org.apache.geronimo.security.jaas.server
Interface JaasLoginServiceMBean

All Superinterfaces:
org.apache.geronimo.management.geronimo.LoginService
All Known Implementing Classes:
JaasLoginService

public interface JaasLoginServiceMBean
extends org.apache.geronimo.management.geronimo.LoginService

Interface used to connect to the JaasLoginService via remoting, etc. This may no longer be necessary?

Version:
$Rev: 391894 $ $Date: 2006-04-06 06:00:33 +0200 (Thu, 06 Apr 2006) $

Method Summary
 JaasSessionId connectToRealm(String realmName)
          Starts a new authentication process on behalf of an end user.
 JaasLoginModuleConfiguration[] getLoginConfiguration(JaasSessionId sessionHandle)
          Gets the login module configuration for the specified realm.
 Callback[] getServerLoginCallbacks(JaasSessionId sessionHandle, int loginModuleIndex)
          Retrieves callbacks for a server side login module.
 void loginFailed(JaasSessionId sessionHandle)
          Indicates that the overall login failed, and the server should release any resources associated with the user ID.
 Principal loginSucceeded(JaasSessionId sessionHandle)
          Indicates that the overall login succeeded.
 void logout(JaasSessionId sessionHandle)
          Indicates that the client has logged out, and the server should release any resources associated with the user ID.
 boolean performCommit(JaasSessionId sessionHandle, int loginModuleIndex)
          Indicates that the overall login succeeded, and some principals were generated by a client-side login module.
 boolean performLogin(JaasSessionId sessionHandle, int loginModuleIndex, Callback[] results)
          Returns populated callbacks for a server side login module.
 Set syncPrincipals(JaasSessionId sessionHandle, Set principals)
          Syncs the set of principals that are on the client with the set of principals that are on the server.
 Map syncShareState(JaasSessionId sessionHandle, Map sharedState)
          Syncs the shared state that's on the client with the shared state that is on the server.
 
Methods inherited from interface org.apache.geronimo.management.geronimo.LoginService
getExpiredLoginScanIntervalMillis, getMaxLoginDurationMillis, getObjectName, getRealms, setExpiredLoginScanIntervalMillis, setMaxLoginDurationMillis, setRealms
 

Method Detail

connectToRealm

public JaasSessionId connectToRealm(String realmName)
Starts a new authentication process on behalf of an end user. The returned session id will identify that user throughout the user's interaction with the server. On the server side, that means maintaining the Subject and Principals for the user.

Returns:
The JaasSessionId used as an argument for the rest of the methods in this class.

getLoginConfiguration

public JaasLoginModuleConfiguration[] getLoginConfiguration(JaasSessionId sessionHandle)
                                                     throws LoginException
Gets the login module configuration for the specified realm. The caller needs that in order to perform the authentication process.

Throws:
LoginException

getServerLoginCallbacks

public Callback[] getServerLoginCallbacks(JaasSessionId sessionHandle,
                                          int loginModuleIndex)
                                   throws LoginException
Retrieves callbacks for a server side login module. When the client is going through the configured login modules, if a specific login module is client-side, it will be handled directly. If it is server-side, the client gets the callbacks (using this method), populates them, and sends them back to the server.

Throws:
LoginException

performLogin

public boolean performLogin(JaasSessionId sessionHandle,
                            int loginModuleIndex,
                            Callback[] results)
                     throws LoginException
Returns populated callbacks for a server side login module. When the client is going through the configured login modules, if a specific login module is client-side, it will be handled directly. If it is server-side, the client gets the callbacks, populates them, and sends them back to the server (using this method).

Throws:
LoginException

performCommit

public boolean performCommit(JaasSessionId sessionHandle,
                             int loginModuleIndex)
                      throws LoginException
Indicates that the overall login succeeded, and some principals were generated by a client-side login module. This method needs to be called once for each client-side login module, to specify Principals for each module.

Throws:
LoginException

loginSucceeded

public Principal loginSucceeded(JaasSessionId sessionHandle)
                         throws LoginException
Indicates that the overall login succeeded. All login modules that were touched should have been logged in and committed before calling this.

Parameters:
sessionHandle - the handle to the login session
Returns:
the identifier principal
Throws:
LoginException - if the handle is no longer valid.

loginFailed

public void loginFailed(JaasSessionId sessionHandle)
Indicates that the overall login failed, and the server should release any resources associated with the user ID.


logout

public void logout(JaasSessionId sessionHandle)
            throws LoginException
Indicates that the client has logged out, and the server should release any resources associated with the user ID.

Throws:
LoginException

syncShareState

public Map syncShareState(JaasSessionId sessionHandle,
                          Map sharedState)
                   throws LoginException
Syncs the shared state that's on the client with the shared state that is on the server.

Parameters:
sessionHandle -
sharedState - the shared state that is on the client
Returns:
the sync'd shared state that is on the server
Throws:
LoginException

syncPrincipals

public Set syncPrincipals(JaasSessionId sessionHandle,
                          Set principals)
                   throws LoginException
Syncs the set of principals that are on the client with the set of principals that are on the server.

Parameters:
sessionHandle -
principals - the set of principals that are on the client side
Returns:
the sync'd set of principals that are on the server
Throws:
LoginException


Copyright © 2003-2007 Apache Software Foundation. All Rights Reserved.