public class

SecurityContextLoginModule

extends Object
implements LoginModule
java.lang.Object
   ↳ org.springframework.security.authentication.jaas.SecurityContextLoginModule

Class Overview

An implementation of LoginModule that uses a Spring Security SecurityContext to provide authentication.

This LoginModule provides opposite functionality to the JaasAuthenticationProvider API, and should not really be used in conjunction with it.

The JaasAuthenticationProvider allows Spring Security to authenticate against Jaas.

The SecurityContextLoginModule allows a Jaas based application to authenticate against Spring Security. If there is no Authentication in the SecurityContextHolder the login() method will throw a LoginException by default. This functionality can be changed with the ignoreMissingAuthentication option by setting it to "true". Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to simply return false and be ignored if the authentication is null.

Summary

Public Constructors
SecurityContextLoginModule()
Public Methods
boolean abort()
Abort the authentication process by forgetting the Spring Security Authentication.
boolean commit()
Authenticate the Subject (phase two) by adding the Spring Security Authentication to the Subject's principals.
void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
Initialize this LoginModule.
boolean login()
Authenticate the Subject (phase one) by extracting the Spring Security Authentication from the current SecurityContext.
boolean logout()
Log out the Subject.
[Expand]
Inherited Methods
From class java.lang.Object
From interface javax.security.auth.spi.LoginModule

Public Constructors

public SecurityContextLoginModule ()

Public Methods

public boolean abort ()

Abort the authentication process by forgetting the Spring Security Authentication.

Returns
  • true if this method succeeded, or false if this LoginModule should be ignored.
Throws
LoginException if the abort fails

public boolean commit ()

Authenticate the Subject (phase two) by adding the Spring Security Authentication to the Subject's principals.

Returns
  • true if this method succeeded, or false if this LoginModule should be ignored.
Throws
LoginException if the commit fails

public void initialize (Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)

Initialize this LoginModule. Ignores the callback handler, since the code establishing the LoginContext likely won't provide one that understands Spring Security. Also ignores the sharedState and options parameters, since none are recognized.

Parameters
subject the Subject to be authenticated.
callbackHandler is ignored
sharedState is ignored
options are ignored

public boolean login ()

Authenticate the Subject (phase one) by extracting the Spring Security Authentication from the current SecurityContext.

Returns
  • true if the authentication succeeded, or false if this LoginModule should be ignored.
Throws
LoginException if the authentication fails

public boolean logout ()

Log out the Subject.

Returns
  • true if this method succeeded, or false if this LoginModule should be ignored.
Throws
LoginException if the logout fails