org.mortbay.jaas
Class JAASUserRealm

java.lang.Object
  extended by org.mortbay.jaas.JAASUserRealm
All Implemented Interfaces:
UserRealm

public class JAASUserRealm
extends java.lang.Object
implements UserRealm

JAASUserRealm

Notes

Usage


Nested Class Summary
protected  class JAASUserRealm.UserInfo
          UserInfo Information cached for an authenticated user.
 
Field Summary
protected  java.lang.String callbackHandlerClass
           
protected  java.lang.String loginModuleName
           
protected  java.lang.String realmName
           
protected  RoleCheckPolicy roleCheckPolicy
           
protected  java.util.HashMap userMap
           
 
Constructor Summary
JAASUserRealm()
          Constructor.
JAASUserRealm(java.lang.String name)
          Constructor.
 
Method Summary
 java.security.Principal authenticate(java.lang.String username, java.lang.Object credentials, HttpRequest request)
          Authenticate a user.
 void disassociate(java.security.Principal user)
          Removes any auth info associated with eg.
 java.lang.String getName()
          Get the name of the realm.
 java.security.Principal getPrincipal(java.lang.String username)
          Get the principal for a username.
 boolean isUserInRole(java.security.Principal user, java.lang.String role)
          Check if the user is in a role.
 void logout(java.security.Principal user)
          Logout a previously logged in user.
 java.security.Principal popRole(java.security.Principal user)
          Pop role from a Principal.
 java.security.Principal pushRole(java.security.Principal user, java.lang.String role)
          Temporarily adds a role to a user.
 boolean reauthenticate(java.security.Principal user)
          Re Authenticate a Principal.
 void setCallbackHandlerClass(java.lang.String classname)
           
 void setLoginModuleName(java.lang.String name)
          Set the name to use to index into the config file of LoginModules.
 void setName(java.lang.String name)
          Set the name of the realm
 void setRoleCheckPolicy(RoleCheckPolicy policy)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

callbackHandlerClass

protected java.lang.String callbackHandlerClass

realmName

protected java.lang.String realmName

loginModuleName

protected java.lang.String loginModuleName

userMap

protected java.util.HashMap userMap

roleCheckPolicy

protected RoleCheckPolicy roleCheckPolicy
Constructor Detail

JAASUserRealm

public JAASUserRealm()
Constructor.


JAASUserRealm

public JAASUserRealm(java.lang.String name)
Constructor.

Parameters:
name - the name of the realm
Method Detail

getName

public java.lang.String getName()
Get the name of the realm.

Specified by:
getName in interface UserRealm
Returns:
name or null if not set.

setName

public void setName(java.lang.String name)
Set the name of the realm

Parameters:
name - a String value

setLoginModuleName

public void setLoginModuleName(java.lang.String name)
Set the name to use to index into the config file of LoginModules.

Parameters:
name - a String value

setCallbackHandlerClass

public void setCallbackHandlerClass(java.lang.String classname)

setRoleCheckPolicy

public void setRoleCheckPolicy(RoleCheckPolicy policy)

getPrincipal

public java.security.Principal getPrincipal(java.lang.String username)
Description copied from interface: UserRealm
Get the principal for a username. This method is not guaranteed to return a Principal for non-authenticated users.

Specified by:
getPrincipal in interface UserRealm

isUserInRole

public boolean isUserInRole(java.security.Principal user,
                            java.lang.String role)
Description copied from interface: UserRealm
Check if the user is in a role.

Specified by:
isUserInRole in interface UserRealm
role - A role name.
Returns:
True if the user can act in that role.

reauthenticate

public boolean reauthenticate(java.security.Principal user)
Description copied from interface: UserRealm
Re Authenticate a Principal. Authenicate a principal that has previously been return from the authenticate method. Implementations of this method may adorn the calling context to assoicate it with the authenticated principal (eg ThreadLocals). If such context associations are made, they should be considered valid until a UserRealm.deAuthenticate(UserPrincipal) call is made for this UserPrincipal.

Specified by:
reauthenticate in interface UserRealm
Returns:
True if this user is still authenticated.

authenticate

public java.security.Principal authenticate(java.lang.String username,
                                            java.lang.Object credentials,
                                            HttpRequest request)
Authenticate a user.

Specified by:
authenticate in interface UserRealm
Parameters:
username - provided by the user at login
credentials - provided by the user at login
request - a HttpRequest value
Returns:
authenticated JAASUserPrincipal or null if authenticated failed

disassociate

public void disassociate(java.security.Principal user)
Removes any auth info associated with eg. the thread.

Specified by:
disassociate in interface UserRealm
Parameters:
user - a UserPrincipal to disassociate

pushRole

public java.security.Principal pushRole(java.security.Principal user,
                                        java.lang.String role)
Temporarily adds a role to a user. Temporarily granting a role pushes the role onto a stack of temporary roles. Temporary roles must therefore be removed in order.

Specified by:
pushRole in interface UserRealm
Parameters:
user - the Principal to which to add the role
role - the role name
Returns:
the Principal with the role added

popRole

public java.security.Principal popRole(java.security.Principal user)
Description copied from interface: UserRealm
Pop role from a Principal.

Specified by:
popRole in interface UserRealm
Parameters:
user - A UserPrincipal previously returned from pushRole
Returns:
The principal without the role. Most often this will be the original UserPrincipal passed.

logout

public void logout(java.security.Principal user)
Logout a previously logged in user. This can only work for FORM authentication as BasicAuthentication is stateless. The user's LoginContext logout() method is called.

Specified by:
logout in interface UserRealm
Parameters:
user - an Principal value


Copyright © 2004 Mortbay Consulting Pty. Ltd. All Rights Reserved.