Exemple : Un module de connexion de jeton de connexion unique personnalisé
Ce fichier montre comment savoir si la connexion est une connexion initiale ou par propagation.
Pour plus d'informations sur l'initialisation et sur la procédure à suivre lors de la connexion et de la validation, voir Développement de modules de connexion personnalisés pour une configuration de connexion système pour JAAS.
public customLoginModule()
{
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options)
{
_sharedState = sharedState;
}
public boolean login() throws LoginException
{
// Handles the WSTokenHolderCallback to see if this is an initial or
// propagation login.
Callback callbacks[] = new Callback[1];
callbacks[0] = new WSTokenHolderCallback("Authz Token List: ");
try
{
callbackHandler.handle(callbacks);
}
catch (Exception e)
{
// handle exception
}
// Receives the ArrayList of TokenHolder objects (the serialized tokens)
List authzTokenList = ((WSTokenHolderCallback) callbacks[0]).getTokenHolderList();
if (authzTokenList != null)
{
// iterate through the list looking for your custom token
for (int i=0; i
for (int i=0; i<authzTokenList.size(); i++)
{
TokenHolder tokenHolder = (TokenHolder)authzTokenList.get(i);
// Looks for the name and version of your custom SingleSignonToken
// implementation
if (tokenHolder.getName().equals("myCookieName")
&& tokenHolder.getVersion() == 1)
{
// Passes the bytes into your custom SingleSignonToken constructor
// to deserialize
customSSOToken = new
com.ibm.websphere.security.token.CustomSingleSignonTokenImpl
(tokenHolder.getBytes());
}
}
}
else
// This is not a propagation login. Create a new instance of your
// SingleSignonToken implementation
{
// Gets the principal from the default SingleSignonToken. This principal
// must match all tokens.
defaultAuthToken = (com.ibm.wsspi.security.token.AuthenticationToken)
sharedState.get(com.ibm.wsspi.security.auth.callback.Constants.WSAUTHTOKEN_KEY);
String principal = defaultAuthToken.getPrincipal();
// Adds a new custom single sign-on (SSO) token. This is an initial login.
// Pass the principal into the constructor
customSSOToken = new com.ibm.websphere.security.token.
CustomSingleSignonTokenImpl(principal);
// add any initial attributes
if (customSSOToken != null)
{
customSSOToken.addAttribute("key1", "value1");
customSSOToken.addAttribute("key1", "value2");
customSSOToken.addAttribute("key2", "value1");
customSSOToken.addAttribute("key3", "something different");
}
}
// Note: You can add the token to the Subject during commit in case something
// happens during the login.
}
public boolean commit() throws LoginException
{
if (customSSOToken != null)
{
// Sets the customSSOToken token into the Subject
try
{
public final SingleSignonToken customSSOTokenPriv = customSSOToken;
// Do this in a doPrivileged code block so that application code does not
// need to add additional permissions
java.security.AccessController.doPrivileged(new java.security.PrivilegedAction()
{
public Object run()
{
try
{
// Adds the custom SSO token if it is not null and
// not already in the Subject
if ((customSSOTokenPriv != null) &&
(!subject.getPrivateCredentials().
contains(customSSOTokenPriv)))
{
subject.getPrivateCredentials().
add(customSSOTokenPriv);
}
}
catch (Exception e)
{
throw new WSLoginFailedException (e.getMessage(), e);
}
return null;
}
});
}
catch (Exception e)
{
throw new WSLoginFailedException (e.getMessage(), e);
}
}
}
// Defines your login module variables
com.ibm.wsspi.security.token.SingleSignonToken customSSOToken = null;
com.ibm.wsspi.security.token.AuthenticationToken defaultAuthToken = null;
java.util.Map _sharedState = null;
}