|
|||||||||
| Home >> All >> org >> acegisecurity >> providers >> [ jaas overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
org.acegisecurity.providers.jaas
Class JaasAuthenticationProvider
java.lang.Objectorg.acegisecurity.providers.jaas.JaasAuthenticationProvider
- All Implemented Interfaces:
- org.springframework.context.ApplicationContextAware, org.springframework.context.ApplicationListener, org.acegisecurity.providers.AuthenticationProvider, java.util.EventListener, org.springframework.beans.factory.InitializingBean
- public class JaasAuthenticationProvider
- extends java.lang.Object
- implements org.acegisecurity.providers.AuthenticationProvider, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationContextAware, org.springframework.context.ApplicationListener
- extends java.lang.Object
An org.acegisecurity.providers.AuthenticationProvider implementation that retrieves user details from a JAAS login configuration.
This AuthenticationProvider is capable of validating org.acegisecurity.providers.UsernamePasswordAuthenticationToken
requests contain the correct username and password.
This implementation is backed by a JAAS configuration. The loginConfig property must be set to a given JAAS configuration file. This setter accepts a Spring org.springframework.core.io.Resource instance. It should point to a JAAS configuration file containing an index matching the loginContextName 55 property.
For example: If this JaasAuthenticationProvider were configured in a Spring WebApplicationContext the xml to set the loginConfiguration could be as follows...
<property name="loginConfig"> <value>/WEB-INF/login.conf</value> </property>
The loginContextName should coincide with a given index in the loginConfig specifed. The loginConfig file used in the JUnit tests appears as the following...
JAASTest {
org.acegisecurity.providers.jaas.TestLoginModule required;
};
Using the example login configuration above, the loginContextName property
would be set as JAASTest...
<property name="loginContextName"> <value>JAASTest</value> </property>
When using JAAS login modules as the authentication source, sometimes the LoginContext will require CallbackHandlers. The JaasAuthenticationProvider uses an internal CallbackHandler to wrap the JaasAuthenticationCallbackHandlers configured in the ApplicationContext. When the LoginContext calls the internal CallbackHandler, control is passed to each JaasAuthenticationCallbackHandler for each Callback passed.
{JaasAuthenticationCallbackHandlers are passed to the JaasAuthenticationProvider through the callbackHandlers 55 property. }
<property name="callbackHandlers"> <list> <bean class="org.acegisecurity.providers.jaas.TestCallbackHandler"/> <bean class="org.acegisecurity.providers.jaas.JaasNameCallbackHandler"/> <bean class="org.acegisecurity.providers.jaas.JaasPasswordCallbackHandler"/> </list> </property>
After calling LoginContext.login(), the JaasAuthenticationProvider will
retrieve the returned Principals from the Subject
(LoginContext.getSubject().getPrincipals). Each returned principal is then
passed to the configured AuthorityGranters. An AuthorityGranter is
a mapping between a returned Principal, and a role name. If an
AuthorityGranter wishes to grant an Authorization a role, it returns that
role name from it's AuthorityGranter.grant(java.security.Principal) 55
method. The returned role will be applied to the Authorization object as a
GrantedAuthority.
AuthorityGranters are configured in spring xml as follows...
<property name="authorityGranters"> <list> <bean class="org.acegisecurity.providers.jaas.TestAuthorityGranter"/> </list> </property>A configuration note: The JaasAuthenticationProvider uses the security properites "e;login.config.url.X"e; to configure jaas. If you would like to customize the way Jaas gets configured, create a subclass of this and override the
configureJaas(Resource) 55 method.
- Version:
- $Id: JaasAuthenticationProvider.java,v 1.15 2005/11/17 00:55:52 benalex Exp $
| Nested Class Summary | |
private class |
JaasAuthenticationProvider.InternalCallbackHandler
Wrapper class for JAASAuthenticationCallbackHandlers |
| Field Summary | |
private AuthorityGranter[] |
authorityGranters
|
private JaasAuthenticationCallbackHandler[] |
callbackHandlers
|
private org.springframework.context.ApplicationContext |
context
|
protected static org.apache.commons.logging.Log |
log
|
private org.springframework.core.io.Resource |
loginConfig
|
private java.lang.String |
loginContextName
|
private LoginExceptionResolver |
loginExceptionResolver
|
| Constructor Summary | |
JaasAuthenticationProvider()
|
|
| Method Summary | |
void |
afterPropertiesSet()
Invoked by a BeanFactory after it has set all bean properties supplied (and satisfied BeanFactoryAware and ApplicationContextAware). |
org.acegisecurity.Authentication |
authenticate(org.acegisecurity.Authentication auth)
Attempts to login the user given the Authentication objects principal and credential |
protected void |
configureJaas(org.springframework.core.io.Resource loginConfig)
Hook method for configuring Jaas |
private void |
configureJaasUsingLoop()
Loops through the login.config.url.1,login.config.url.2 properties looking for the login configuration. |
org.springframework.context.ApplicationContext |
getApplicationContext()
|
AuthorityGranter[] |
getAuthorityGranters()
Returns the AuthorityGrannter array that was passed to the setAuthorityGranters(AuthorityGranter[]) 55 method, or null if it none
were ever set. |
JaasAuthenticationCallbackHandler[] |
getCallbackHandlers()
Returns the current JaasAuthenticationCallbackHandler array, or null if none are set. |
org.springframework.core.io.Resource |
getLoginConfig()
|
java.lang.String |
getLoginContextName()
|
LoginExceptionResolver |
getLoginExceptionResolver()
|
protected void |
handleLogout(org.acegisecurity.ui.session.HttpSessionDestroyedEvent event)
Handles the logout by getting the SecurityContext for the session that was destroyed. |
void |
onApplicationEvent(org.springframework.context.ApplicationEvent applicationEvent)
Handle an application event. |
protected void |
publishFailureEvent(org.acegisecurity.providers.UsernamePasswordAuthenticationToken token,
org.acegisecurity.AcegiSecurityException ase)
Publishes the org.acegisecurity.providers.jaas.event.JaasAuthenticationFailedEvent. |
protected void |
publishSuccessEvent(org.acegisecurity.providers.UsernamePasswordAuthenticationToken token)
Publishes the org.acegisecurity.providers.jaas.event.JaasAuthenticationSuccessEvent. |
void |
setApplicationContext(org.springframework.context.ApplicationContext applicationContext)
Set the ApplicationContext that this object runs in. |
void |
setAuthorityGranters(AuthorityGranter[] authorityGranters)
Set the AuthorityGranters that should be consulted for role names to be granted to the Authentication. |
void |
setCallbackHandlers(JaasAuthenticationCallbackHandler[] callbackHandlers)
Set the JAASAuthentcationCallbackHandler array to handle callback objects generated by the LoginContext.login method. |
void |
setLoginConfig(org.springframework.core.io.Resource loginConfig)
Set the JAAS login configuration file. |
void |
setLoginContextName(java.lang.String loginContextName)
Set the loginContextName, this name is used as the index to the configuration specified in the loginConfig property. |
void |
setLoginExceptionResolver(LoginExceptionResolver loginExceptionResolver)
|
boolean |
supports(java.lang.Class aClass)
Returns true if this AuthenticationProvider
supports the indicated Authentication object. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
log
protected static final org.apache.commons.logging.Log log
context
private org.springframework.context.ApplicationContext context
loginExceptionResolver
private LoginExceptionResolver loginExceptionResolver
loginConfig
private org.springframework.core.io.Resource loginConfig
loginContextName
private java.lang.String loginContextName
authorityGranters
private AuthorityGranter[] authorityGranters
callbackHandlers
private JaasAuthenticationCallbackHandler[] callbackHandlers
| Constructor Detail |
JaasAuthenticationProvider
public JaasAuthenticationProvider()
| Method Detail |
setApplicationContext
public void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) throws org.springframework.beans.BeansException
- Description copied from interface:
org.springframework.context.ApplicationContextAware - Set the ApplicationContext that this object runs in.
Normally this call will be used to initialize the object.
Invoked after population of normal bean properties but before an init callback like InitializingBean's afterPropertiesSet or a custom init-method. Invoked after ResourceLoaderAware's setResourceLoader.
- Specified by:
setApplicationContextin interfaceorg.springframework.context.ApplicationContextAware
getApplicationContext
public org.springframework.context.ApplicationContext getApplicationContext()
setAuthorityGranters
public void setAuthorityGranters(AuthorityGranter[] authorityGranters)
- Set the AuthorityGranters that should be consulted for role names to be
granted to the Authentication.
getAuthorityGranters
public AuthorityGranter[] getAuthorityGranters()
- Returns the AuthorityGrannter array that was passed to the
setAuthorityGranters(AuthorityGranter[])55 method, or null if it none were ever set.
setCallbackHandlers
public void setCallbackHandlers(JaasAuthenticationCallbackHandler[] callbackHandlers)
- Set the JAASAuthentcationCallbackHandler array to handle callback
objects generated by the LoginContext.login method.
getCallbackHandlers
public JaasAuthenticationCallbackHandler[] getCallbackHandlers()
- Returns the current JaasAuthenticationCallbackHandler array, or null if
none are set.
setLoginConfig
public void setLoginConfig(org.springframework.core.io.Resource loginConfig)
- Set the JAAS login configuration file.
getLoginConfig
public org.springframework.core.io.Resource getLoginConfig()
setLoginContextName
public void setLoginContextName(java.lang.String loginContextName)
- Set the loginContextName, this name is used as the index to the
configuration specified in the loginConfig property.
getLoginContextName
public java.lang.String getLoginContextName()
setLoginExceptionResolver
public void setLoginExceptionResolver(LoginExceptionResolver loginExceptionResolver)
getLoginExceptionResolver
public LoginExceptionResolver getLoginExceptionResolver()
afterPropertiesSet
public void afterPropertiesSet()
throws java.lang.Exception
- Description copied from interface:
org.springframework.beans.factory.InitializingBean - Invoked by a BeanFactory after it has set all bean properties supplied
(and satisfied BeanFactoryAware and ApplicationContextAware).
This method allows the bean instance to perform initialization only possible when all bean properties have been set and to throw an exception in the event of misconfiguration.
- Specified by:
afterPropertiesSetin interfaceorg.springframework.beans.factory.InitializingBean
configureJaas
protected void configureJaas(org.springframework.core.io.Resource loginConfig) throws java.io.IOException
- Hook method for configuring Jaas
configureJaasUsingLoop
private void configureJaasUsingLoop()
throws java.io.IOException
- Loops through the login.config.url.1,login.config.url.2 properties
looking for the login configuration. If it is not set, it will be set
to the last available login.config.url.X property.
authenticate
public org.acegisecurity.Authentication authenticate(org.acegisecurity.Authentication auth) throws org.acegisecurity.AuthenticationException
- Attempts to login the user given the Authentication objects principal
and credential
- Specified by:
authenticatein interfaceorg.acegisecurity.providers.AuthenticationProvider
supports
public boolean supports(java.lang.Class aClass)
- Description copied from interface:
org.acegisecurity.providers.AuthenticationProvider - Returns
trueif thisAuthenticationProvidersupports the indicatedAuthenticationobject.Returning
truedoes not guarantee anAuthenticationProviderwill be able to authenticate the presented instance of theAuthenticationclass. It simply indicates it can support closer evaluation of it. AnAuthenticationProvidercan still returnnullfrom the AuthenticationProvider.authenticate(Authentication)>AuthenticationProvider.authenticate(Authentication)55 method to indicate anotherAuthenticationProvidershould be tried.Selection of an
AuthenticationProvidercapable of performing authentication is conducted at runtime theProviderManager.- Specified by:
supportsin interfaceorg.acegisecurity.providers.AuthenticationProvider
onApplicationEvent
public void onApplicationEvent(org.springframework.context.ApplicationEvent applicationEvent)
- Description copied from interface:
org.springframework.context.ApplicationListener - Handle an application event.
- Specified by:
onApplicationEventin interfaceorg.springframework.context.ApplicationListener
handleLogout
protected void handleLogout(org.acegisecurity.ui.session.HttpSessionDestroyedEvent event)
- Handles the logout by getting the SecurityContext for the session that was destroyed.
MUST NOT use SecurityContextHolder we are logging out a session that is not related to the current user.
publishFailureEvent
protected void publishFailureEvent(org.acegisecurity.providers.UsernamePasswordAuthenticationToken token, org.acegisecurity.AcegiSecurityException ase)
- Publishes the org.acegisecurity.providers.jaas.event.JaasAuthenticationFailedEvent. Can be overridden
by subclasses for different functionality
publishSuccessEvent
protected void publishSuccessEvent(org.acegisecurity.providers.UsernamePasswordAuthenticationToken token)
- Publishes the org.acegisecurity.providers.jaas.event.JaasAuthenticationSuccessEvent. Can be overridden
by subclasses for different functionality.
|
|||||||||
| Home >> All >> org >> acegisecurity >> providers >> [ jaas overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||