View Javadoc
1   package org.argeo.api;
2   
3   import java.util.Map;
4   
5   import javax.security.auth.AuthPermission;
6   import javax.security.auth.Subject;
7   import javax.security.auth.callback.CallbackHandler;
8   import javax.security.auth.login.LoginException;
9   import javax.security.auth.spi.LoginModule;
10  
11  import org.argeo.api.security.DataAdminPrincipal;
12  
13  /**
14   * Log-in a system process as data admin. Protection is via
15   * {@link AuthPermission} on this login module, so if it can be accessed it will
16   * always succeed.
17   */
18  public class DataAdminLoginModule implements LoginModule {
19  	private Subject subject;
20  
21  	@Override
22  	public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
23  			Map<String, ?> options) {
24  		this.subject = subject;
25  	}
26  
27  	@Override
28  	public boolean login() throws LoginException {
29  		return true;
30  	}
31  
32  	@Override
33  	public boolean commit() throws LoginException {
34  		subject.getPrincipals().add(new DataAdminPrincipal());
35  		return true;
36  	}
37  
38  	@Override
39  	public boolean abort() throws LoginException {
40  		return true;
41  	}
42  
43  	@Override
44  	public boolean logout() throws LoginException {
45  		subject.getPrincipals().removeAll(subject.getPrincipals(DataAdminPrincipal.class));
46  		return true;
47  	}
48  }