LoginContext

This is one of the most important classes in the JAAS API for application programmers: it defines the login( ) method (and the corresponding logout( ) method) that allows an application to authenticate a user . Create a LoginContext object using one of the public constructors. The constructor expects to be passed the name of the application, and, optionally , the javax.security.auth.Subject that is to be authenticated and a javax.security.auth.callback.CallbackHandler that is to be used for communication between the underlying login module (or modules) and the user. If no Subject is specified, then the LoginContext will instantiate a new one to represent the authenticated user. If a Subject is supplied, then the LoginContext adds new entries to its sets of principals and credentials. If no CallbackHandler is specified, then the LoginContext attempts to instantiate one using the class name specified by the auth.login.defaultCallbackHandler property in the system's security properties file.

Once a LoginContext is successfully created, you can authenticate a user simply by calling the login( ) method, and then calling getSubject( ) to obtain the Subject object that represents the authenticated user. When this Subject is no longer required, you can log them out by calling the logout( ) method.

public class

LoginContext

{

// Public Constructors

public

LoginContext

(String

name

) throws LoginException;  
     public

LoginContext

(String

name

, javax.security.auth.Subject

subject

)
        throws LoginException;  
     public

LoginContext

(String

name

, javax.security.auth.callback.
        CallbackHandler

callbackHandler

) throws LoginException;  
     public

LoginContext

(String

name

, javax.security.auth.Subject

subject

, 
        javax.security.auth.callback.CallbackHandler

callbackHandler

) 
        throws LoginException;

5.0

public

LoginContext

(String

name

, javax.security.auth.Subject

subject

, 
        javax.security.auth.callback.CallbackHandler

callbackHandler

, 
        Configuration

config

) throws LoginException;

// Public Instance Methods

public javax.security.auth.Subject

getSubject

( );  
     public void

login

( ) throws LoginException;  
     public void

logout

( ) throws LoginException;  
}

Signals that something went wrong while creating a LoginContext or during the login or logout process. The subclasses of this class represent more specific exception types.

Figure 19-27. javax.security.auth.login.LoginException

public class

LoginException

extends java.security.GeneralSecurityException {

// Public Constructors

public

LoginException

( );  
     public

LoginException

(String

msg

);  
}

Subclasses

AccountException , CredentialException , FailedLoginException

Thrown By

java.security.AuthProvider.{login( ) , logout( )} , LoginContext.{login( ) , LoginContext( ) , logout( )} , javax.security.auth.spi.LoginModule.{abort( ) , commit( ) , login( ) , logout( )}

This package defines the "service provider interface" for JAAS: it defines a single LoginModule interface that must be implemented by developers of login modules.

public interface

LoginModule

;

Developers of login modules to be used with the JAAS authentication API must implement this interface. Because this interface is not typically used by application developers, its methods are not documented here.

public interface

LoginModule

{

// Public Instance Methods

boolean

abort

( ) throws javax.security.auth.login.LoginException;  
     boolean

commit

( ) throws javax.security.auth.login.LoginException;  
     void

initialize

(javax.security.auth.Subject

subject

, javax.security.
        auth.callback.CallbackHandler

callbackHandler

, java.util.Map<String,?>

sharedState

, java.util.Map<String,?>

options

);  
     boolean

login

( ) throws javax.security.auth.login.LoginException;  
     boolean

logout

( ) throws javax.security.auth.login.LoginException;  
}