|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.arsdigita.kernel.security.CredentialLoginModule
Loads an ID from a credential stored in the current HTTP request (for
example, cookie or URL parameter). If the credential is invalid but the
ID is loaded successfully using another LoginModule
, this
module sets a new credential containing the ID. This class uses the
Strategy design pattern to manage the persistent credential value;
it delegates to the CredentialManager
provided at
construction to get, set, and delete the credential value.
CredentialManager
Field Summary | |
static long |
FOREVER_SECS
Maximum time that a "permanent" credential can last, in seconds. |
static long |
LIFETIME_SECS
Maximum time that a single session can last, in seconds. |
static long |
RENEW_SECS
Minimum time allowed between session renewals, in seconds. |
static long |
TIMEOUT_SECS
Maximum time allowed between clicks in a single session, in seconds. |
static String |
versionId
|
Constructor Summary | |
CredentialLoginModule(CredentialManager manager)
Creates a new CredentialLoginModule associated with the
given CredentialManager . |
Method Summary | |
boolean |
abort()
Deletes the credential. |
boolean |
commit()
Sets the ID for the Subject to the value of the credential if no ID is already set. |
protected boolean |
credentialHasValue(String value)
Determines whether the credential has the given value. |
protected boolean |
credentialIsOld()
Determines whether the credential should be renewed. |
protected boolean |
credentialIsSet()
Determines whether the credential is set. |
protected abstract String |
getCredentialName()
Returns the name of the credential. |
protected boolean |
getForever()
Determines whether the credential should last "forever" or should expire at the end of this session. |
protected abstract long |
getLifetime()
Returns the lifetime of the credential in milliseconds. |
protected javax.servlet.http.HttpServletRequest |
getRequest()
Returns the current HTTP request. |
protected javax.servlet.http.HttpServletResponse |
getResponse()
Returns the current HTTP response. |
void |
initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler handler,
Map shared,
Map options)
Initializes this login module and its CredentialManager
with the given login context information. |
protected boolean |
isSecure()
Determines whether the current request is secure. |
protected BigDecimal |
loadID()
Loads the ID from the Subject. |
boolean |
login()
Checks whether the current request contains a valid credential. |
boolean |
logout()
Deletes the credential and invalidates the client session. |
protected boolean |
requestIsExcluded()
Determines whether the requested URI ends in an "excluded" extension. |
protected void |
saveID(BigDecimal id)
Saves the given ID in the Subject. |
protected abstract boolean |
shouldInvalidateSession(String value)
Determines whether the client session should be invalidated. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final String versionId
public static final long RENEW_SECS
public static final long TIMEOUT_SECS
public static final long LIFETIME_SECS
public static final long FOREVER_SECS
Constructor Detail |
public CredentialLoginModule(CredentialManager manager)
CredentialLoginModule
associated with the
given CredentialManager
. This module uses the given
manager to get, set, and delete the credential value.
Method Detail |
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler handler, Map shared, Map options)
CredentialManager
with the given login context information. This method is called by
LoginContext
after this class is instantiated.
initialize
in interface javax.security.auth.spi.LoginModule
public boolean login() throws javax.security.auth.login.LoginException
login
in interface javax.security.auth.spi.LoginModule
true.
- Throws:
CredentialNotFoundException
- if the credential is missing.
CredentialParsingException
- if the credential is invalid.
CredentialExpiredException
- if the credential has expired.
javax.security.auth.login.LoginException
- if an error occurs.
public boolean logout() throws javax.security.auth.login.LoginException
logout
in interface javax.security.auth.spi.LoginModule
true
.
javax.security.auth.login.LoginException
- if an error occurs.public boolean abort() throws javax.security.auth.login.LoginException
abort
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
- if an error occurspublic boolean commit() throws javax.security.auth.login.LoginException
commit
in interface javax.security.auth.spi.LoginModule
true
.
javax.security.auth.login.FailedLoginException
- if unable to set ID.
javax.security.auth.login.LoginException
- if an error occurs.protected final BigDecimal loadID() throws NoSuchElementException
NoSuchElementException
protected final void saveID(BigDecimal id)
id
- the ID to saveprotected final boolean isSecure() throws javax.security.auth.login.LoginException
true
if the current request is secure,
false
otherwise.
javax.security.auth.login.LoginException
- if an error occurs.protected abstract String getCredentialName() throws javax.security.auth.login.LoginException
javax.security.auth.login.LoginException
- if an error occurs.protected abstract long getLifetime() throws javax.security.auth.login.LoginException
javax.security.auth.login.LoginException
- if an error occurs.protected abstract boolean shouldInvalidateSession(String value) throws javax.security.auth.login.LoginException
value
- the new value for the credential
true
if the client session should be
invalidated, false
otherwise.
javax.security.auth.login.LoginException
- if an error occurs.protected final boolean credentialIsSet()
true
if credential is set, false
otherwise.protected final boolean credentialHasValue(String value)
value
- the value to check
true
if credential's value equals the given
value, false
otherwise.
NullPointerException
- if !credentialIsSet().protected final boolean credentialIsOld()
true
if the credential is more than
RENEW_SECS
old.
true
if credential is old; false
otherwise.
NullPointerException
- if !credentialIsSet().protected final boolean requestIsExcluded() throws javax.security.auth.login.LoginException
true
if the request URI ends with an "excluded"
extension, false
otherwise.
javax.security.auth.login.LoginException
- if an error occurs.protected final javax.servlet.http.HttpServletRequest getRequest() throws javax.security.auth.login.LoginException
javax.security.auth.login.LoginException
- if an error occurs.protected final javax.servlet.http.HttpServletResponse getResponse() throws javax.security.auth.login.LoginException
javax.security.auth.login.LoginException
- if an error occurs.protected final boolean getForever() throws javax.security.auth.login.LoginException
true
if the credential should last "forever",
false
if the credential should expire at the end of this
session.
KernelLoginException
- if an error occurs.
javax.security.auth.login.LoginException
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |