Package org.apache.cassandra.auth

Class CassandraLoginModule

  • All Implemented Interfaces:
    javax.security.auth.spi.LoginModule
    public class CassandraLoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule
    LoginModule which authenticates a user towards the Cassandra database using the internal authentication mechanism.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean abort()
      This method is called if the LoginContext's overall authentication failed.
      boolean commit()
      This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
      void initialize​(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,​?> sharedState, java.util.Map<java.lang.String,​?> options)
      Initialize this LoginModule.
      boolean login()
      Authenticate the user, obtaining credentials from the CallbackHandler supplied in initialize.
      boolean logout()
      Logout the user.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • CassandraLoginModule

        public CassandraLoginModule()

    • Method Detail

      • initialize

        public void initialize​(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map<java.lang.String,​?> sharedState,
                       java.util.Map<java.lang.String,​?> options)
        Initialize this LoginModule.
        Specified by:
        initialize in interface javax.security.auth.spi.LoginModule
        Parameters:
        subject - the Subject to be authenticated.

        callbackHandler - a CallbackHandler for communicating with the end user (prompting for user names and passwords, for example)
        sharedState - shared LoginModule state. This param is unused.
        options - options specified in the login Configuration for this particular LoginModule. This param is unused

      • login

        public boolean login()
              throws javax.security.auth.login.LoginException
        Authenticate the user, obtaining credentials from the CallbackHandler supplied in initialize. As long as the configured IAuthenticator supports the optional legacyAuthenticate method, it can be used here.
        Specified by:
        login in interface javax.security.auth.spi.LoginModule
        Returns:
        true in all cases since this LoginModule should not be ignored.
        Throws:
        javax.security.auth.login.FailedLoginException - if the authentication fails.
        javax.security.auth.login.LoginException - if this LoginModule is unable to perform the authentication.

      • commit

        public boolean commit()
               throws javax.security.auth.login.LoginException
        This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded). If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates a CassandraPrincipal with the Subject. If this LoginModule's own authentication attempted failed, then this method removes any state that was originally saved.
        Specified by:
        commit in interface javax.security.auth.spi.LoginModule
        Returns:
        true if this LoginModule's own login and commit attempts succeeded, false otherwise.
        Throws:
        javax.security.auth.login.LoginException - if the commit fails.

      • abort

        public boolean abort()
              throws javax.security.auth.login.LoginException
        This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed). If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login and commit methods), then this method cleans up any state that was originally saved.
        Specified by:
        abort in interface javax.security.auth.spi.LoginModule
        Returns:
        false if this LoginModule's own login and/or commit attempts failed, true otherwise.
        Throws:
        javax.security.auth.login.LoginException - if the abort fails.

      • logout

        public boolean logout()
               throws javax.security.auth.login.LoginException
        Logout the user. This method removes the principal that was added by the commit method.
        Specified by:
        logout in interface javax.security.auth.spi.LoginModule
        Returns:
        true in all cases since this LoginModule should not be ignored.
        Throws:
        javax.security.auth.login.LoginException - if the logout fails.