org.jboss.security.negotiation
Class AdvancedLdapLoginModule
java.lang.Object
org.jboss.security.auth.spi.AbstractServerLoginModule
org.jboss.security.negotiation.AdvancedLdapLoginModule
- All Implemented Interfaces:
- LoginModule
- Direct Known Subclasses:
- AdvancedLdapLoginModule
public class AdvancedLdapLoginModule
- extends org.jboss.security.auth.spi.AbstractServerLoginModule
Another LDAP LoginModule to take into account requirements
for different authentication mechanisms and full support
for password-stacking set to useFirstPass.
This is essentially a complete refactoring of the LdapExtLoginModule
but with enough restructuring to separate out the three login steps: -
-1 Find the user
-2 Authenticate as the user
-3 Find the users roles
Configuration should allow for any of the three actions to be
skipped based on the requirements for the environment making
use of this login module.
- Since:
- 3rd July 2008
- Author:
- darran.lofthouse@jboss.com
Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule |
callbackHandler, log, loginOk, options, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass |
Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule |
abort, commit, createGroup, createIdentity, getUnauthenticatedIdentity, getUseFirstPass, logout |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
bindAuthentication
protected String bindAuthentication
bindDn
protected String bindDn
bindCredential
protected String bindCredential
jaasSecurityDomain
protected String jaasSecurityDomain
baseCtxDN
protected String baseCtxDN
baseFilter
protected String baseFilter
searchTimeLimit
protected int searchTimeLimit
userSearchControls
protected SearchControls userSearchControls
rolesCtxDN
protected String rolesCtxDN
roleFilter
protected String roleFilter
recurseRoles
protected boolean recurseRoles
roleSearchControls
protected SearchControls roleSearchControls
roleAttributeID
protected String roleAttributeID
roleAttributeIsDN
protected boolean roleAttributeIsDN
roleNameAttributeID
protected String roleNameAttributeID
allowEmptyPassword
protected boolean allowEmptyPassword
AdvancedLdapLoginModule
public AdvancedLdapLoginModule()
initialize
public void initialize(Subject subject,
CallbackHandler handler,
Map sharedState,
Map options)
- Specified by:
initialize
in interface LoginModule
- Overrides:
initialize
in class org.jboss.security.auth.spi.AbstractServerLoginModule
login
public boolean login()
throws LoginException
- Specified by:
login
in interface LoginModule
- Overrides:
login
in class org.jboss.security.auth.spi.AbstractServerLoginModule
- Throws:
LoginException
getIdentity
protected Principal getIdentity()
- Specified by:
getIdentity
in class org.jboss.security.auth.spi.AbstractServerLoginModule
getRoleSets
protected Group[] getRoleSets()
throws LoginException
- Specified by:
getRoleSets
in class org.jboss.security.auth.spi.AbstractServerLoginModule
- Throws:
LoginException
innerLogin
protected Boolean innerLogin()
throws LoginException
- Throws:
LoginException
processIdentityAndCredential
protected void processIdentityAndCredential()
throws LoginException
- Either retrieve existing values based on useFirstPass or use
CallBackHandler to obtain the values.
- Throws:
LoginException
constructLdapContext
protected LdapContext constructLdapContext(String dn,
Object credential,
String authentication)
throws LoginException
- Throws:
LoginException
findUserDN
protected String findUserDN(LdapContext ctx)
throws LoginException
- Throws:
LoginException
authenticate
protected void authenticate(String userDN)
throws LoginException
- Throws:
LoginException
rolesSearch
protected void rolesSearch(LdapContext searchContext,
String dn)
throws LoginException
- Throws:
LoginException
obtainRole
protected void obtainRole(LdapContext searchContext,
String dn)
throws NamingException,
LoginException
- Throws:
NamingException
LoginException
traceLdapEnv
protected void traceLdapEnv(Properties env)
Copyright © 2010 JBoss, a division of Red Hat, Inc.. All Rights Reserved.