| Package javax.security.auth.login | |
This package
defines the
LoginContext class which is one of the primary JAAS
classes used by application programmers. To authenticate a user, an
application creates a LoginContext object,
specifying the application name (used to lookup the type of
authentication required for that application in the
Configuration) and usually specifying a
javax.security.auth.callback.CallbackHandler for
communication between the user and the underlying login modules.
Next, the application calls the login(
)
method of the LoginContext to perform the actual
login. If this method returns without throwing a
LoginException, then the user was sucessfully
authenticated, and the getSubject(
) method of
LoginContext returns a
javax.security.auth.Subject representing the user.
The code might look like this: import javax.security.auth.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
// Get a default GUI-based CallbackHandler
CallbackHandler h = new com.sun.security.auth.callback.DialogCallbackHandler( );
// Try to create a LoginContext for use with this application
LoginContext context;
try {
context = new LoginContext("MyAppName", h);
}
catch(LoginException e) {
System.err.println("LoginContext configuration error: " + e.getMessage( ));
System.exit(-1);
}
// Now use that context to authenticate the user
try {
context.login( );
}
catch(LoginException e) {
System.err.println("Authentication failed: " + e.getMessage( ));
System.exit(-1); // Or we could allow them to try again.
}
// If we get here, authentication was successful, so get the Subject that
// represents the authenticated user.
Subject subject = context.getSubject( ); In order to make this kind of authentication work correctly, a fair
bit of configuration is required in various files in the
jre/lib/security directory of the Java
installation and possibly elsewhere. In particular, a login
configuration file is required to specify which login modules are
required to authenticate users for a particular application (some
applications may require more than one). A description of how to do
this is beyond the scope of this reference. See the
Configuration class for a run-time representation
of the login configuration information, however.
Classes
public class AppConfigurationEntry ;
public static class AppConfigurationEntry.LoginModuleControlFlag ;
public abstract class Configuration ;
public class LoginContext ; Exceptions
public class LoginException extends java.security.GeneralSecurityException;
public class AccountException extends LoginException;
public class AccountExpiredException extends AccountException;
public class AccountLockedException extends AccountException;
public class AccountNotFoundException extends AccountException;
public class CredentialException extends LoginException;
public class CredentialExpiredException extends CredentialException;
public class CredentialNotFoundException extends CredentialException;
public class FailedLoginException extends LoginException; |