Overview  Package   Class  Tree  Deprecated  Index  Help 
IBM WebSphere Extended Deployment (XD)TM, Release 6.1
ObjectGrid API Specification
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.ibm.websphere.objectgrid.security.plugins.builtins
Class LDAPLoginModule

java.lang.Object
  extended by com.ibm.websphere.objectgrid.security.plugins.builtins.LDAPLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule
public class LDAPLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule

This LDAPLoginModule authenticates a user name and password to the configured LDAP server.

A login configuration should provide at least the following two options:

Here is a Login module configuration example used by the sample LDAPAuthenticator: 


 LDAPLogin {
     com.ibm.websphere.objectgrid.security.plugins.builtins.LDAPLoginModule required 
     providerURL="ldap://bluepages.ibm.com:389/" 
     factoryClass="com.sun.jndi.ldap.LdapCtxFactory"
     debug=true;
 };
The providerURL points to the IBM bluepages LDAP server with the port number 389. The initial context factory is com.sun.jndi.ldap.LdapCtxFactory.

Since:
WAS XD 6.0.1
See Also:
LoginModule

Field Summary
static java.lang.String FACTORY_CLASS
          LDAP context factory implementation class property name
static java.lang.String PROVIDER_URL
          LDAP server provider URL property name
 
Constructor Summary
LDAPLoginModule()
           
 
Method Summary
 boolean abort()
          Called if the LoginContext's overall authentication failed.
 boolean commit()
          Called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
 void initialize(javax.security.auth.Subject _subject, javax.security.auth.callback.CallbackHandler _callbackHandler, java.util.Map _sharedState, java.util.Map _options)
          Initializes this LoginModule.
 boolean login()
          Authenticates the user by a user name and password.
 boolean logout()
          Logs out the user.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

PROVIDER_URL

public static final java.lang.String PROVIDER_URL
LDAP server provider URL property name

See Also:
Constant Field Values

FACTORY_CLASS

public static final java.lang.String FACTORY_CLASS
LDAP context factory implementation class property name

See Also:
Constant Field Values
Constructor Detail

LDAPLoginModule

public LDAPLoginModule()
Method Detail

initialize

public void initialize(javax.security.auth.Subject _subject,
                       javax.security.auth.callback.CallbackHandler _callbackHandler,
                       java.util.Map _sharedState,
                       java.util.Map _options)
Initializes this LoginModule.

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Parameters:
_subject - the Subject to be authenticated.
_callbackHandler - a CallbackHandler for communicating with the end user (prompting for user names and passwords, for example).
_sharedState - shared LoginModule state.
_options - options specified in the login Configuration for this particular LoginModule.

login

public boolean login()
              throws javax.security.auth.login.LoginException
Authenticates the user by a user name and password.

Specified by:
login in interface javax.security.auth.spi.LoginModule
Returns:
true in all cases since this LoginModule should not be ignored.
Throws:
javax.security.auth.login.FailedLoginException - if the authentication fails.
javax.security.auth.login.LoginException - if this LoginModule is unable to perform the authentication.

commit

public boolean commit()
               throws javax.security.auth.login.LoginException
Called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), this method associates a SimpleUserPrincipal and SimpleDeptPrincipal with the Subject located in the LoginModule. If this LoginModule's own authentication attempted failed, this method removes any state that was originally saved.

Specified by:
commit in interface javax.security.auth.spi.LoginModule
Returns:
true if this LoginModule's own login and commit attempts succeeded, or false otherwise.
Throws:
javax.security.auth.login.LoginException - if the commit fails.

abort

public boolean abort()
              throws javax.security.auth.login.LoginException
Called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).

If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login and commit methods), then this method cleans up any state that was originally saved.

Specified by:
abort in interface javax.security.auth.spi.LoginModule
Returns:
false if this LoginModule's own login and/or commit attempts failed, and true otherwise.
Throws:
javax.security.auth.login.LoginException - if the abort fails.

logout

public boolean logout()
               throws javax.security.auth.login.LoginException
Logs out the user.

This method removes the SamplePrincipal that was added by the commit method.

Specified by:
logout in interface javax.security.auth.spi.LoginModule
Returns:
true in all cases since this LoginModule should not be ignored.
Throws:
javax.security.auth.login.LoginException - if the logout fails.
Overview  Package   Class  Tree  Deprecated  Index  Help 
IBM WebSphere Extended Deployment (XD)TM, Release 6.1
ObjectGrid API Specification
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
© Copyright International Business Machines Corp 2005-2007. All rights reserved.