165 * fully qualified class name of a default handler
166 * implementation. If the security property is not set,
167 * then the underlying modules will not have a
168 * CallbackHandler for use in communicating
169 * with users. The caller thus assumes that the configured
170 * modules have alternative means for authenticating the user.
171 *
172 *
173 * <li> When the LoginContext uses the installed Configuration (instead of
174 * a caller-specified Configuration, see above),
175 * then this LoginContext must wrap any
176 * caller-specified or default CallbackHandler implementation
177 * in a new CallbackHandler implementation
178 * whose {@code handle} method implementation invokes the
179 * specified CallbackHandler's {@code handle} method in a
180 * {@code java.security.AccessController.doPrivileged} call
181 * constrained by the caller's current {@code AccessControlContext}.
182 * </ul>
183 * </ol>
184 *
185 * @see java.security.Security
186 * @see javax.security.auth.AuthPermission
187 * @see javax.security.auth.Subject
188 * @see javax.security.auth.callback.CallbackHandler
189 * @see javax.security.auth.login.Configuration
190 * @see javax.security.auth.spi.LoginModule
191 * @see java.security.Security security properties
192 */
193 public class LoginContext {
194
195 private static final String LOGIN_METHOD = "login";
196 private static final String COMMIT_METHOD = "commit";
197 private static final String ABORT_METHOD = "abort";
198 private static final String LOGOUT_METHOD = "logout";
199 private static final String OTHER = "other";
200 private static final String DEFAULT_HANDLER =
201 "auth.login.defaultCallbackHandler";
202 private Subject subject = null;
203 private boolean subjectProvided = false;
204 private boolean loginSucceeded = false;
|
165 * fully qualified class name of a default handler
166 * implementation. If the security property is not set,
167 * then the underlying modules will not have a
168 * CallbackHandler for use in communicating
169 * with users. The caller thus assumes that the configured
170 * modules have alternative means for authenticating the user.
171 *
172 *
173 * <li> When the LoginContext uses the installed Configuration (instead of
174 * a caller-specified Configuration, see above),
175 * then this LoginContext must wrap any
176 * caller-specified or default CallbackHandler implementation
177 * in a new CallbackHandler implementation
178 * whose {@code handle} method implementation invokes the
179 * specified CallbackHandler's {@code handle} method in a
180 * {@code java.security.AccessController.doPrivileged} call
181 * constrained by the caller's current {@code AccessControlContext}.
182 * </ul>
183 * </ol>
184 *
185 * @since 1.4
186 * @see java.security.Security
187 * @see javax.security.auth.AuthPermission
188 * @see javax.security.auth.Subject
189 * @see javax.security.auth.callback.CallbackHandler
190 * @see javax.security.auth.login.Configuration
191 * @see javax.security.auth.spi.LoginModule
192 * @see java.security.Security security properties
193 */
194 public class LoginContext {
195
196 private static final String LOGIN_METHOD = "login";
197 private static final String COMMIT_METHOD = "commit";
198 private static final String ABORT_METHOD = "abort";
199 private static final String LOGOUT_METHOD = "logout";
200 private static final String OTHER = "other";
201 private static final String DEFAULT_HANDLER =
202 "auth.login.defaultCallbackHandler";
203 private Subject subject = null;
204 private boolean subjectProvided = false;
205 private boolean loginSucceeded = false;
|