org.apache.sling.jcr.jackrabbit.server.security
Interface LoginModulePlugin


public interface LoginModulePlugin

Provide login module functionality that extends org.apache.jackrabbit.core.security.authentication.DefaultLoginModule for a specific type of Credentials. Does not rely explicitly on any classes from org.apache.jackrabbit.core.*


Field Summary
static int IMPERSONATION_DEFAULT
           
static int IMPERSONATION_FAILED
           
static int IMPERSONATION_SUCCESS
           
 
Method Summary
 void addPrincipals(Set principals)
          Enables to add additional Principal objects, such as groups or roles, to the Subject.
 boolean canHandle(javax.jcr.Credentials credentials)
          Determine if this LoginModule can process this set of Credentials.
 void doInit(CallbackHandler callbackHandler, javax.jcr.Session session, Map options)
           
 AuthenticationPlugin getAuthentication(Principal principal, javax.jcr.Credentials creds)
          Return a PluggableAuthentication object that can authenticate the give Principal and Credentials.
 Principal getPrincipal(javax.jcr.Credentials credentials)
          Return a Principal object, or null.
 int impersonate(Principal principal, javax.jcr.Credentials credentials)
          Returns a code indicating either the status of the impersonation attempt, or IMPERSONATION_DEFAULT if the impersonation should be handled by org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#impersonate .
 

Field Detail

IMPERSONATION_DEFAULT

static final int IMPERSONATION_DEFAULT
See Also:
Constant Field Values

IMPERSONATION_SUCCESS

static final int IMPERSONATION_SUCCESS
See Also:
Constant Field Values

IMPERSONATION_FAILED

static final int IMPERSONATION_FAILED
See Also:
Constant Field Values
Method Detail

canHandle

boolean canHandle(javax.jcr.Credentials credentials)
Determine if this LoginModule can process this set of Credentials. Currently, due to Jackrabbit internals, these Credentials will always be an instance of SimpleCredentials. A co-operating AuthenticationHandler object can set properties on these credentials at creation time that this class can use to make this determination

Parameters:
credentials -

doInit

void doInit(CallbackHandler callbackHandler,
            javax.jcr.Session session,
            Map options)
            throws LoginException
Throws:
LoginException
See Also:
org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#doInit

getPrincipal

Principal getPrincipal(javax.jcr.Credentials credentials)
Return a Principal object, or null. If null is returned, and no other PluggableLoginModule that can handle these Credentials can provide a Principal, the Principal will be provided by org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getPrincipal

Returns:
an instance of the Principal associated with these Credentials
See Also:
org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getPrincipal

addPrincipals

void addPrincipals(Set principals)
Enables to add additional Principal objects, such as groups or roles, to the Subject.

Parameters:
principals - original collection of principals

getAuthentication

AuthenticationPlugin getAuthentication(Principal principal,
                                       javax.jcr.Credentials creds)
                                       throws javax.jcr.RepositoryException
Return a PluggableAuthentication object that can authenticate the give Principal and Credentials. If null is returned, and no other PluggableLoginModule that can handle these Credentials can provide a PluggableAuthentication instance, the authentication will be handled by org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getAuthentication

Returns:
An instance of PluggableAuthentication, or null
Throws:
javax.jcr.RepositoryException
See Also:
org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getAuthentication

impersonate

int impersonate(Principal principal,
                javax.jcr.Credentials credentials)
                throws javax.jcr.RepositoryException,
                       FailedLoginException
Returns a code indicating either the status of the impersonation attempt, or IMPERSONATION_DEFAULT if the impersonation should be handled by org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#impersonate .

Returns:
one of IMPERSONATION_DEFAULT, IMPERSONATION_SUCCESS or IMPERSONATION_FAILED
Throws:
javax.jcr.RepositoryException
FailedLoginException
See Also:
org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#impersonate


Copyright © 2007-2011 The Apache Software Foundation. All Rights Reserved.