/**
* Instantiate a new {@code LoginContext} object with a name and a {@code CallbackHandler} object.
*
* <p>
*
* @param name the name used as the index into the {@code Configuration}.
* <p>
* @param callbackHandler the {@code CallbackHandler} object used by LoginModules to communicate
* with the user.
* @exception LoginException if the caller-specified {@code name} does not appear in the {@code
* Configuration} and there is no {@code Configuration} entry for "<i>other</i>", or if the
* caller-specified {@code callbackHandler} is {@code null}.
* <p>
* @exception SecurityException if a SecurityManager is set and the caller does not have
* AuthPermission("createLoginContext.<i>name</i>"), or if a configuration entry for
* <i>name</i> does not exist and the caller does not additionally have
* AuthPermission("createLoginContext.other")
*/
public LoginContext(String name, CallbackHandler callbackHandler) throws LoginException {
init(name);
if (callbackHandler == null)
throw new LoginException(ResourcesMgr.getString("invalid.null.CallbackHandler.provided"));
this.callbackHandler =
new SecureCallbackHandler(java.security.AccessController.getContext(), callbackHandler);
}
private void loadDefaultCallbackHandler() throws LoginException {
// get the default handler class
try {
final ClassLoader finalLoader = contextClassLoader;
this.callbackHandler =
java.security.AccessController.doPrivileged(
new java.security.PrivilegedExceptionAction<CallbackHandler>() {
public CallbackHandler run() throws Exception {
String defaultHandler = java.security.Security.getProperty(DEFAULT_HANDLER);
if (defaultHandler == null || defaultHandler.length() == 0) return null;
Class<? extends CallbackHandler> c =
Class.forName(defaultHandler, true, finalLoader)
.asSubclass(CallbackHandler.class);
return c.newInstance();
}
});
} catch (java.security.PrivilegedActionException pae) {
throw new LoginException(pae.getException().toString());
}
// secure it with the caller's ACC
if (this.callbackHandler != null && creatorAcc == null) {
this.callbackHandler =
new SecureCallbackHandler(
java.security.AccessController.getContext(), this.callbackHandler);
}
}
/**
* Instantiate a new {@code LoginContext} object with a name, a {@code Subject} to be
* authenticated, a {@code CallbackHandler} object, and a login {@code Configuration}.
*
* <p>
*
* @param name the name used as the index into the caller-specified {@code Configuration}.
* <p>
* @param subject the {@code Subject} to authenticate, or {@code null}.
* <p>
* @param callbackHandler the {@code CallbackHandler} object used by LoginModules to communicate
* with the user, or {@code null}.
* <p>
* @param config the {@code Configuration} that lists the login modules to be called to perform
* the authentication, or {@code null}.
* @exception LoginException if the caller-specified {@code name} does not appear in the {@code
* Configuration} and there is no {@code Configuration} entry for "<i>other</i>".
* <p>
* @exception SecurityException if a SecurityManager is set, <i>config</i> is {@code null}, and
* either the caller does not have AuthPermission("createLoginContext.<i>name</i>"), or if a
* configuration entry for <i>name</i> does not exist and the caller does not additionally
* have AuthPermission("createLoginContext.other")
* @since 1.5
*/
public LoginContext(
String name, Subject subject, CallbackHandler callbackHandler, Configuration config)
throws LoginException {
this.config = config;
if (config != null) {
creatorAcc = java.security.AccessController.getContext();
}
init(name);
if (subject != null) {
this.subject = subject;
subjectProvided = true;
}
if (callbackHandler == null) {
loadDefaultCallbackHandler();
} else if (creatorAcc == null) {
this.callbackHandler =
new SecureCallbackHandler(java.security.AccessController.getContext(), callbackHandler);
} else {
this.callbackHandler = callbackHandler;
}
}
