Package javax.security.auth.login | | This package defines the LoginContext class which is one of the primary JAAS classes used by application programmers. To authenticate a user , an application creates a LoginContext object, specifying the application name (used to lookup the type of authentication required for that application in the Configuration ) and usually specifying a javax.security.auth.callback.CallbackHandler for communication between the user and the underlying login modules. Next, the application calls the login( ) method of the LoginContext to perform the actual login. If this method returns without throwing a LoginException , then the user was sucessfully authenticated, and the getSubject( ) method of LoginContext returns a javax.security.auth.Subject representing the user. The code might look like this: import javax.security.auth.*; import javax.security.auth.callback.*; import javax.security.auth.login.*; // Get a default GUI-based CallbackHandler CallbackHandler h = new com.sun.security.auth.callback.DialogCallbackHandler( ); // Try to create a LoginContext for use with this application LoginContext context; try { context = new LoginContext("MyAppName", h); } catch(LoginException e) { System.err.println("LoginContext configuration error: " + e.getMessage( )); System.exit(-1); } // Now use that context to authenticate the user try { context.login( ); } catch(LoginException e) { System.err.println("Authentication failed: " + e.getMessage( )); System.exit(-1); // Or we could allow them to try again. } // If we get here, authentication was successful, so get the Subject that // represents the authenticated user. Subject subject = context.getSubject( ); In order to make this kind of authentication work correctly, a fair bit of configuration is required in various files in the jre/lib/security directory of the Java installation and possibly elsewhere. In particular, a login configuration file is required to specify which login modules are required to authenticate users for a particular application (some applications may require more than one). A description of how to do this is beyond the scope of this reference. See the Configuration class for a run-time representation of the login configuration information, however. Classes public class AppConfigurationEntry ; public static class AppConfigurationEntry.LoginModuleControlFlag ; public abstract class Configuration ; public class LoginContext ; Exceptions public class LoginException extends java.security.GeneralSecurityException; public class AccountException extends LoginException; public class AccountExpiredException extends AccountException; public class AccountLockedException extends AccountException; public class AccountNotFoundException extends AccountException; public class CredentialException extends LoginException; public class CredentialExpiredException extends CredentialException; public class CredentialNotFoundException extends CredentialException; public class FailedLoginException extends LoginException; |