org.apache.openejb.core.security.jaas
Class SQLLoginModule
java.lang.Object
org.apache.openejb.core.security.jaas.SQLLoginModule
- All Implemented Interfaces:
- javax.security.auth.spi.LoginModule
public class SQLLoginModule
- extends java.lang.Object
- implements javax.security.auth.spi.LoginModule
A login module that loads security information from a SQL database. Expects
to be run by a GenericSecurityRealm (doesn't work on its own).
This requires database connectivity information (either 1: a dataSourceName and
optional dataSourceApplication or 2: a JDBC driver, URL, username, and password)
and 2 SQL queries.
The userSelect query should return 2 values, the username and the password in
that order. It should include one PreparedStatement parameter (a ?) which
will be filled in with the username. In other words, the query should look
like: SELECT user, password FROM credentials WHERE username=?
The groupSelect query should return 2 values, the username and the group name in
that order (but it may return multiple rows, one per group). It should include
one PreparedStatement parameter (a ?) which will be filled in with the username.
In other words, the query should look like:
SELECT user, role FROM user_roles WHERE username=?
This login module checks security credentials so the lifecycle methods must return true to indicate success
or throw LoginException to indicate failure.
- Version:
- $Rev: 710022 $ $Date: 2008-11-03 09:40:14 +0100 (Mo, 03. Nov 2008) $
Method Summary |
boolean |
abort()
|
boolean |
commit()
|
void |
initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler callbackHandler,
java.util.Map sharedState,
java.util.Map options)
|
boolean |
login()
This LoginModule is not to be ignored. |
boolean |
logout()
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SQLLoginModule
public SQLLoginModule()
initialize
public void initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler callbackHandler,
java.util.Map sharedState,
java.util.Map options)
- Specified by:
initialize
in interface javax.security.auth.spi.LoginModule
login
public boolean login()
throws javax.security.auth.login.LoginException
- This LoginModule is not to be ignored. So, this method should never
return false.
- Specified by:
login
in interface javax.security.auth.spi.LoginModule
- Returns:
- true if authentication succeeds, or throw a LoginException such
as FailedLoginException if authentication fails
- Throws:
javax.security.auth.login.LoginException
commit
public boolean commit()
throws javax.security.auth.login.LoginException
- Specified by:
commit
in interface javax.security.auth.spi.LoginModule
- Returns:
- true if login succeeded and commit succeeded, or false if login
failed but commit succeeded.
- Throws:
javax.security.auth.login.LoginException
- if login succeeded but commit failed.
abort
public boolean abort()
throws javax.security.auth.login.LoginException
- Specified by:
abort
in interface javax.security.auth.spi.LoginModule
- Throws:
javax.security.auth.login.LoginException
logout
public boolean logout()
throws javax.security.auth.login.LoginException
- Specified by:
logout
in interface javax.security.auth.spi.LoginModule
- Throws:
javax.security.auth.login.LoginException
Copyright © 1999-2011 The Apache OpenEJB development community. All Rights Reserved.