.The
JaasAuthenticationProvider
allows Spring Security to authenticate against Jaas.The SecurityContextLoginModule allows a Jaas based application to authenticate against Spring Security. If there is no Authentication in the
SecurityContextHolder
the login() method will throw a LoginException by default. This functionality can be changed with the ignoreMissingAuthentication option by setting it to "true". Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to simply return false and be ignored if the authentication is null.
-
-
Constructor Summary
Constructors Constructor Description SecurityContextLoginModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
abort()
Abort the authentication process by forgetting the Spring SecurityAuthentication
.boolean
commit()
Authenticate theSubject
(phase two) by adding the Spring SecurityAuthentication
to theSubject
's principals.void
initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
Initialize thisLoginModule
.boolean
login()
Authenticate theSubject
(phase one) by extracting the Spring SecurityAuthentication
from the currentSecurityContext
.boolean
logout()
Log out theSubject
.
-
-
-
Method Detail
-
abort
public boolean abort()
Abort the authentication process by forgetting the Spring SecurityAuthentication
.- Specified by:
abort
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
javax.security.auth.login.LoginException
- if the abort fails
-
commit
public boolean commit()
Authenticate theSubject
(phase two) by adding the Spring SecurityAuthentication
to theSubject
's principals.- Specified by:
commit
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
javax.security.auth.login.LoginException
- if the commit fails
-
initialize
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
Initialize thisLoginModule
. Ignores the callback handler, since the code establishing theLoginContext
likely won't provide one that understands Spring Security. Also ignores thesharedState
andoptions
parameters, since none are recognized.- Specified by:
initialize
in interfacejavax.security.auth.spi.LoginModule
- Parameters:
subject
- theSubject
to be authenticated.callbackHandler
- is ignoredsharedState
- is ignoredoptions
- are ignored
-
login
public boolean login() throws javax.security.auth.login.LoginException
Authenticate theSubject
(phase one) by extracting the Spring SecurityAuthentication
from the currentSecurityContext
.- Specified by:
login
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true if the authentication succeeded, or false if this
LoginModule
should be ignored. - Throws:
javax.security.auth.login.LoginException
- if the authentication fails
-
logout
public boolean logout()
Log out theSubject
.- Specified by:
logout
in interfacejavax.security.auth.spi.LoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
javax.security.auth.login.LoginException
- if the logout fails
-
-