org.apache.activemq.jaas
Class TextFileCertificateLoginModule
java.lang.Object
org.apache.activemq.jaas.CertificateLoginModule
org.apache.activemq.jaas.TextFileCertificateLoginModule
- All Implemented Interfaces:
- LoginModule
public class TextFileCertificateLoginModule
- extends CertificateLoginModule
A LoginModule allowing for SSL certificate based authentication based on
Distinguished Names (DN) stored in text files. The DNs are parsed using a
Properties class where each line is =. This class also
uses a group definition file where each line is =,,etc.
The user and group files' locations must be specified in the
org.apache.activemq.jaas.textfiledn.user and
org.apache.activemq.jaas.textfiledn.user properties respectively. NOTE: This
class will re-read user and group files for every authentication (i.e it does
live updates of allowed groups and users).
- Author:
- sepandm@gmail.com (Sepand)
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TextFileCertificateLoginModule
public TextFileCertificateLoginModule()
initialize
public void initialize(Subject subject,
CallbackHandler callbackHandler,
Map sharedState,
Map options)
- Performs initialization of file paths. A standard JAAS override.
- Specified by:
initialize
in interface LoginModule
- Overrides:
initialize
in class CertificateLoginModule
getUserNameForCertificates
protected String getUserNameForCertificates(X509Certificate[] certs)
throws LoginException
- Overriding to allow DN authorization based on DNs specified in text
files.
- Specified by:
getUserNameForCertificates
in class CertificateLoginModule
- Parameters:
certs
- The certificate the incoming connection provided.
- Returns:
- The user's authenticated name or null if unable to authenticate
the user.
- Throws:
LoginException
- Thrown if unable to find user file or connection
certificate.
getUserGroups
protected Set<String> getUserGroups(String username)
throws LoginException
- Overriding to allow for group discovery based on text files.
- Specified by:
getUserGroups
in class CertificateLoginModule
- Parameters:
username
- The name of the user being examined. This is the same
name returned by getUserNameForCertificates.
- Returns:
- A Set of name Strings for groups this user belongs to.
- Throws:
LoginException
- Thrown if unable to find group definition file.
Copyright © 2005-2011 Apache Software Foundation. All Rights Reserved.