|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.filenet.api.authentication.jboss.login.FnClientLoginModule
public class FnClientLoginModule
A client can use FnClientLoginModule
in place of the JBoss-supplied
ClientLoginModule
to authenticate its users to the Content Engine. The JBoss
ClientLoginModule
does not associate a user’s identity with the login’s Subject
;
instead, it associates the user’s identity with the most recent login operation.
This behavior can cause a problem if the client code uses multiple user identities. To illustrate,
consider code like this:
Subject ident_jane = UserContext.createSubject("jane", JANES_PASSWORD"); Subject ident_joe = UserContext.createSubject("joe", JOES_PASSWORD"); UserContext.pushSubject(ident_jane); // do work as Jane UserContext.pushSubject(ident_joe); // do work as Joe
Transparently, the createSubject
method does a JAAS login using the JAAS
"FileNetP8" stanza (defined in the jaas.conf.JBoss
configuration file).
If the "FileNetP8" stanza is set to use the JBoss ClientLoginModule
, as
shown below:
FileNetP8 { org.jboss.security.ClientLoginModule required; };
then all of the work is performed as if Joe were the user, because Joe was the most recent login. No work would be performed as Jane in this case. To correct this problem, use this setting for the JAAS "FileNetP8" stanza:
FileNetP8 { com.filenet.api.authentication.jboss.login.FnClientLoginModule required; };
which is the default on JBoss installations if the client is configured to use <installation_directory>\Programs\FileNet\CE_API\config\samples\jaas.conf.JBoss.
In the more common case, in which the client code uses only one user identity, you can use
either FnClientLoginModule
or the JBoss ClientLoginModule
.
You can specify other options as necessary for FnClientLoginModule
when you modify
the stanza, as follows:
debug=true
to write additional debug messages on the console of the JBoss
client. The default is false
.multi-threaded=true
if the client is running in a
multi-threaded environment, which is the case for Workplace (in this case Workplace is considered
to be a client of the Content Engine) or if the client has several threads each using different
user identities. The default is false
.Make sure to specify for the client the JAAS configuration file that contains your modifications. The typical way to specify this file for the client is through a JVM argument, similar to the following, when starting the client’s JVM:
–Djava.security.auth.login.config="c:/Program Files/FileNet/CE_API/config/samples/jaas.conf.JBoss"
(For more information and descriptions of the LoginModule methods, see your JBoss documentation for org.jboss.security.ClientLoginModule.)
Constructor Summary | |
---|---|
FnClientLoginModule()
|
Method Summary | |
---|---|
boolean |
abort()
|
boolean |
commit()
|
void |
initialize(javax.security.auth.Subject subject,
javax.security.auth.callback.CallbackHandler callbackHandler,
java.util.Map sharedState,
java.util.Map options)
|
boolean |
login()
|
boolean |
logout()
|
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public FnClientLoginModule()
Method Detail |
---|
public void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
initialize
in interface javax.security.auth.spi.LoginModule
public boolean login() throws javax.security.auth.login.LoginException
login
in interface javax.security.auth.spi.LoginModule
javax.security.auth.login.LoginException
public boolean commit()
commit
in interface javax.security.auth.spi.LoginModule
public boolean abort()
abort
in interface javax.security.auth.spi.LoginModule
public boolean logout()
logout
in interface javax.security.auth.spi.LoginModule
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |