jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jukka Zitting <jukka.zitt...@gmail.com>
Subject Re: Make "Whiteboard" accessible through ContentRepository
Date Thu, 13 Feb 2014 16:34:41 GMT
Hi,

On Wed, Feb 12, 2014 at 10:15 AM, Tobias Bocanegra <tripod@apache.org> wrote:
> But this LoginBackend is in the end something similar like a
> specialized ServiceRegistry. So why not use the whiteboard instead?

You're seeing service registries everywhere. :-)

No, the idea of the LoginBackend is to be contain all the
authentication logic that uses whatever dependencies that are needed.
See the end of this message for a quick draft of how this could work.
Or we could even use a delegate LoginModule like in the
ProxyLoginModule case Chetan described.

BR,

Jukka Zitting


// MyLoginModule.java

public class MyLoginModule implements LoginModule {

    private Subject subject;

    private CallbackHandler callbackHandler;

    private LoginBackend backend;

    private boolean success;

    private final Set<Principal> principals = newHashSet();

    private final Set<Object> credentials = newHashSet();

    // can be overridden to work with LoginModuleFactory, or other
binding mechanisms
    protected LoginBackend getLoginBackend(Map<String, ?> options) {
        return (LoginBackend) options.get(LoginBackend.class.getName());
    }

    @Override
    public void initialize(
            Subject subject, CallbackHandler callbackHandler,
            Map<String, ?> sharedState, Map<String, ?> options) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.backend = getLoginBackend(options);
        this.success = false;
    }

    @Override
    public boolean login() throws LoginException {
        if (backend == null) {
            return false;
        }

        // Perform login using credential information from callbackHandler.
        // Return authenticated principals and the used credentials in the
        // given sets. Throw LoginException if authentication fails.
        backend.login(callbackHandler, principals, credentials);
        success = true;
        return true;
    }

    @Override
    public boolean commit() throws LoginException {
        if (backend == null) {
            return false;
        }

        if (success) {
            // add login details to the subject
            subject.getPrincipals().addAll(principals);
            subject.getPublicCredentials().addAll(credentials);
        } else {
            // clear state
            principals.clear();
            credentials.clear();
        }
        return true;
    }

    @Override
    public boolean abort() throws LoginException {
        if (backend == null) {
            return false;
        }

        // clear state
        principals.clear();
        credentials.clear();
        success = false;
        return false;
    }

    @Override
    public boolean logout() throws LoginException {
        if (backend == null) {
            return false;
        }

        if (success) {
            // remove login details from the subject
            subject.getPrincipals().removeAll(principals);
            subject.getPublicCredentials().removeAll(credentials);
        }

        // clear state
        principals.clear();
        credentials.clear();
        success = false;
        return true;
    }

}

Mime
View raw message