RadiusLoginModule (JRadiusClient)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.sourceforge.jradiusclient.jaas
Class RadiusLoginModule

java.lang.Object
  |
  +--net.sourceforge.jradiusclient.jaas.RadiusLoginModule

All Implemented Interfaces:: javax.security.auth.spi.LoginModule

public class RadiusLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule

This is an implementation of javax.security.auth.spi.LoginModule specific to using a RADIUS Server for authentication.

Version:: $Revision: 1.6 $
Author:: Robert J. Loihl

Field Summary

static int MAX_CHALLENGE_ATTEMPTS


Constructor Summary

RadiusLoginModule()


Method Summary

boolean abort()
          Method to abort the authentication process (phase 2).

boolean commit()
          Method to commit the authentication process (phase 2).

void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
          Initialize this LoginModule.

boolean login()
          Authenticates this Subject against a RADIUS Server (phase 1).

boolean logout()
          This method logs out a Subject (Poss.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

MAX_CHALLENGE_ATTEMPTS

public static final int MAX_CHALLENGE_ATTEMPTS

See Also:: Constant Field Values

Constructor Detail

RadiusLoginModule

public RadiusLoginModule()

Method Detail

abort

public boolean abort()
              throws javax.security.auth.login.LoginException

Method to abort the authentication process (phase 2). This method gets called if the LoginContext's overall authentication process failed (i.e. one of the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed). It also cleans up any internal state saved by the login method.

Specified by:: abort in interface javax.security.auth.spi.LoginModule

Returns:: boolean true if this method succeeds false if this LoginModule should be ignored
Throws:: javax.security.auth.login.LoginException - If the abort fails

commit

public boolean commit()
               throws javax.security.auth.login.LoginException

Method to commit the authentication process (phase 2). This method gets called if the LoginContext's overall authentication process succeeded (i.e. all of the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded). If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates relevant Principals and Credentials with the Subject located in the LoginModule. If this LoginModule's own authentication attempt failed, then this method cleans up any internal state saved by the login method. ( poss. improvement: perform a RADIUS accounting request to notify RADIUS server of login time.)

Specified by:: commit in interface javax.security.auth.spi.LoginModule

Returns:: boolean true if this method succeeds false if this LoginModule should be ignored
Throws:: javax.security.auth.login.LoginException - If the commit action fails

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map sharedState,
                       java.util.Map options)

Initialize this LoginModule. This method is called by the LoginContext after this LoginModule has been instantiated. The purpose of this method is to initialize this LoginModule with the relevant information. If this LoginModule does not understand any of the data stored in sharedState or options parameters, they can be ignored. There MUST be the following parameters specified in the options:

hostname - the fully qualified name or IP address of the RADIUS Server
shared secret - the secret shared between us and the RADIUS Server

The following parameters MAY be specified, but they must be supplied together:

Authenication Port - The port the RADIUS Server is listening on for authentication
Accounting Port - The port the RADIUS Server is listening on for accounting requests

Specified by:: initialize in interface javax.security.auth.spi.LoginModule

Parameters:: subject - javax.security.auth.Subject; callbackHandler - javax.security.auth.callback.CallbackHandler; sharedState - java.util.Map; options - java.util.Map

login

public boolean login()
              throws javax.security.auth.login.LoginException

Authenticates this Subject against a RADIUS Server (phase 1). It uses the callbacks to request a UserName and a Password, and possibly requests a response to a challenge recieved from the RADIUS server.

Specified by:: login in interface javax.security.auth.spi.LoginModule

Returns:: boolean True if this LoginModule succeeds, False if this LoginModule should be ignored
Throws:: FailedLoginException - if the login fails; javax.security.auth.login.LoginException - If this LoginModule can't perform the requested authentication

logout

public boolean logout()
               throws javax.security.auth.login.LoginException

This method logs out a Subject (Poss. Improvement: perform a RADIUS accounting request to notify RADIUS server of logout time.)

Specified by:: logout in interface javax.security.auth.spi.LoginModule

Returns:: boolean return true if the logout was successful, False if this LoginModule should be ignored
Throws:: javax.security.auth.login.LoginException - if the logout fails.