New Enterprise Module : JAAS Security #244
Conversation
Initial commit Java classes Fixed license issues Change URL in README.md for obtaining license ignore .java-version from jenv
|
Test FAILed. |
| } | ||
|
|
||
| public void clientDisconnected(Client client) { | ||
|
|
There was a problem hiding this comment.
can be added some logging..
| <client-login-modules> | ||
| <login-module class-name="ClientLoginModule" usage="REQUIRED"> | ||
| <properties> | ||
| <property name="lookupFilePath">value3</property> |
There was a problem hiding this comment.
What is this property for?
There was a problem hiding this comment.
It's a way for the JAAS ClientLoginModule to take outside properties. I guess this isn't very clear. I'll change the naming.
| * | ||
| */ | ||
| public class ClientLoginModule implements LoginModule { | ||
|
|
|
@dbrimley Thanks for the sample! Can you please fix checkstyle problems? |
|
Test PASSed. |
| import static com.hazelcast.examples.helper.LicenseUtils.ENTERPRISE_LICENSE_KEY; | ||
|
|
||
| /** | ||
| * Created by dbrimley on 19/05/2014. |
| loginOk = doLoginCheck((UsernamePasswordCredentials) credentials); | ||
| } | ||
|
|
||
| return loginOk; |
There was a problem hiding this comment.
When authentication fails, then LoginException should be thrown. The FailedLoginException child class is probably the best candidate.
Returning false just means the login module should be ignored. It can be used for instance when the login module stack contains several modules, each accepting different parameters. Return false in case the actual parameters are not sufficient for current login module.
| /** | ||
| * Tidy up the Subject | ||
| */ | ||
| private void clearSubject() { |
There was a problem hiding this comment.
Login modules should only clean-up their stuff (i.e. avoid removing data introduced by other login modules). It's a minor thing in this case, but if users use code samples as a quick-start for their implementations this should be done right.
There was a problem hiding this comment.
I only clean up if the whole chain is aborted or if there is a logout event, so I think it's fine.
| if(password.equals(credentials.getPassword())){ | ||
| String userGroup = userGroups.get(username); | ||
| if (userGroup != null){ | ||
| userGroupCredentials = new UserGroupCredentials(credentials.getEndpoint(),userGroup); |
There was a problem hiding this comment.
We don't add the authentication name part of the information into the Subject. Nonetheless, it's not a problem for this code sample.
|
Test FAILed. |
Initial commit Java classes Fixed license issues Change URL in README.md for obtaining license ignore .java-version from jenv
|
David, could you rebase to the current master and squash the commits? |
|
|
|
@kwart do you think this code sample is still useful? If so, we can rebase and squash without David's involvement. |
|
We don't need to include this code sample, I think. We have 2 other samples implementing custom login modules:
If there is a need for more, we can always resurrect this PR. Closing for now, feel free to reopen if necessary. |
This takes the JAAS Security example in my personal repo. AFAIK, we do not currently have a JAAS Security example in the code samples project.
Initial commit
Java classes
Fixed license issues
Change URL in README.md for obtaining license
ignore .java-version from jenv