org.apache.activemq.jaas
Class TextFileCertificateLoginModule
java.lang.Object
org.apache.activemq.jaas.CertificateLoginModule
org.apache.activemq.jaas.TextFileCertificateLoginModule
- All Implemented Interfaces:
- LoginModule
public class TextFileCertificateLoginModule
- extends CertificateLoginModule
A LoginModule allowing for SSL certificate based authentication based on Distinguished Names (DN) stored in text
files.
The DNs are parsed using a Properties class where each line is =.
This class also uses a group definition file where each line is =,,etc.
The user and group files' locations must be specified in the org.apache.activemq.jaas.textfiledn.user and
org.apache.activemq.jaas.textfiledn.user properties respectively.
NOTE: This class will re-read user and group files for every authentication (i.e it does live updates of allowed
groups and users).
- Author:
- sepandm@gmail.com (Sepand)
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TextFileCertificateLoginModule
public TextFileCertificateLoginModule()
initialize
public void initialize(Subject subject,
CallbackHandler callbackHandler,
Map sharedState,
Map options)
- Performs initialization of file paths.
A standard JAAS override.
- Specified by:
initialize
in interface LoginModule
- Overrides:
initialize
in class CertificateLoginModule
getUserNameForCertificates
protected String getUserNameForCertificates(X509Certificate[] certs)
throws LoginException
- Overriding to allow DN authorization based on DNs specified in text files.
- Specified by:
getUserNameForCertificates
in class CertificateLoginModule
- Parameters:
certs
- The certificate the incoming connection provided.
- Returns:
- The user's authenticated name or null if unable to authenticate the user.
- Throws:
LoginException
- Thrown if unable to find user file or connection certificate.
getUserGroups
protected Set getUserGroups(String username)
throws LoginException
- Overriding to allow for group discovery based on text files.
- Specified by:
getUserGroups
in class CertificateLoginModule
- Parameters:
username
- The name of the user being examined. This is the same name returned by
getUserNameForCertificates.
- Returns:
- A Set of name Strings for groups this user belongs to.
- Throws:
LoginException
- Thrown if unable to find group definition file.
Copyright © 2011 Apache Software Foundation. All Rights Reserved.