org.ow2.proactive.authentication

Class FileLoginModule

java.lang.Object

org.ow2.proactive.authentication.FileLoginModule

All Implemented Interfaces:

LoginModule, Loggable

Direct Known Subclasses:

KeycloakLoginModule, LDAPLoginModule, MultiLDAPLoginModule, PAMLoginModule, RMFileLoginModule

public abstract class FileLoginModule
extends Object
implements Loggable, LoginModule

Authentication based on user and group file.

Since:

ProActive Scheduling 0.9.1

Field Summary

Fields

Modifier and Type	Field and Description
protected CallbackHandler	callbackHandler JAAS call back handler used to get authentication request parameters
static String	ENCRYPTED_DATA_SEP
protected String	groupFile The file where to store group management
protected String	loginFile The file where to store the allowed user//password
protected Subject	subject
protected String	tenantFile The file where to store tenant management

Constructor Summary

Constructors

Constructor and Description
FileLoginModule()

Method Summary

Modifier and Type	Method and Description
boolean	abort()
protected void	checkGroupFile()
protected void	checkLoginFile()
protected void	checkTenantFile()
boolean	commit()
protected abstract Set<String>	getConfiguredDomains()
protected abstract String	getGroupFileName() Defines group file name
protected abstract String	getLoginFileName() Defines login file name
protected abstract PrivateKey	getPrivateKey() Defines private key
protected abstract String	getTenantFileName() Defines tenant file name
protected void	groupMembershipFromFile(String username) Return corresponding group for an user from the group file.
void	initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
boolean	login()
boolean	logout()
protected boolean	logUser(String username, String password, String domain, boolean isNotFallbackAuthentication) First Check user and password from login file.
protected void	removeOldFailedAttempts(String username)
protected void	resetFailedAttempt(String username)
protected int	retryInHowManyMinutes(String username)
protected void	storeFailedAttempt(String username)
protected void	tenantMembershipFromFile(String username) Return corresponding tenant for a user from the tenant file.
protected boolean	tooManyFailedAttempts(String username)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.ow2.proactive.authentication.Loggable

getLogger

Field Detail

ENCRYPTED_DATA_SEP

public static final String ENCRYPTED_DATA_SEP

See Also:

Constant Field Values

callbackHandler

protected CallbackHandler callbackHandler

JAAS call back handler used to get authentication request parameters

loginFile

protected String loginFile

The file where to store the allowed user//password

groupFile

protected String groupFile

The file where to store group management

tenantFile

protected String tenantFile

The file where to store tenant management

subject

protected Subject subject

Constructor Detail

FileLoginModule

public FileLoginModule()

Method Detail

getLoginFileName

protected abstract String getLoginFileName()

Defines login file name

Returns:

the login file name

getGroupFileName

protected abstract String getGroupFileName()

Defines group file name

Returns:

the group file name

getTenantFileName

protected abstract String getTenantFileName()

Defines tenant file name

Returns:

the tenant file name

getConfiguredDomains

protected abstract Set<String> getConfiguredDomains()

getPrivateKey

protected abstract PrivateKey getPrivateKey()
                                     throws KeyException

Defines private key

Returns:

private key in use

Throws:

KeyException

initialize

public void initialize(Subject subject,
                       CallbackHandler callbackHandler,
                       Map<String,?> sharedState,
                       Map<String,?> options)

Specified by:

initialize in interface LoginModule

See Also:

LoginModule.initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map)

checkLoginFile

protected void checkLoginFile()

checkGroupFile

protected void checkGroupFile()

checkTenantFile

protected void checkTenantFile()

login

public boolean login()
              throws LoginException

Specified by:

login in interface LoginModule

Throws:

LoginException - if userName of password are not correct

See Also:

LoginModule.login()

logUser

protected boolean logUser(String username,
                          String password,
                          String domain,
                          boolean isNotFallbackAuthentication)
                   throws LoginException

First Check user and password from login file. If user is authenticated, check group membership from group file.

Parameters:

username - user's login

password - user's password

isNotFallbackAuthentication - true if this method is not called inside a fallback mechanism

Returns:

true user login and password are correct, and requested group is authorized for the user

Throws:

LoginException - if authentication or group membership fails.

storeFailedAttempt

protected void storeFailedAttempt(String username)

resetFailedAttempt

protected void resetFailedAttempt(String username)

removeOldFailedAttempts

protected void removeOldFailedAttempts(String username)

tooManyFailedAttempts

protected boolean tooManyFailedAttempts(String username)

retryInHowManyMinutes

protected int retryInHowManyMinutes(String username)

groupMembershipFromFile

protected void groupMembershipFromFile(String username)
                                throws LoginException

Return corresponding group for an user from the group file.

Parameters:

username - user's login

Throws:

LoginException - if group file is not found or unreadable.

tenantMembershipFromFile

protected void tenantMembershipFromFile(String username)
                                 throws LoginException

Return corresponding tenant for a user from the tenant file.

Parameters:

username - user's login

Throws:

LoginException - if tenant file is not found or unreadable.

commit

public boolean commit()
               throws LoginException

Specified by:

commit in interface LoginModule

Throws:

LoginException

See Also:

LoginModule.commit()

abort

public boolean abort()
              throws LoginException

Specified by:

abort in interface LoginModule

Throws:

LoginException

See Also:

LoginModule.abort()

logout

public boolean logout()
               throws LoginException

Specified by:

logout in interface LoginModule

Throws:

LoginException

See Also:

LoginModule.logout()