DelegatingLoginModule (RHQ Enterprise Server JAR 4.13.0 API)

java.lang.Object
- org.jboss.security.auth.spi.AbstractServerLoginModule
- - org.jboss.security.auth.spi.UsernamePasswordLoginModule
  - - org.rhq.enterprise.server.core.jaas.DelegatingLoginModule

All Implemented Interfaces:

LoginModule
```
public class DelegatingLoginModule
extends org.jboss.security.auth.spi.UsernamePasswordLoginModule
```
A login module that just delegates all work to a different security domain.
When you use container managed security (CMS), EAP 6.1 requires the security domain being already present in standalone.xml With our setup we (re)-create the security domain of RHQUserSecurityDomain dynamically, which makes CMS fail on startup and also on re-create. The approach of just exchanging login modules does not work correctly either (principals keep being cached, server goes into need-reload state). So we now have a security domain for the CMS for the REST api that just delegates to the RHQUserSecuritDomain.
```
 <security-domain name="RHQRESTSecurityDomain" cache-type="default">
   <authentication>
       <login-module code="org.rhq.enterprise.server.core.jaas.DelegatingLoginModule" flag="required">
           <module-option name="delegateTo" value="RHQUserSecurityDomain"/>
           <module-option name="additionalRoles" value="rest-user"/>
       </login-module>
   </authentication>
 </security-domain>
```
Author:

Heiko W. Rupp

Field Summary
- Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
  callbackHandler, log, loginOk, options, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass

Constructor Summary

Constructors
Constructor and Description

DelegatingLoginModule()

Constructors
Constructor and Description
`DelegatingLoginModule()`

Method Summary

Methods
Modifier and Type	Method and Description
`protected Principal`	`getIdentity()`
`protected Group[]`	`getRoleSets()`
`protected String`	`getUsersPassword()`
`void`	`initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)`
`boolean`	`login()` Do the actual login work - we obtain the user/password passed in and then try to log into the delegated context.

Methods inherited from class org.jboss.security.auth.spi.UsernamePasswordLoginModule
createPasswordHash, getCredentials, getUnauthenticatedIdentity, getUsername, getUsernameAndPassword, getValidateError, safeClose, setValidateError, validatePassword

Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule
abort, addValidOptions, checkOptions, commit, createGroup, createIdentity, getCallerPrincipalGroup, getUseFirstPass, logout

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - DelegatingLoginModule
```
public DelegatingLoginModule()
```
- Method Detail
  - initialize
```
public void initialize(Subject subject,
              CallbackHandler callbackHandler,
              Map<String,?> sharedState,
              Map<String,?> options)
```
    Specified by:
    
    initialize in interface LoginModule
    
    Overrides:
    
    initialize in class org.jboss.security.auth.spi.UsernamePasswordLoginModule
  - login
```
public boolean login()
              throws LoginException
```
    Do the actual login work - we obtain the user/password passed in and then try to log into the delegated context. If this succeeds, we tell the super-module, so this can do further processing (especially running the #commit() method).
    
    Specified by:
    
    login in interface LoginModule
    
    Overrides:
    
    login in class org.jboss.security.auth.spi.UsernamePasswordLoginModule
    
    Returns:
    True on success
    
    Throws:
    
    LoginException - If anything goes wrong
  - getUsersPassword
```
protected String getUsersPassword()
                           throws LoginException
```
    Specified by:
    
    getUsersPassword in class org.jboss.security.auth.spi.UsernamePasswordLoginModule
    
    Throws:
    
    LoginException
  - getIdentity
```
protected Principal getIdentity()
```
    Overrides:
    
    getIdentity in class org.jboss.security.auth.spi.UsernamePasswordLoginModule
  - getRoleSets
```
protected Group[] getRoleSets()
                       throws LoginException
```
    Specified by:
    
    getRoleSets in class org.jboss.security.auth.spi.AbstractServerLoginModule
    
    Throws:
    
    LoginException

Class DelegatingLoginModule

Field Summary

Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule

Constructor Summary

Method Summary

Methods inherited from class org.jboss.security.auth.spi.UsernamePasswordLoginModule

Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule

Methods inherited from class java.lang.Object

Constructor Detail

DelegatingLoginModule

Method Detail

initialize

login

getUsersPassword

getIdentity

getRoleSets