org.apache.geronimo.security.jaas.server
Class JaasLoginService

java.lang.Object
  extended byorg.apache.geronimo.security.jaas.server.JaasLoginService
All Implemented Interfaces:
org.apache.geronimo.gbean.GBeanLifecycle, JaasLoginServiceMBean, org.apache.geronimo.management.geronimo.LoginService

public class JaasLoginService
extends Object
implements org.apache.geronimo.gbean.GBeanLifecycle, JaasLoginServiceMBean

The single point of contact for Geronimo JAAS realms. Instead of attempting to interact with JAAS realms directly, a client should either interact with this service, or use a LoginModule implementation that interacts with this service.

Version:
$Rev: 391894 $ $Date: 2006-04-06 06:00:33 +0200 (Thu, 06 Apr 2006) $

Field Summary
static org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO
           
static org.apache.commons.logging.Log log
           
 
Constructor Summary
JaasLoginService(String algorithm, String password, ClassLoader classLoader, String objectName)
           
 
Method Summary
 JaasSessionId connectToRealm(String realmName)
          Starts a new authentication process on behalf of an end user.
 void doFail()
           
 void doStart()
           
 void doStop()
           
 int getExpiredLoginScanIntervalMillis()
          GBean property
static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()
           
 JaasLoginModuleConfiguration[] getLoginConfiguration(JaasSessionId sessionHandle)
          Gets the login module configuration for the specified realm.
 int getMaxLoginDurationMillis()
          GBean property
 String getObjectName()
           
 Collection getRealms()
          GBean property
 Callback[] getServerLoginCallbacks(JaasSessionId sessionHandle, int loginModuleIndex)
          Retrieves callbacks for a server side login module.
 void loginFailed(JaasSessionId sessionHandle)
          Indicates that the overall login failed, and the server should release any resources associated with the user ID.
 Principal loginSucceeded(JaasSessionId sessionHandle)
          Indicates that the overall login succeeded.
 void logout(JaasSessionId sessionHandle)
          Indicates that the client has logged out, and the server should release any resources associated with the user ID.
 boolean performCommit(JaasSessionId sessionHandle, int loginModuleIndex)
          Indicates that the overall login succeeded, and some principals were generated by a client-side login module.
 boolean performLogin(JaasSessionId sessionHandle, int loginModuleIndex, Callback[] results)
          Returns populated callbacks for a server side login module.
 void setExpiredLoginScanIntervalMillis(int expiredLoginScanIntervalMillis)
          GBean property
 void setMaxLoginDurationMillis(int maxLoginDurationMillis)
          GBean property
 void setRealms(Collection realms)
          GBean property
 Set syncPrincipals(JaasSessionId sessionHandle, Set principals)
          Syncs the set of principals that are on the client with the set of principals that are on the server.
 Map syncShareState(JaasSessionId sessionHandle, Map sharedState)
          Syncs the shared state that's on thye client with the shared state that is on the server.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

public static final org.apache.commons.logging.Log log

GBEAN_INFO

public static final org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO
Constructor Detail

JaasLoginService

public JaasLoginService(String algorithm,
                        String password,
                        ClassLoader classLoader,
                        String objectName)
Method Detail

getObjectName

public String getObjectName()
Specified by:
getObjectName in interface org.apache.geronimo.management.geronimo.LoginService

getRealms

public Collection getRealms()
GBean property

Specified by:
getRealms in interface org.apache.geronimo.management.geronimo.LoginService

setRealms

public void setRealms(Collection realms)
GBean property

Specified by:
setRealms in interface org.apache.geronimo.management.geronimo.LoginService

getMaxLoginDurationMillis

public int getMaxLoginDurationMillis()
GBean property

Specified by:
getMaxLoginDurationMillis in interface org.apache.geronimo.management.geronimo.LoginService

setMaxLoginDurationMillis

public void setMaxLoginDurationMillis(int maxLoginDurationMillis)
GBean property

Specified by:
setMaxLoginDurationMillis in interface org.apache.geronimo.management.geronimo.LoginService

getExpiredLoginScanIntervalMillis

public int getExpiredLoginScanIntervalMillis()
GBean property

Specified by:
getExpiredLoginScanIntervalMillis in interface org.apache.geronimo.management.geronimo.LoginService

setExpiredLoginScanIntervalMillis

public void setExpiredLoginScanIntervalMillis(int expiredLoginScanIntervalMillis)
GBean property

Specified by:
setExpiredLoginScanIntervalMillis in interface org.apache.geronimo.management.geronimo.LoginService

doStart

public void doStart()
             throws Exception
Specified by:
doStart in interface org.apache.geronimo.gbean.GBeanLifecycle
Throws:
Exception

doStop

public void doStop()
            throws Exception
Specified by:
doStop in interface org.apache.geronimo.gbean.GBeanLifecycle
Throws:
Exception

doFail

public void doFail()
Specified by:
doFail in interface org.apache.geronimo.gbean.GBeanLifecycle

connectToRealm

public JaasSessionId connectToRealm(String realmName)
Starts a new authentication process on behalf of an end user. The returned ID will identify that user throughout the user's interaction with the server. On the server side, that means maintaining the Subject and Principals for the user.

Specified by:
connectToRealm in interface JaasLoginServiceMBean
Returns:
The client handle used as an argument for the rest of the methods in this class.

getLoginConfiguration

public JaasLoginModuleConfiguration[] getLoginConfiguration(JaasSessionId sessionHandle)
                                                     throws LoginException
Gets the login module configuration for the specified realm. The caller needs that in order to perform the authentication process.

Specified by:
getLoginConfiguration in interface JaasLoginServiceMBean
Throws:
LoginException

getServerLoginCallbacks

public Callback[] getServerLoginCallbacks(JaasSessionId sessionHandle,
                                          int loginModuleIndex)
                                   throws LoginException
Retrieves callbacks for a server side login module. When the client is going through the configured login modules, if a specific login module is client-side, it will be handled directly. If it is server-side, the client gets the callbacks (using this method), populates them, and sends them back to the server.

Specified by:
getServerLoginCallbacks in interface JaasLoginServiceMBean
Throws:
LoginException

performLogin

public boolean performLogin(JaasSessionId sessionHandle,
                            int loginModuleIndex,
                            Callback[] results)
                     throws LoginException
Returns populated callbacks for a server side login module. When the client is going through the configured login modules, if a specific login module is client-side, it will be handled directly. If it is server-side, the client gets the callbacks, populates them, and sends them back to the server (using this method).

Specified by:
performLogin in interface JaasLoginServiceMBean
Throws:
LoginException

performCommit

public boolean performCommit(JaasSessionId sessionHandle,
                             int loginModuleIndex)
                      throws LoginException
Indicates that the overall login succeeded, and some principals were generated by a client-side login module. This method needs to be called once for each client-side login module, to specify Principals for each module.

Specified by:
performCommit in interface JaasLoginServiceMBean
Throws:
LoginException

loginSucceeded

public Principal loginSucceeded(JaasSessionId sessionHandle)
                         throws LoginException
Indicates that the overall login succeeded. All login modules that were touched should have been logged in and committed before calling this.

Specified by:
loginSucceeded in interface JaasLoginServiceMBean
Parameters:
sessionHandle - the handle to the login session
Returns:
the identifier principal
Throws:
LoginException - if the handle is no longer valid.

loginFailed

public void loginFailed(JaasSessionId sessionHandle)
Indicates that the overall login failed, and the server should release any resources associated with the user ID.

Specified by:
loginFailed in interface JaasLoginServiceMBean

logout

public void logout(JaasSessionId sessionHandle)
            throws LoginException
Indicates that the client has logged out, and the server should release any resources associated with the user ID.

Specified by:
logout in interface JaasLoginServiceMBean
Throws:
LoginException

syncShareState

public Map syncShareState(JaasSessionId sessionHandle,
                          Map sharedState)
                   throws LoginException
Syncs the shared state that's on thye client with the shared state that is on the server.

Specified by:
syncShareState in interface JaasLoginServiceMBean
Parameters:
sessionHandle -
sharedState - the shared state that is on the client
Returns:
the sync'd shared state that is on the server
Throws:
LoginException

syncPrincipals

public Set syncPrincipals(JaasSessionId sessionHandle,
                          Set principals)
                   throws LoginException
Syncs the set of principals that are on the client with the set of principals that are on the server.

Specified by:
syncPrincipals in interface JaasLoginServiceMBean
Parameters:
sessionHandle -
principals - the set of principals that are on the client side
Returns:
the sync'd set of principals that are on the server
Throws:
LoginException

getGBeanInfo

public static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()


Copyright © 2003-2007 Apache Software Foundation. All Rights Reserved.