public class WebContainerLoginModule extends AbstractLoginModule
Logs in a user by extracting authentication data from an Http servlet
session. First, the module tries to extract a Principal object out of the
request directly using the servlet requests's getUserPrincipal()
method. If one is found, authentication succeeds. If there is no
Principal in the request, try calling getRemoteUser(). If
the remoteUser exists but the UserDatabase can't find a matching
profile, a generic WikiPrincipal is created with this value. If neither
userPrincipal nor remoteUser exist in the request, the login fails.
This module must be used with a CallbackHandler that supports the following Callback types:
HttpRequestCallback - supplies the Http request object, from
which the getRemoteUser and getUserPrincipal are extractedUserDatabaseCallback - supplies the user database for looking up
the value of getRemoteUserAfter authentication, the Subject will contain the Principal that represents the logged-in user.
m_handler, m_options, m_previousWikiPrincipals, m_principals, m_principalsToOverwrite, m_principalsToRemove, m_state, m_subject, NULL| Constructor and Description |
|---|
WebContainerLoginModule() |
| Modifier and Type | Method and Description |
|---|---|
boolean |
login()
Logs in the user.
|
abort, commit, initialize, logoutpublic boolean login()
throws javax.security.auth.login.LoginException
login in interface javax.security.auth.spi.LoginModulelogin in class AbstractLoginModuletrue if the commit succeeded, or
false if this LoginModule should be ignored.javax.security.auth.login.LoginException - if the authentication failsLoginModule.login()stSoftware Copyright © 2001-2014 stSoftware All Rights Reserved.