例: カスタムのシングル・サインオン・トークン・ログイン・モジュール

このファイルは、ログインが初期ログインであるか、伝搬ログインであるかを判別する方法を示します。

初期化に関して、およびログインとコミット時に実行する内容については、JAAS のシステム・ログイン構成用のカスタム・ログイン・モジュールの開発を参照してください。

public customLoginModule() 
{
		public void initialize(Subject subject, CallbackHandler callbackHandler, 
     Map sharedState, Map options) 
	{
			_sharedState = sharedState;
	}

	public boolean login() throws LoginException
	{
     // Handles the WSTokenHolderCallback to see if this is an initial or 
     // propagation login.
				  Callback callbacks[] = new Callback[1];
				  callbacks[0] = new WSTokenHolderCallback("Authz Token List: ");
	        
		try
		{
			                callbackHandler.handle(callbacks);
		} 
		catch (Exception e)
		{
			// handle exception
		} 
            
				// Receives the ArrayList of TokenHolder objects (the serialized tokens)
				List authzTokenList = ((WSTokenHolderCallback) callbacks[0]).getTokenHolderList();
        
		if (authzTokenList != null)
		{
						// iterate through the list looking for your custom token
						for (int i=0; i
					for (int i=0; i<authzTokenList.size(); i++)
			{
								        TokenHolder tokenHolder = (TokenHolder)authzTokenList.get(i);

								// Looks for the name and version of your custom SingleSignonToken 
          // implementation
								if (tokenHolder.getName().equals("myCookieName") 
              && tokenHolder.getVersion() == 1)
				{
										// Passes the bytes into your custom SingleSignonToken constructor 
            //  to deserialize
										customSSOToken = new 									
						com.ibm.websphere.security.token.CustomSingleSignonTokenImpl
                   (tokenHolder.getBytes());

				}
			}
		}
		else
          // This is not a propagation login. Create a new instance of your
          // SingleSignonToken implementation
		{
       			// Gets the principal from the default SingleSignonToken. This principal
       //  must match all tokens.
							defaultAuthToken = (com.ibm.wsspi.security.token.AuthenticationToken) 
								sharedState.get(com.ibm.wsspi.security.auth.callback.Constants.WSAUTHTOKEN_KEY);
							String principal = defaultAuthToken.getPrincipal();

						// Adds a new custom single sign-on (SSO) token. This is an initial login. 
       //  Pass the principal into the constructor 
						customSSOToken = new com.ibm.websphere.security.token.
           CustomSingleSignonTokenImpl(principal);

						// add any initial attributes
			if (customSSOToken != null)
			{
								customSSOToken.addAttribute("key1", "value1");
								customSSOToken.addAttribute("key1", "value2");
								customSSOToken.addAttribute("key2", "value1");
								customSSOToken.addAttribute("key3", "something different");
			}
		}

     		// Note: You can add the token to the Subject during commit in case something
     // happens during the login.
	}

	public boolean commit() throws LoginException
	{
		if (customSSOToken != null)
		{
						// Sets the customSSOToken token into the Subject
			try
			{
								public final SingleSignonToken customSSOTokenPriv = customSSOToken;
          				// Do this in a doPrivileged code block so that application code does not
          // need to add additional permissions
								java.security.AccessController.doPrivileged(new java.security.PrivilegedAction() 
				{
								public Object run()
					{
						try
						{
														// Adds the custom SSO token if it is not null and 
                 //  not already in the Subject
                          												if ((customSSOTokenPriv != null) &&
																		(!subject.getPrivateCredentials().
                          contains(customSSOTokenPriv)))
							{
																subject.getPrivateCredentials().
                      add(customSSOTokenPriv);
							}
						} 
						catch (Exception e)
						{
									throw new WSLoginFailedException (e.getMessage(), e);
						}

						return null;
					}
				});
			}
			catch (Exception e)
			{
						throw new WSLoginFailedException (e.getMessage(), e);
			}
		}
	}

	// Defines your login module variables
		com.ibm.wsspi.security.token.SingleSignonToken customSSOToken = null;
	com.ibm.wsspi.security.token.AuthenticationToken defaultAuthToken = null;
	java.util.Map _sharedState = null;
}

トピックのタイプを示すアイコン 参照トピック



タイム・スタンプ・アイコン 最終更新: last_date
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=xsec_custssotokenlmodule
ファイル名:xsec_custssotokenlmodule.html