Overview  Package   Class  Tree  Deprecated  Index  Help 
Java EE 5 SDK
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.appserv.security
Class ProgrammaticLogin

java.lang.Object
  extended by com.sun.appserv.security.ProgrammaticLogin

public class ProgrammaticLogin
extends Object

Implement programmatic login.

This class allows deployed applications to supply a name and password directly to the security service. This info will be used to attempt to login to the current realm. If authentication succeeds, a security context is established as this user.

This allows applications to programmatically handle authentication. The use of this mechanism is not recommended since it bypasses the standard J2EE mechanisms and places all burden on the application developer.

Invoking this method requires the permission ProgrammaticLoginPermission with the method name being invoked.

There are two forms of the login method, one which includes the HTTP request and response objects for use by servlets and one which can be used by EJBs.

Constructor Summary
ProgrammaticLogin()
           
 
Method Summary
 Boolean login(String user, String password)
          Attempt to login.
 Boolean login(String user, String password, HttpServletRequest request, HttpServletResponse response)
          Attempt to login.
 Boolean login(String user, String password, String realm, boolean errors)
          Attempt to login.
 Boolean login(String user, String password, String realm, HttpServletRequest request, HttpServletResponse response, boolean errors)
          Attempt to login.
 Boolean logout()
          Attempt to logout.
 Boolean logout(boolean errors)
          Attempt to logout.
 Boolean logout(HttpServletRequest request, HttpServletResponse response)
          Attempt to logout.
 Boolean logout(HttpServletRequest request, HttpServletResponse response, boolean errors)
          Attempt to logout.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ProgrammaticLogin

public ProgrammaticLogin()
Method Detail

login

public Boolean login(String user,
                     String password,
                     String realm,
                     boolean errors)
              throws Exception
Attempt to login.

Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject.

On client side, realm and errors parameters will be ignored and the actual login will not occur until we actually access a resource requiring a login. And a java.rmi.AccessException with COBRA NO_PERMISSION will occur when actual login is failed.

This method is intented primarily for EJBs wishing to do programmatic login. If servlet code used this method the established identity will be propagated to EJB calls but will not be used for web container manager authorization. In general servlets should use the servlet-specific version of login instead.

Parameters:
user - User name.
password - Password for user.
realm - the realm name in which the user should be logged in.
errors - errors=true, propagate any exception encountered to the user errors=false, no exceptions are propagated.
Returns:
Boolean containing true or false to indicate success or failure of login.
Throws:
Exception - any exception encountered during Login.

login

public Boolean login(String user,
                     String password)
Attempt to login.

Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject.

On client side, the actual login will not occur until we actually access a resource requiring a login. And a java.rmi.AccessException with COBRA NO_PERMISSION will occur when actual login is failed.

This method is intented primarily for EJBs wishing to do programmatic login. If servlet code used this method the established identity will be propagated to EJB calls but will not be used for web container manager authorization. In general servlets should use the servlet-specific version of login instead.

Parameters:
user - User name.
password - Password for user.
Returns:
Boolean containing true or false to indicate success or failure of login.

login

public Boolean login(String user,
                     String password,
                     String realm,
                     HttpServletRequest request,
                     HttpServletResponse response,
                     boolean errors)
              throws Exception
Attempt to login. This method is specific to servlets (and JSPs).

Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject. In addition, the principal stored in the request is set to the user name. If a session is available, its principal is also set to the user provided.

Parameters:
realm -
errors -
user - User name.
password - Password for user.
request - HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
response - HTTP response object provided by called application. It should be an instance of HttpServletResponse.
Returns:
Boolean indicating true for successful login and false otherwise
Throws:
Exception - any exceptions encountered during login

login

public Boolean login(String user,
                     String password,
                     HttpServletRequest request,
                     HttpServletResponse response)
Attempt to login. This method is specific to servlets (and JSPs).

Upon successful return from this method the SecurityContext will be set in the name of the given user as its Subject. In addition, the principal stored in the request is set to the user name. If a session is available, its principal is also set to the user provided.

Parameters:
user - User name.
password - Password for user.
request - HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
response - HTTP response object provided by called application. It should be an instance of HttpServletResponse.
Returns:
Boolean containing true or false to indicate success or failure of login.

logout

public Boolean logout()
Attempt to logout.

logout

public Boolean logout(boolean errors)
               throws Exception
Attempt to logout.

Parameters:
errors, - errors = true, the method will propagate the exceptions encountered while logging out, errors=false will return a Boolean value of false indicating failure of logout
Returns:
Boolean containing true or false to indicate success or failure of logout.
Throws:
Exception - encountered while logging out, if errors==false

logout

public Boolean logout(HttpServletRequest request,
                      HttpServletResponse response)
Attempt to logout. Also removes principal from request (and session if available).

logout

public Boolean logout(HttpServletRequest request,
                      HttpServletResponse response,
                      boolean errors)
               throws Exception
Attempt to logout. Also removes principal from request (and session if available).

Parameters:
errors, - errors = true, the method will propagate the exceptions encountered while logging out, errors=false will return a Boolean value of false indicating failure of logout
Returns:
Boolean containing true or false to indicate success or failure of logout.
Throws:
Exception, - exception encountered while logging out and if errors == true
Exception
Overview  Package   Class  Tree  Deprecated  Index  Help 
Java EE 5 SDK
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Submit a bug or feature

Copyright 2006 Sun Microsystems, Inc. All rights reserved.