/**
* Logout a user.
*
* <p>This method removes the Principals that were added by the <code>commit</code> method.
*
* @exception LoginException if the logout fails.
* @return true in all cases since this <code>LoginModule</code> should not be ignored.
*/
public boolean logout() throws LoginException {
if (subject.isReadOnly()) {
cleanState();
throw new LoginException("Subject is read-only");
}
Set principals = subject.getPrincipals();
principals.remove(ldapPrincipal);
principals.remove(userPrincipal);
if (authzIdentity != null) {
principals.remove(authzPrincipal);
}
// clean out state
cleanState();
succeeded = false;
commitSucceeded = false;
ldapPrincipal = null;
userPrincipal = null;
authzPrincipal = null;
if (debug) {
System.out.println("\t\t[LdapLoginModule] logged out Subject");
}
return true;
}
/**
* Complete user authentication.
*
* <p>This method is called if the LoginContext's overall authentication succeeded (the relevant
* REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
*
* <p>If this LoginModule's own authentication attempt succeeded (checked by retrieving the
* private state saved by the <code>login</code> method), then this method associates an <code>
* LdapPrincipal</code> and one or more <code>UserPrincipal</code>s with the <code>Subject</code>
* located in the <code>LoginModule</code>. If this LoginModule's own authentication attempted
* failed, then this method removes any state that was originally saved.
*
* @exception LoginException if the commit fails
* @return true if this LoginModule's own login and commit attempts succeeded, or false otherwise.
*/
public boolean commit() throws LoginException {
if (succeeded == false) {
return false;
} else {
if (subject.isReadOnly()) {
cleanState();
throw new LoginException("Subject is read-only");
}
// add Principals to the Subject
Set principals = subject.getPrincipals();
if (!principals.contains(ldapPrincipal)) {
principals.add(ldapPrincipal);
}
if (debug) {
System.out.println(
"\t\t[LdapLoginModule] " + "added LdapPrincipal \"" + ldapPrincipal + "\" to Subject");
}
if (!principals.contains(userPrincipal)) {
principals.add(userPrincipal);
}
if (debug) {
System.out.println(
"\t\t[LdapLoginModule] " + "added UserPrincipal \"" + userPrincipal + "\" to Subject");
}
if (authzPrincipal != null && (!principals.contains(authzPrincipal))) {
principals.add(authzPrincipal);
if (debug) {
System.out.println(
"\t\t[LdapLoginModule] "
+ "added UserPrincipal \""
+ authzPrincipal
+ "\" to Subject");
}
}
}
// in any case, clean out state
cleanState();
commitSucceeded = true;
return true;
}