public class BrooklynLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule
JAAS module delegating authentication to the SecurityProvider
implementation
configured in brooklyn.properties, key brooklyn.webconsole.security.provider.
If used in an OSGi environment only implementations visible from brooklyn-rest-server are usable by default. To use a custom security provider add the following configuration to the its bundle in src/main/resources/OSGI-INF/bundle/security-provider.xml:
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
<jaas:config name="karaf" rank="1">
<jaas:module className="org.apache.brooklyn.rest.security.jaas.BrooklynLoginModule"
flags="required">
brooklyn.webconsole.security.provider.symbolicName=BUNDLE_SYMBOLIC_NAME
brooklyn.webconsole.security.provider.version=BUNDLE_VERSION
</jaas:module>
</jaas:config>
</blueprint>
Modifier and Type | Class and Description |
---|---|
static class |
BrooklynLoginModule.RolePrincipal |
static class |
BrooklynLoginModule.UserPrincipal |
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
AUTHENTICATED_USER_SESSION_ATTRIBUTE
The session attribute set for authenticated users; for reference
(but should not be relied up to confirm authentication, as
the providers may impose additional criteria such as timeouts,
or a null user (no login) may be permitted)
|
static java.lang.String |
DEFAULT_ROLE |
static java.lang.String |
PROPERTY_BUNDLE_SYMBOLIC_NAME |
static java.lang.String |
PROPERTY_BUNDLE_VERSION |
static java.lang.String |
PROPERTY_ROLE
SecurityProvider doesn't know about roles, just attach one by default.
|
Constructor and Description |
---|
BrooklynLoginModule() |
Modifier and Type | Method and Description |
---|---|
boolean |
abort() |
boolean |
commit() |
void |
initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler callbackHandler,
java.util.Map<java.lang.String,?> sharedState,
java.util.Map<java.lang.String,?> options) |
boolean |
login() |
boolean |
logout() |
public static final java.lang.String AUTHENTICATED_USER_SESSION_ATTRIBUTE
public static final java.lang.String PROPERTY_BUNDLE_SYMBOLIC_NAME
public static final java.lang.String PROPERTY_BUNDLE_VERSION
public static final java.lang.String PROPERTY_ROLE
public static final java.lang.String DEFAULT_ROLE
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)
initialize
in interface javax.security.auth.spi.LoginModule
public boolean login() throws javax.security.auth.login.LoginException
login
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public boolean commit() throws javax.security.auth.login.LoginException
commit
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public boolean abort() throws javax.security.auth.login.LoginException
abort
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public boolean logout() throws javax.security.auth.login.LoginException
logout
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException