org.mortbay.jaas

Class JAASUserRealm

Implemented Interfaces:
UserRealm

public class JAASUserRealm
extends java.lang.Object
implements UserRealm

JAASUserRealm

Notes

Usage

Nested Class Summary

protected class
JAASUserRealm.UserInfo
UserInfo Information cached for an authenticated user.

Field Summary

protected String
callbackHandlerClass
protected String
loginModuleName
protected String
realmName
protected RoleCheckPolicy
roleCheckPolicy
protected HashMap
userMap

Constructor Summary

JAASUserRealm()
Constructor.
JAASUserRealm(String name)
Constructor.

Method Summary

Principal
authenticate(String username, Object credentials, HttpRequest request)
Authenticate a user.
void
disassociate(Principal user)
Removes any auth info associated with eg.
String
getName()
Get the name of the realm.
Principal
getPrincipal(String username)
Get the principal for a username.
boolean
isUserInRole(Principal user, String role)
Check if the user is in a role.
void
logout(Principal user)
Logout a previously logged in user.
Principal
popRole(Principal user)
Pop role from a Principal.
Principal
pushRole(Principal user, String role)
Temporarily adds a role to a user.
boolean
reauthenticate(Principal user)
Re Authenticate a Principal.
void
setCallbackHandlerClass(String classname)
void
setLoginModuleName(String name)
Set the name to use to index into the config file of LoginModules.
void
setName(String name)
Set the name of the realm
void
setRoleCheckPolicy(RoleCheckPolicy policy)

Field Details

callbackHandlerClass

protected String callbackHandlerClass

loginModuleName

protected String loginModuleName

realmName

protected String realmName

roleCheckPolicy

protected RoleCheckPolicy roleCheckPolicy

userMap

protected HashMap userMap

Constructor Details

JAASUserRealm

public JAASUserRealm()
Constructor.

JAASUserRealm

public JAASUserRealm(String name)
Constructor.
Parameters:
name - the name of the realm

Method Details

authenticate

public Principal authenticate(String username,
                              Object credentials,
                              HttpRequest request)
Authenticate a user.
Specified by:
authenticate in interface UserRealm
Parameters:
username - provided by the user at login
credentials - provided by the user at login
request - a HttpRequest value
Returns:
authenticated JAASUserPrincipal or null if authenticated failed

disassociate

public void disassociate(Principal user)
Removes any auth info associated with eg. the thread.
Specified by:
disassociate in interface UserRealm
Parameters:
user - a UserPrincipal to disassociate

getName

public String getName()
Get the name of the realm.
Specified by:
getName in interface UserRealm
Returns:
name or null if not set.

getPrincipal

public Principal getPrincipal(String username)
Get the principal for a username. This method is not guaranteed to return a Principal for non-authenticated users.
Specified by:
getPrincipal in interface UserRealm

isUserInRole

public boolean isUserInRole(Principal user,
                            String role)
Check if the user is in a role.
Specified by:
isUserInRole in interface UserRealm
Parameters:
role - A role name.
Returns:
True if the user can act in that role.

logout

public void logout(Principal user)
Logout a previously logged in user. This can only work for FORM authentication as BasicAuthentication is stateless. The user's LoginContext logout() method is called.
Specified by:
logout in interface UserRealm
Parameters:
user - an Principal value

popRole

public Principal popRole(Principal user)
Pop role from a Principal.
Specified by:
popRole in interface UserRealm
Parameters:
user - A UserPrincipal previously returned from pushRole
Returns:
The principal without the role. Most often this will be the original UserPrincipal passed.

pushRole

public Principal pushRole(Principal user,
                          String role)
Temporarily adds a role to a user. Temporarily granting a role pushes the role onto a stack of temporary roles. Temporary roles must therefore be removed in order.
Specified by:
pushRole in interface UserRealm
Parameters:
user - the Principal to which to add the role
role - the role name
Returns:
the Principal with the role added

reauthenticate

public boolean reauthenticate(Principal user)
Re Authenticate a Principal. Authenicate a principal that has previously been return from the authenticate method. Implementations of this method may adorn the calling context to assoicate it with the authenticated principal (eg ThreadLocals). If such context associations are made, they should be considered valid until a UserRealm.deAuthenticate(UserPrincipal) call is made for this UserPrincipal.
Specified by:
reauthenticate in interface UserRealm
Returns:
True if this user is still authenticated.

setCallbackHandlerClass

public void setCallbackHandlerClass(String classname)

setLoginModuleName

public void setLoginModuleName(String name)
Set the name to use to index into the config file of LoginModules.
Parameters:
name - a String value

setName

public void setName(String name)
Set the name of the realm
Parameters:
name - a String value

setRoleCheckPolicy

public void setRoleCheckPolicy(RoleCheckPolicy policy)

Copyright © 2004 Mortbay Consulting Pty. Ltd. All Rights Reserved.