org.mortbay.jetty.plus.jaas
Class JAASUserRealm

java.lang.Object
  extended by org.mortbay.jetty.plus.jaas.JAASUserRealm
All Implemented Interfaces:
UserRealm
Direct Known Subclasses:
SSOJAASUserRealm

public class JAASUserRealm
extends java.lang.Object
implements UserRealm

JAASUserRealm

Notes

Usage


Field Summary
protected  java.lang.String callbackHandlerClass
           
static java.lang.String DEFAULT_ROLE_CLASS_NAME
           
static java.lang.String[] DEFAULT_ROLE_CLASS_NAMES
           
protected  JAASUserPrincipal defaultUser
           
protected  java.lang.String loginModuleName
           
protected  java.lang.String realmName
           
protected  RoleCheckPolicy roleCheckPolicy
           
protected  java.lang.String[] roleClassNames
           
 
Constructor Summary
JAASUserRealm()
          Constructor.
JAASUserRealm(java.lang.String name)
          Constructor.
 
Method Summary
 java.security.Principal authenticate(java.lang.String username, java.lang.Object credentials, Request request)
          Authenticate a user.
 void disassociate(java.security.Principal user)
          Removes any auth info associated with eg.
 java.lang.String getName()
          Get the name of the realm.
 java.security.Principal getPrincipal(java.lang.String username)
          Get the principal for a username.
 java.lang.String[] getRoleClassNames()
           
 java.security.acl.Group getRoles(JAASUserPrincipal principal)
           
 boolean isUserInRole(java.security.Principal user, java.lang.String role)
          Check if the user is in a role.
 void logout(java.security.Principal user)
          Logout a previously logged in user.
 java.security.Principal popRole(java.security.Principal user)
          Pop role from a Principal.
 java.security.Principal pushRole(java.security.Principal user, java.lang.String role)
          Temporarily adds a role to a user.
 boolean reauthenticate(java.security.Principal user)
          Re Authenticate a Principal.
 void setCallbackHandlerClass(java.lang.String classname)
           
 void setLoginModuleName(java.lang.String name)
          Set the name to use to index into the config file of LoginModules.
 void setName(java.lang.String name)
          Set the name of the realm
 void setRoleCheckPolicy(RoleCheckPolicy policy)
           
 void setRoleClassNames(java.lang.String[] classnames)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_ROLE_CLASS_NAME

public static java.lang.String DEFAULT_ROLE_CLASS_NAME

DEFAULT_ROLE_CLASS_NAMES

public static java.lang.String[] DEFAULT_ROLE_CLASS_NAMES

roleClassNames

protected java.lang.String[] roleClassNames

callbackHandlerClass

protected java.lang.String callbackHandlerClass

realmName

protected java.lang.String realmName

loginModuleName

protected java.lang.String loginModuleName

roleCheckPolicy

protected RoleCheckPolicy roleCheckPolicy

defaultUser

protected JAASUserPrincipal defaultUser
Constructor Detail

JAASUserRealm

public JAASUserRealm()
Constructor.


JAASUserRealm

public JAASUserRealm(java.lang.String name)
Constructor.

Parameters:
name - the name of the realm
Method Detail

getName

public java.lang.String getName()
Get the name of the realm.

Specified by:
getName in interface UserRealm
Returns:
name or null if not set.

setName

public void setName(java.lang.String name)
Set the name of the realm

Parameters:
name - a String value

setLoginModuleName

public void setLoginModuleName(java.lang.String name)
Set the name to use to index into the config file of LoginModules.

Parameters:
name - a String value

setCallbackHandlerClass

public void setCallbackHandlerClass(java.lang.String classname)

setRoleClassNames

public void setRoleClassNames(java.lang.String[] classnames)

getRoleClassNames

public java.lang.String[] getRoleClassNames()

setRoleCheckPolicy

public void setRoleCheckPolicy(RoleCheckPolicy policy)

getPrincipal

public java.security.Principal getPrincipal(java.lang.String username)
Description copied from interface: UserRealm
Get the principal for a username. This method is not guaranteed to return a Principal for non-authenticated users.

Specified by:
getPrincipal in interface UserRealm

isUserInRole

public boolean isUserInRole(java.security.Principal user,
                            java.lang.String role)
Description copied from interface: UserRealm
Check if the user is in a role.

Specified by:
isUserInRole in interface UserRealm
role - A role name.
Returns:
True if the user can act in that role.

reauthenticate

public boolean reauthenticate(java.security.Principal user)
Description copied from interface: UserRealm
Re Authenticate a Principal. Authenicate a principal that has previously been return from the authenticate method. Implementations of this method may adorn the calling context to assoicate it with the authenticated principal (eg ThreadLocals). If such context associations are made, they should be considered valid until a UserRealm.deAuthenticate(UserPrincipal) call is made for this UserPrincipal.

Specified by:
reauthenticate in interface UserRealm
Returns:
True if this user is still authenticated.

authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            java.lang.Object credentials,
                                            Request request)
Authenticate a user.

Specified by:
authenticate in interface UserRealm
Parameters:
username - provided by the user at login
credentials - provided by the user at login
request - a Request value
Returns:
authenticated JAASUserPrincipal or null if authenticated failed

disassociate

public void disassociate(java.security.Principal user)
Removes any auth info associated with eg. the thread.

Specified by:
disassociate in interface UserRealm
Parameters:
user - a UserPrincipal to disassociate

pushRole

public java.security.Principal pushRole(java.security.Principal user,
                                        java.lang.String role)
Temporarily adds a role to a user. Temporarily granting a role pushes the role onto a stack of temporary roles. Temporary roles must therefore be removed in order.

Specified by:
pushRole in interface UserRealm
Parameters:
user - the Principal to which to add the role
role - the role name
Returns:
the Principal with the role added

popRole

public java.security.Principal popRole(java.security.Principal user)
Description copied from interface: UserRealm
Pop role from a Principal.

Specified by:
popRole in interface UserRealm
Parameters:
user - A UserPrincipal previously returned from pushRole
Returns:
The principal without the role. Most often this will be the original UserPrincipal passed.

getRoles

public java.security.acl.Group getRoles(JAASUserPrincipal principal)

logout

public void logout(java.security.Principal user)
Logout a previously logged in user. This can only work for FORM authentication as BasicAuthentication is stateless. The user's LoginContext logout() method is called.

Specified by:
logout in interface UserRealm
Parameters:
user - an Principal value


Copyright © 1995-2009 Mort Bay Consulting. All Rights Reserved.