Class GSSAcceptorLoginModule
java.lang.Object
net.shibboleth.idp.authn.spnego.impl.GSSAcceptorLoginModule
Kerberos login utility for the context acceptor, encapsulates a number of special options
used to create a security context for the GSS acceptor, usually based on a keytab file.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprivate classA JAAS username and password CallbackHandler. -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate LoginModuleThe JAAS login module to use.private final org.slf4j.LoggerClass logger.Options for the JAAS login module.private KerberosRealmSettingsThe realm settings.Hashtable to hold state of the JAAS login module. -
Constructor Summary
ConstructorsConstructorDescriptionGSSAcceptorLoginModule(KerberosRealmSettings realmSettings, boolean refreshKrb5Config, String loginModuleClassName) Constructor. -
Method Summary
-
Field Details
-
log
@Nonnull private final org.slf4j.Logger logClass logger. -
krbModule
The JAAS login module to use. -
state
Hashtable to hold state of the JAAS login module. -
options
Options for the JAAS login module. -
realm
The realm settings.
-
-
Constructor Details
-
GSSAcceptorLoginModule
public GSSAcceptorLoginModule(@Nonnull KerberosRealmSettings realmSettings, boolean refreshKrb5Config, @Nonnull @NotEmpty String loginModuleClassName) Constructor.- Parameters:
realmSettings- the settings of the realmrefreshKrb5Config- whether to set the JAAS login module's option "refreshKrb5Config"loginModuleClassName- the JAAS login module to use
-
-
Method Details
-
login
Execute the login and return a Subject for the acceptor identity.- Returns:
- the GSS acceptor Subject
- Throws:
LoginException- if an error occurs
-
logout
Perform a JAAS logout.- Throws:
LoginException- if an error occurs
-