105 * Principals (authenticated identities) and Credentials (authentication data
106 * such as cryptographic keys) with the {@code Subject}
107 * located within the {@code LoginModule}.
108 *
109 * <p> If the LoginContext's overall authentication failed (the relevant
110 * REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed),
111 * then the {@code abort} method for each {@code LoginModule}
112 * gets invoked. In this case, the {@code LoginModule} removes/destroys
113 * any authentication state originally saved.
114 *
115 * <p> Logging out a {@code Subject} involves only one phase.
116 * The {@code LoginContext} invokes the LoginModule's {@code logout}
117 * method. The {@code logout} method for the {@code LoginModule}
118 * then performs the logout procedures, such as removing Principals or
119 * Credentials from the {@code Subject} or logging session information.
120 *
121 * <p> A {@code LoginModule} implementation must have a constructor with
122 * no arguments. This allows classes which load the {@code LoginModule}
123 * to instantiate it.
124 *
125 * @see javax.security.auth.login.LoginContext
126 * @see javax.security.auth.login.Configuration
127 */
128 public interface LoginModule {
129
130 /**
131 * Initialize this LoginModule.
132 *
133 * <p> This method is called by the {@code LoginContext}
134 * after this {@code LoginModule} has been instantiated.
135 * The purpose of this method is to initialize this
136 * {@code LoginModule} with the relevant information.
137 * If this {@code LoginModule} does not understand
138 * any of the data stored in {@code sharedState} or
139 * {@code options} parameters, they can be ignored.
140 *
141 * @param subject the {@code Subject} to be authenticated.
142 *
143 * @param callbackHandler a {@code CallbackHandler} for communicating
144 * with the end user (prompting for usernames and
|
105 * Principals (authenticated identities) and Credentials (authentication data
106 * such as cryptographic keys) with the {@code Subject}
107 * located within the {@code LoginModule}.
108 *
109 * <p> If the LoginContext's overall authentication failed (the relevant
110 * REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed),
111 * then the {@code abort} method for each {@code LoginModule}
112 * gets invoked. In this case, the {@code LoginModule} removes/destroys
113 * any authentication state originally saved.
114 *
115 * <p> Logging out a {@code Subject} involves only one phase.
116 * The {@code LoginContext} invokes the LoginModule's {@code logout}
117 * method. The {@code logout} method for the {@code LoginModule}
118 * then performs the logout procedures, such as removing Principals or
119 * Credentials from the {@code Subject} or logging session information.
120 *
121 * <p> A {@code LoginModule} implementation must have a constructor with
122 * no arguments. This allows classes which load the {@code LoginModule}
123 * to instantiate it.
124 *
125 * @since 1.4
126 * @see javax.security.auth.login.LoginContext
127 * @see javax.security.auth.login.Configuration
128 */
129 public interface LoginModule {
130
131 /**
132 * Initialize this LoginModule.
133 *
134 * <p> This method is called by the {@code LoginContext}
135 * after this {@code LoginModule} has been instantiated.
136 * The purpose of this method is to initialize this
137 * {@code LoginModule} with the relevant information.
138 * If this {@code LoginModule} does not understand
139 * any of the data stored in {@code sharedState} or
140 * {@code options} parameters, they can be ignored.
141 *
142 * @param subject the {@code Subject} to be authenticated.
143 *
144 * @param callbackHandler a {@code CallbackHandler} for communicating
145 * with the end user (prompting for usernames and
|