Package org.apache.sling.auth.saml2.sp

Class Saml2LoginModule

  • All Implemented Interfaces:
    LoginModule
    public class Saml2LoginModule
extends org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule

    • Field Summary

      • Fields inherited from class org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule

        callbackHandler, options, SHARED_KEY_ATTRIBUTES, SHARED_KEY_CREDENTIALS, SHARED_KEY_LOGIN_NAME, SHARED_KEY_PRE_AUTH_LOGIN, sharedState, subject

    • Constructor Detail

      • Saml2LoginModule

        public Saml2LoginModule()

    • Method Detail

      • getSupportedCredentials

        @Nonnull
protected Set<Class> getSupportedCredentials()
        Specified by:
        getSupportedCredentials in class org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule

      • login

        public boolean login()
              throws LoginException
        Method to authenticate a Subject (phase 1).

        The implementation of this method authenticates a Subject. For example, it may prompt for Subject information such as a username and password and then attempt to verify the password. This method saves the result of the authentication attempt as private state within the LoginModule.

        Returns:
        true if the authentication succeeded, or false if this LoginModule should be ignored.
        Throws:
        LoginException - if the authentication fails

      • commit

        public boolean commit()
               throws LoginException
        Method to commit the authentication process (phase 2).

        This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).

        If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates relevant Principals and Credentials with the Subject located in the LoginModule. If this LoginModule's own authentication attempted failed, then this method removes/destroys any state that was originally saved.

        Returns:
        true if this method succeeded, or false if this LoginModule should be ignored.
        Throws:
        LoginException - if the commit fails

      • initialize

        public void initialize​(Subject subject,
                       CallbackHandler callbackHandler,
                       Map<String,​?> sharedState,
                       Map<String,​?> options)
        Specified by:
        initialize in interface LoginModule
        Overrides:
        initialize in class org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule

      • abort

        public boolean abort()
              throws LoginException
        Specified by:
        abort in interface LoginModule
        Overrides:
        abort in class org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule
        Throws:
        LoginException

      • clearState

        protected void clearState()
        Overrides:
        clearState in class org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule