info.magnolia.jaas.sp.jcr
Class JCRAuthenticationModule

java.lang.Object
  extended by info.magnolia.jaas.sp.AbstractLoginModule
      extended by info.magnolia.jaas.sp.jcr.JCRAuthenticationModule
All Implemented Interfaces:
UserAwareLoginModule, javax.security.auth.spi.LoginModule

public class JCRAuthenticationModule
extends AbstractLoginModule
implements UserAwareLoginModule

Authentication module implementation using JCR to retrieve the users.

Author:
Sameer Charles $Id: JCRAuthenticationModule.java 49089 2011-09-08 14:00:30Z ochytil $

Field Summary
protected  User user
           
 
Fields inherited from class info.magnolia.jaas.sp.AbstractLoginModule
callbackHandler, name, OPTION_REALM, OPTION_SKIP_ON_PREVIOUS_SUCCESS, OPTION_USE_REALM_CALLBACK, options, pswd, realm, sharedState, STATUS, STATUS_FAILED, STATUS_SKIPPED, STATUS_SUCCEDED, STATUS_SUCCEEDED, STATUS_UNAVAILABLE, subject, success, TRY_FIRST_PASS, TRY_MAPPED_PASS, USE_FIRST_PASS, USE_MAPPED_PASS, useRealmCallback
 
Constructor Summary
JCRAuthenticationModule()
           
 
Method Summary
 void collectGroupNames()
          Extract all the configured groups from the given node.
 void collectRoleNames()
          Extract all the configured roles from the given node.
 int getMaxAttempts()
          Get number of failed login attempts before locking account.
 long getTimeLock()
          Get time period for time lockout.
 User getUser()
           
 UserManager getUserManager()
          Override this to support any configured/non-configured user manager.
protected  void initUser()
           
protected  void matchPassword()
           
 boolean release()
          Releases all associated memory.
 void setACL()
          Set access control list from the user, roles and groups.
 void setEntity()
          Set user details.
 void validateUser()
          Checks is the credentials exist in the repository.
 
Methods inherited from class info.magnolia.jaas.sp.AbstractLoginModule
abort, addGroupName, addRoleName, commit, getGroupNames, getRoleNames, getSharedStatus, getSkip, initialize, login, logout, setGroupNames, setRoleNames, setSharedStatus
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

user

protected User user
Constructor Detail

JCRAuthenticationModule

public JCRAuthenticationModule()
Method Detail

getMaxAttempts

public int getMaxAttempts()
Get number of failed login attempts before locking account.


getTimeLock

public long getTimeLock()
Get time period for time lockout.


release

public boolean release()
Releases all associated memory.

Specified by:
release in class AbstractLoginModule

validateUser

public void validateUser()
                  throws javax.security.auth.login.LoginException
Checks is the credentials exist in the repository.

Specified by:
validateUser in class AbstractLoginModule
Throws:
javax.security.auth.login.LoginException - or specific subclasses (which will be handled further for user feedback)

initUser

protected void initUser()

matchPassword

protected void matchPassword()
                      throws javax.security.auth.login.LoginException
Throws:
javax.security.auth.login.LoginException

getUserManager

public UserManager getUserManager()
Override this to support any configured/non-configured user manager.


setEntity

public void setEntity()
Set user details.

Specified by:
setEntity in class AbstractLoginModule

setACL

public void setACL()
Set access control list from the user, roles and groups.

Specified by:
setACL in class AbstractLoginModule

collectRoleNames

public void collectRoleNames()
Extract all the configured roles from the given node. (which can be the user node or a group node)


collectGroupNames

public void collectGroupNames()
Extract all the configured groups from the given node. (which can be the user node or a group node)


getUser

public User getUser()
Specified by:
getUser in interface UserAwareLoginModule


Copyright © 2003-2011 Magnolia International Ltd.. All Rights Reserved.