IBM WebSphere Extended Deployment (XD)TM
Release 6.0

com.ibm.websphere.objectgrid.security.plugins.builtins
KeyStoreLoginModule

java.lang.Object
  |
  +--com.ibm.websphere.objectgrid.security.plugins.builtins.KeyStoreLoginModule
All Implemented Interfaces
LoginModule


A KeyStoreLoginModule is keystore authentication login module based on the JAAS authentication.

A login configuration should provide an option "keyStoreFile" to indicate where the file is located. If the keyStoreFile value is in the form, ${system.property}, it will be expanded to the value of the system property.

If an option "keyStoreFile" is not provided, the default keystore file is "${java.home}${/}.keystore".

Here is a Login module configuration example:


    keyStoreLogin {
        com.ibm.websphere.objectgrid.security.plugins.builtins.KeystoreLoginModule required
            keyStoreFile="${user.dir}${/}security${/}.keystore";
    };
 


See Also:
    LoginModule


Field Summary
public  StringKEY_STORE_FILE_PROPERTY_NAME
          
public  StringKEYSTORE_TYPE
           Key store type.
public  StringDEFAULT_KEY_STORE_FILE
          
protected  KeyStorekeyStore
          

Constructor Summary
KeyStoreLoginModule()
          


Method Summary
public  voidinitialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map)
           Initialize the login module.
public  booleanlogin()
           Authenticates a user based on the keystore file.
public  booleancommit()
           Indicates the user is accepted. This method is called only if the user is.
public  booleanabort()
          
public  booleanlogout()
           Log the user out.
protected  voidvalidate(java.lang.String, char[])
           Validate the user name and password based on the keystore.

Inherited Methods

Methods inherited from java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

KEY_STORE_FILE_PROPERTY_NAME

public 
  static KEY_STORE_FILE_PROPERTY_NAME
Key store file property name

KEYSTORE_TYPE

public 
  static KEYSTORE_TYPE
Key store type. Only JKS is supported

DEFAULT_KEY_STORE_FILE

public 
  static DEFAULT_KEY_STORE_FILE
The default key store file

keyStore

protected 
  keyStore

Constructor Detail

KeyStoreLoginModule

public KeyStoreLoginModule( )
Default constructor


Method Detail

initialize

public void initialize(Subject subject,CallbackHandler callbackHandler, Map mapSharedState, Map mapOptions)
Initialize the login module. Save the subject.
See Also:
    initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map)
Parameters:


login

public boolean login()
Authenticates a user based on the keystore file.
See Also:
    login()


commit

public boolean commit()
Indicates the user is accepted. This method is called only if the user is authenticated by all module sin the login configuration fule. The principal objects will be added to the stored subject.
See Also:
    commit()


Returns:
     false if for some reason the principals cannot be added; true otherwise


Throws:
    javax.security.auth.login.LoginException


abort

public boolean abort()
Indicates the user is not accepted
See Also:
    abort()


logout

public boolean logout()
Log the user out. Clear all the maps.
See Also:
    logout()


validate

protected void validate(String userName,char[] password)
Validate the user name and password based on the keystore.
Parameters:
    userName - user name
    password - password


Throws:
    java.lang.SecurityException


IBM WebSphere Extended Deployment (XD)TM
Release 6.0