Class SecurityContextLoginModule
java.lang.Object
org.springframework.security.authentication.jaas.SecurityContextLoginModule
- All Implemented Interfaces:
LoginModule
An implementation of
LoginModule
that uses a Spring Security
SecurityContext
to
provide authentication.
This LoginModule provides opposite functionality to the
JaasAuthenticationProvider
API, and should not really be used in conjunction
with it.
The JaasAuthenticationProvider
allows Spring Security to authenticate against
Jaas.
The SecurityContextLoginModule allows a Jaas based application to authenticate against
Spring Security. If there is no Authentication in the SecurityContextHolder
the
login() method will throw a LoginException by default. This functionality can be
changed with the ignoreMissingAuthentication option by setting it to "true".
Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to
simply return false and be ignored if the authentication is null.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionboolean
abort()
Abort the authentication process by forgetting the Spring SecurityAuthentication
.boolean
commit()
Authenticate theSubject
(phase two) by adding the Spring SecurityAuthentication
to theSubject
's principals.void
initialize
(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) Initialize thisLoginModule
.boolean
login()
Authenticate theSubject
(phase one) by extracting the Spring SecurityAuthentication
from the currentSecurityContext
.boolean
logout()
Log out theSubject
.
-
Constructor Details
-
SecurityContextLoginModule
public SecurityContextLoginModule()
-
-
Method Details
-
abort
public boolean abort()Abort the authentication process by forgetting the Spring SecurityAuthentication
.- Specified by:
abort
in interfaceLoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
LoginException
- if the abort fails
-
commit
public boolean commit()Authenticate theSubject
(phase two) by adding the Spring SecurityAuthentication
to theSubject
's principals.- Specified by:
commit
in interfaceLoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
LoginException
- if the commit fails
-
initialize
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) Initialize thisLoginModule
. Ignores the callback handler, since the code establishing theLoginContext
likely won't provide one that understands Spring Security. Also ignores thesharedState
andoptions
parameters, since none are recognized.- Specified by:
initialize
in interfaceLoginModule
- Parameters:
subject
- theSubject
to be authenticated.callbackHandler
- is ignoredsharedState
- is ignoredoptions
- are ignored
-
login
Authenticate theSubject
(phase one) by extracting the Spring SecurityAuthentication
from the currentSecurityContext
.- Specified by:
login
in interfaceLoginModule
- Returns:
- true if the authentication succeeded, or false if this
LoginModule
should be ignored. - Throws:
LoginException
- if the authentication fails
-
logout
public boolean logout()Log out theSubject
.- Specified by:
logout
in interfaceLoginModule
- Returns:
- true if this method succeeded, or false if this
LoginModule
should be ignored. - Throws:
LoginException
- if the logout fails
-