Path: blob/master/src/java.base/share/classes/javax/security/auth/spi/LoginModule.java
67848 views
/*1* Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package javax.security.auth.spi;2627import javax.security.auth.Subject;28import javax.security.auth.AuthPermission;29import javax.security.auth.callback.*;30import javax.security.auth.login.*;31import java.util.Map;3233/**34* <p> Service-provider interface for authentication technology providers.35* LoginModules are plugged in under applications to provide a particular36* type of authentication.37*38* <p> While applications write to the {@code LoginContext} API,39* authentication technology providers implement the40* {@code LoginModule} interface.41* A {@code Configuration} specifies the LoginModule(s)42* to be used with a particular login application. Therefore different43* LoginModules can be plugged in under the application without44* requiring any modifications to the application itself.45*46* <p> The {@code LoginContext} is responsible for reading the47* {@code Configuration} and instantiating the appropriate48* LoginModules. Each {@code LoginModule} is initialized with49* a {@code Subject}, a {@code CallbackHandler}, shared50* {@code LoginModule} state, and LoginModule-specific options.51*52* The {@code Subject} represents the53* {@code Subject} currently being authenticated and is updated54* with relevant Credentials if authentication succeeds.55* LoginModules use the {@code CallbackHandler} to56* communicate with users. The {@code CallbackHandler} may be57* used to prompt for usernames and passwords, for example.58* Note that the {@code CallbackHandler} may be null. LoginModules59* which absolutely require a {@code CallbackHandler} to authenticate60* the {@code Subject} may throw a {@code LoginException}.61* LoginModules optionally use the shared state to share information62* or data among themselves.63*64* <p> The LoginModule-specific options represent the options65* configured for this {@code LoginModule} by an administrator or user66* in the login {@code Configuration}.67* The options are defined by the {@code LoginModule} itself68* and control the behavior within it. For example, a69* {@code LoginModule} may define options to support debugging/testing70* capabilities. Options are defined using a key-value syntax,71* such as <i>debug=true</i>. The {@code LoginModule}72* stores the options as a {@code Map} so that the values may73* be retrieved using the key. Note that there is no limit to the number74* of options a {@code LoginModule} chooses to define.75*76* <p> The calling application sees the authentication process as a single77* operation. However, the authentication process within the78* {@code LoginModule} proceeds in two distinct phases.79* In the first phase, the LoginModule's80* {@code login} method gets invoked by the LoginContext's81* {@code login} method. The {@code login}82* method for the {@code LoginModule} then performs83* the actual authentication (prompt for and verify a password for example)84* and saves its authentication status as private state85* information. Once finished, the LoginModule's {@code login}86* method either returns {@code true} (if it succeeded) or87* {@code false} (if it should be ignored), or throws a88* {@code LoginException} to specify a failure.89* In the failure case, the {@code LoginModule} must not retry the90* authentication or introduce delays. The responsibility of such tasks91* belongs to the application. If the application attempts to retry92* the authentication, the LoginModule's {@code login} method will be93* called again.94*95* <p> In the second phase, if the LoginContext's overall authentication96* succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL97* LoginModules succeeded), then the {@code commit}98* method for the {@code LoginModule} gets invoked.99* The {@code commit} method for a {@code LoginModule} checks its100* privately saved state to see if its own authentication succeeded.101* If the overall {@code LoginContext} authentication succeeded102* and the LoginModule's own authentication succeeded, then the103* {@code commit} method associates the relevant104* Principals (authenticated identities) and Credentials (authentication data105* such as cryptographic keys) with the {@code Subject}106* located within the {@code LoginModule}.107*108* <p> If the LoginContext's overall authentication failed (the relevant109* REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed),110* then the {@code abort} method for each {@code LoginModule}111* gets invoked. In this case, the {@code LoginModule} removes/destroys112* any authentication state originally saved.113*114* <p> Logging out a {@code Subject} involves only one phase.115* The {@code LoginContext} invokes the LoginModule's {@code logout}116* method. The {@code logout} method for the {@code LoginModule}117* then performs the logout procedures, such as removing Principals or118* Credentials from the {@code Subject} or logging session information.119*120* <p> A {@code LoginModule} implementation must have a constructor with121* no arguments. This allows classes which load the {@code LoginModule}122* to instantiate it.123*124* @since 1.4125* @see javax.security.auth.login.LoginContext126* @see javax.security.auth.login.Configuration127*/128public interface LoginModule {129130/**131* Initialize this LoginModule.132*133* <p> This method is called by the {@code LoginContext}134* after this {@code LoginModule} has been instantiated.135* The purpose of this method is to initialize this136* {@code LoginModule} with the relevant information.137* If this {@code LoginModule} does not understand138* any of the data stored in {@code sharedState} or139* {@code options} parameters, they can be ignored.140*141* @param subject the {@code Subject} to be authenticated.142*143* @param callbackHandler a {@code CallbackHandler} for communicating144* with the end user (prompting for usernames and145* passwords, for example).146*147* @param sharedState state shared with other configured LoginModules.148*149* @param options options specified in the login150* {@code Configuration} for this particular151* {@code LoginModule}.152*/153void initialize(Subject subject, CallbackHandler callbackHandler,154Map<String,?> sharedState,155Map<String,?> options);156157/**158* Method to authenticate a {@code Subject} (phase 1).159*160* <p> The implementation of this method authenticates161* a {@code Subject}. For example, it may prompt for162* {@code Subject} information such163* as a username and password and then attempt to verify the password.164* This method saves the result of the authentication attempt165* as private state within the LoginModule.166*167* @exception LoginException if the authentication fails168*169* @return true if the authentication succeeded, or false if this170* {@code LoginModule} should be ignored.171*/172boolean login() throws LoginException;173174/**175* Method to commit the authentication process (phase 2).176*177* <p> This method is called if the LoginContext's178* overall authentication succeeded179* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules180* succeeded).181*182* <p> If this LoginModule's own authentication attempt183* succeeded (checked by retrieving the private state saved by the184* {@code login} method), then this method associates relevant185* Principals and Credentials with the {@code Subject} located in the186* {@code LoginModule}. If this LoginModule's own187* authentication attempted failed, then this method removes/destroys188* any state that was originally saved.189*190* @exception LoginException if the commit fails191*192* @return true if this method succeeded, or false if this193* {@code LoginModule} should be ignored.194*/195boolean commit() throws LoginException;196197/**198* Method to abort the authentication process (phase 2).199*200* <p> This method is called if the LoginContext's201* overall authentication failed.202* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules203* did not succeed).204*205* <p> If this LoginModule's own authentication attempt206* succeeded (checked by retrieving the private state saved by the207* {@code login} method), then this method cleans up any state208* that was originally saved.209*210* @exception LoginException if the abort fails211*212* @return true if this method succeeded, or false if this213* {@code LoginModule} should be ignored.214*/215boolean abort() throws LoginException;216217/**218* Method which logs out a {@code Subject}.219*220* <p>An implementation of this method might remove/destroy a Subject's221* Principals and Credentials.222*223* @exception LoginException if the logout fails224*225* @return true if this method succeeded, or false if this226* {@code LoginModule} should be ignored.227*/228boolean logout() throws LoginException;229}230231232