net.sourceforge.jradiusclient.jaas
Class RadiusLoginModule

java.lang.Object
  |
  +--net.sourceforge.jradiusclient.jaas.RadiusLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule

public class RadiusLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule

This is an implementation of javax.security.auth.spi.LoginModule specific to using a RADIUS Server for authentication.

Version:
$Revision: 1.6 $
Author:
Robert J. Loihl

Field Summary
static int MAX_CHALLENGE_ATTEMPTS
           
 
Constructor Summary
RadiusLoginModule()
           
 
Method Summary
 boolean abort()
          Method to abort the authentication process (phase 2).
 boolean commit()
          Method to commit the authentication process (phase 2).
 void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
          Initialize this LoginModule.
 boolean login()
          Authenticates this Subject against a RADIUS Server (phase 1).
 boolean logout()
          This method logs out a Subject (Poss.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

MAX_CHALLENGE_ATTEMPTS

public static final int MAX_CHALLENGE_ATTEMPTS
See Also:
Constant Field Values
Constructor Detail

RadiusLoginModule

public RadiusLoginModule()
Method Detail

abort

public boolean abort()
              throws javax.security.auth.login.LoginException
Method to abort the authentication process (phase 2). This method gets called if the LoginContext's overall authentication process failed (i.e. one of the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed). It also cleans up any internal state saved by the login method.

Specified by:
abort in interface javax.security.auth.spi.LoginModule
Returns:
boolean true if this method succeeds false if this LoginModule should be ignored
Throws:
javax.security.auth.login.LoginException - If the abort fails

commit

public boolean commit()
               throws javax.security.auth.login.LoginException
Method to commit the authentication process (phase 2). This method gets called if the LoginContext's overall authentication process succeeded (i.e. all of the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded). If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates relevant Principals and Credentials with the Subject located in the LoginModule. If this LoginModule's own authentication attempt failed, then this method cleans up any internal state saved by the login method. ( poss. improvement: perform a RADIUS accounting request to notify RADIUS server of login time.)

Specified by:
commit in interface javax.security.auth.spi.LoginModule
Returns:
boolean true if this method succeeds false if this LoginModule should be ignored
Throws:
javax.security.auth.login.LoginException - If the commit action fails

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map sharedState,
                       java.util.Map options)
Initialize this LoginModule. This method is called by the LoginContext after this LoginModule has been instantiated. The purpose of this method is to initialize this LoginModule with the relevant information. If this LoginModule does not understand any of the data stored in sharedState or options parameters, they can be ignored. There MUST be the following parameters specified in the options:
The following parameters MAY be specified, but they must be supplied together:

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Parameters:
subject - javax.security.auth.Subject
callbackHandler - javax.security.auth.callback.CallbackHandler
sharedState - java.util.Map
options - java.util.Map

login

public boolean login()
              throws javax.security.auth.login.LoginException
Authenticates this Subject against a RADIUS Server (phase 1). It uses the callbacks to request a UserName and a Password, and possibly requests a response to a challenge recieved from the RADIUS server.

Specified by:
login in interface javax.security.auth.spi.LoginModule
Returns:
boolean True if this LoginModule succeeds, False if this LoginModule should be ignored
Throws:
FailedLoginException - if the login fails
javax.security.auth.login.LoginException - If this LoginModule can't perform the requested authentication

logout

public boolean logout()
               throws javax.security.auth.login.LoginException
This method logs out a Subject (Poss. Improvement: perform a RADIUS accounting request to notify RADIUS server of logout time.)

Specified by:
logout in interface javax.security.auth.spi.LoginModule
Returns:
boolean return true if the logout was successful, False if this LoginModule should be ignored
Throws:
javax.security.auth.login.LoginException - if the logout fails.