| java.lang.Object | |
| ↳ | org.springframework.security.authentication.jaas.SecurityContextLoginModule |
Class Overview
An implementation of LoginModule that uses a Spring Security SecurityContext to provide authentication.
This LoginModule provides opposite functionality to the JaasAuthenticationProvider API, and should not
really be used in conjunction with it.
The JaasAuthenticationProvider allows Spring Security to authenticate against Jaas.
The SecurityContextLoginModule allows a Jaas based application to authenticate against Spring Security.
If there is no Authentication in the SecurityContextHolder the login() method will throw a LoginException
by default. This functionality can be changed with the ignoreMissingAuthentication option by setting it
to "true". Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to simply return false
and be ignored if the authentication is null.
Summary
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Abort the authentication process by forgetting the Spring Security
Authentication. | |||||||||||
Authenticate the
Subject (phase two) by adding the Spring Security
Authentication to the Subject's principals. | |||||||||||
Initialize this
LoginModule. | |||||||||||
Authenticate the
Subject (phase one) by extracting the Spring Security
Authentication from the current SecurityContext. | |||||||||||
Log out the
Subject. | |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
|
From interface
javax.security.auth.spi.LoginModule
| |||||||||||
Public Constructors
public SecurityContextLoginModule ()
Public Methods
public boolean abort ()
Abort the authentication process by forgetting the Spring Security Authentication.
Returns
- true if this method succeeded, or false if this
LoginModuleshould be ignored.
Throws
| LoginException | if the abort fails |
|---|
public boolean commit ()
Authenticate the Subject (phase two) by adding the Spring Security
Authentication to the Subject's principals.
Returns
- true if this method succeeded, or false if this
LoginModuleshould be ignored.
Throws
| LoginException | if the commit fails |
|---|
public void initialize (Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
Initialize this LoginModule. Ignores the callback handler, since the code establishing the
LoginContext likely won't provide one that understands Spring Security. Also ignores the
sharedState and options parameters, since none are recognized.
Parameters
| subject | the Subject to be authenticated. |
|---|---|
| callbackHandler | is ignored |
| sharedState | is ignored |
| options | are ignored |
public boolean login ()
Authenticate the Subject (phase one) by extracting the Spring Security
Authentication from the current SecurityContext.
Returns
- true if the authentication succeeded, or false if this
LoginModuleshould be ignored.
Throws
| LoginException | if the authentication fails |
|---|
public boolean logout ()
Log out the Subject.
Returns
- true if this method succeeded, or false if this
LoginModuleshould be ignored.
Throws
| LoginException | if the logout fails |
|---|