JAAS 登陆认证涉及的接口类:
LoginContext:应用程序通过调用该类的login方法来登陆认证。
LoginModule:抽象的登陆接口。用户需要实现接口,来定义自己的登陆模块。
Subject:一个需要认证的实体,如一个人,一段程序。
Principal:认证实体标志,如编号,角色等。
自定义登录认证类:
package root.tgview;
import java.io.IOException;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import sun.security.acl.PrincipalImpl;
public class RdbmsJaasLoginModuel implements LoginModule{
private Subject subject;
private CallbackHandler callbackHandler;
private Map<String, ?> sharedState;
private Map<String, ?> options;
private String url;
private String driverClass;
private boolean debug;
@Override
public boolean abort() throws LoginException {
this.subject=null;
return false;
}
@Override
public boolean commit() throws LoginException {
subject.getPrincipals().add(new PrincipalImpl("alice"));
return true;
}
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String, ?> sharedState, Map<String, ?> options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
this.sharedState = sharedState;
this.options = options;
//url = (String)options.get("url");
//driverClass = (String)options.get("driver");
//debug = "true".equalsIgnoreCase((String)options.get("debug"));
}
@Override
public boolean login() throws LoginException {
if (callbackHandler == null)
throw new LoginException("no handler");
NameCallback nameCb = new NameCallback("user: ");
PasswordCallback passCb = new PasswordCallback("password: ", true);
Callback[] callbacks = new Callback[] { nameCb, passCb };
try {
callbackHandler.handle(callbacks);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnsupportedCallbackException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
String username = nameCb.getName();
String password = new String(passCb.getPassword());
boolean success = rdbmsValidate(username, password);
return success;
}
private boolean rdbmsValidate(String username, String password) {
return username.equals(password);
}
@Override
public boolean logout() throws LoginException {
// TODO Auto-generated method stub
return false;
}
}
配置文件:
MyExample {
root.tgview.RdbmsJaasLoginModuel Required debug=true;
};
测试方法:
LoginContext lc=null;
try {
lc= new LoginContext("MyExample",new TextCallbackHandler());
lc.login();
Subject sub = lc.getSubject();
sub.doAs(sub, new TestPrivilegedAction());
} catch (LoginException e) {
e.printStackTrace();
}