Exemple : Un module de connexion de jeton de connexion unique personnalisé

Ce fichier montre comment savoir si la connexion est une connexion initiale ou par propagation.

Pour plus d'informations sur l'initialisation et sur la procédure à suivre lors de la connexion et de la validation, voir Développement de modules de connexion personnalisés pour une configuration de connexion système pour JAAS.

public customLoginModule() 
{
	public void initialize(Subject subject, CallbackHandler callbackHandler, 
     Map sharedState, Map options) 
	{
		_sharedState = sharedState;
	}

	public boolean login() throws LoginException 
	{
     // Handles the WSTokenHolderCallback to see if this is an initial or 
     // propagation login.
		Callback callbacks[] = new Callback[1];
		callbacks[0] = new WSTokenHolderCallback("Authz Token List: ");
	        
		try
		{
			callbackHandler.handle(callbacks);
		} 
		catch (Exception e)
		{
			// handle exception
		} 
            
		// Receives the ArrayList of TokenHolder objects (the serialized tokens)
		List authzTokenList = ((WSTokenHolderCallback) callbacks[0]).getTokenHolderList();
        
		if (authzTokenList != null)
		{
			// iterate through the list looking for your custom token
			for (int i=0; i
			for (int i=0; i<authzTokenList.size(); i++)
			{
				TokenHolder tokenHolder = (TokenHolder)authzTokenList.get(i);

				// Looks for the name and version of your custom SingleSignonToken 
          // implementation
				if (tokenHolder.getName().equals("myCookieName") 
              && tokenHolder.getVersion() == 1)
				{
					// Passes the bytes into your custom SingleSignonToken constructor 
            // to deserialize
					customSSOToken = new 									
						com.ibm.websphere.security.token.CustomSingleSignonTokenImpl
                   (tokenHolder.getBytes());

				}
			}
		}
		else 
          // This is not a propagation login. Create a new instance of your 
          // SingleSignonToken implementation
		{
       // Gets the principal from the default SingleSignonToken. This principal
       //  must match all tokens.
			defaultAuthToken = (com.ibm.wsspi.security.token.AuthenticationToken) 
				sharedState.get(com.ibm.wsspi.security.auth.callback.Constants.WSAUTHTOKEN_KEY);
			String principal = defaultAuthToken.getPrincipal();

			// Adds a new custom single sign-on (SSO) token. This is an initial login. 
       //  Pass the principal into the constructor 
			customSSOToken = new com.ibm.websphere.security.token.
           CustomSingleSignonTokenImpl(principal);

			// add any initial attributes
			if (customSSOToken != null)
			{
				customSSOToken.addAttribute("key1", "value1");
				customSSOToken.addAttribute("key1", "value2");
				customSSOToken.addAttribute("key2", "value1");
				customSSOToken.addAttribute("key3", "something different");
			}
		}

     // Note: You can add the token to the Subject during commit in case something
     // happens during the login.
	}

	public boolean commit() throws LoginException 
	{
		if (customSSOToken != null)
		{
			// Sets the customSSOToken token into the Subject
			try
			{
				public final SingleSignonToken customSSOTokenPriv = customSSOToken;
          // Do this in a doPrivileged code block so that application code does not
          // need to add additional permissions
				java.security.AccessController.doPrivileged(new java.security.PrivilegedAction() 
				{
					public Object run() 
					{
						try
						{
							// Adds the custom SSO token if it is not null and 
                 //  not already in the Subject
                          						if ((customSSOTokenPriv != null) &&
									(!subject.getPrivateCredentials().
                          contains(customSSOTokenPriv)))
							{
								subject.getPrivateCredentials().
                      add(customSSOTokenPriv);
							}
						} 
						catch (Exception e)
						{
							throw new WSLoginFailedException (e.getMessage(), e);
						}

						return null;
					}
				});
			}
			catch (Exception e)
			{
				throw new WSLoginFailedException (e.getMessage(), e);
			}
		}
	}

	// Defines your login module variables
	com.ibm.wsspi.security.token.SingleSignonToken customSSOToken = null;
	com.ibm.wsspi.security.token.AuthenticationToken defaultAuthToken = null;
	java.util.Map _sharedState = null;
}

Icône indiquant le type de rubrique Rubrique de référence



Icône d'horodatage Dernière mise à jour: last_date
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=xsec_custssotokenlmodule
Nom du fichier : xsec_custssotokenlmodule.html