JettyCombinedLdapLoginModule (rundeckapp 3.2.2-20200204 API)

java.lang.Object
- org.eclipse.jetty.jaas.spi.AbstractLoginModule
- - com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule
  - - com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule

All Implemented Interfaces:: javax.security.auth.spi.LoginModule

public class JettyCombinedLdapLoginModule
extends JettyCachingLdapLoginModule

Adds shared login credentials behavior, can be combined with other modules. Extends the configuration of JettyCachingLdapLoginModule with these options:

 ldaploginmodule {
    com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule required
    ...
    ignoreRoles="true"
    storePass="true"
    clearPass="true"
    useFirstPass="false"
    tryFirstPass="false"
    ;
    };

Nested Class Summary
- Nested classes/interfaces inherited from class org.eclipse.jetty.jaas.spi.AbstractLoginModule
  org.eclipse.jetty.jaas.spi.AbstractLoginModule.JAASUserInfo

Field Summary

Fields
Modifier and Type Field and Description

protected boolean _ignoreRoles
if true, ignore ldap role membership

protected SharedLoginCreds shared
- Fields inherited from class com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule
  _authenticationMethod, _bindDn, _bindPassword, _cacheDuration, _contextFactory, _debug, _forceBindingLogin, _forceBindingLoginUseRootContextForRoles, _hostname, _ldapsVerifyHostname, _nestedGroups, _port, _providerUrl, _reportStatistics, _roleBaseDn, _roleMemberAttribute, _roleMemberFilter, _roleNameAttribute, _roleObjectClass, _rolePrefix, _roleUsernameMemberAttribute, _rootContext, _supplementalRoles, _timeoutConnect, _timeoutRead, _userBaseDn, _userEmailAttribute, _userFirstNameAttribute, _userIdAttribute, _userLastNameAttribute, _userObjectClass, _userPasswordAttribute, _userRdnAttribute, loginAttempts, OBJECT_CLASS_FILTER, USERINFOCACHE, userInfoCacheHits

Fields
Modifier and Type	Field and Description
`protected boolean`	`_ignoreRoles` if true, ignore ldap role membership
`protected SharedLoginCreds`	`shared`

Constructor Summary

Constructors
Constructor and Description

JettyCombinedLdapLoginModule()

Constructors
Constructor and Description
`JettyCombinedLdapLoginModule()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`commit()`
`SharedLoginCreds`	`getShared()`
`protected java.util.List`	`getUserRoles(javax.naming.directory.DirContext dirContext, java.lang.String username)` Override to perform behavior of "ignoreRoles" option
`void`	`initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map<java.lang.String,?> sharedState, java.util.Map<java.lang.String,?> options)`
`boolean`	`login()` Override default login logic, to use shared login credentials if available
`protected void`	`wasAuthenticated(java.lang.String user, java.lang.Object pass)`

Methods inherited from class com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule
abort, addSupplementalRoles, authenticate, bindingLogin, credentialLogin, debug, doRFC2254Encoding, getCallBackAuth, getEnvironment, getOption, getUserInfo, initializeOptions, isDebug

Methods inherited from class org.eclipse.jetty.jaas.spi.AbstractLoginModule
configureCallbacks, getCallbackHandler, getCurrentUser, getSubject, isAuthenticated, isCommitted, isIgnored, logout, setAuthenticated, setCallbackHandler, setCommitted, setCurrentUser, setSubject

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - shared
```
protected SharedLoginCreds shared
```
  - _ignoreRoles
```
protected boolean _ignoreRoles
```
    if true, ignore ldap role membership
- Constructor Detail
  - JettyCombinedLdapLoginModule
```
public JettyCombinedLdapLoginModule()
```
- Method Detail
  - initialize
```
public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map<java.lang.String,?> sharedState,
                       java.util.Map<java.lang.String,?> options)
```
    Specified by:
    
    initialize in interface javax.security.auth.spi.LoginModule
    
    Overrides:
    
    initialize in class JettyCachingLdapLoginModule
  - getUserRoles
```
protected java.util.List getUserRoles(javax.naming.directory.DirContext dirContext,
                                      java.lang.String username)
                               throws javax.security.auth.login.LoginException,
                                      javax.naming.NamingException
```
    Override to perform behavior of "ignoreRoles" option
    
    Overrides:
    
    getUserRoles in class JettyCachingLdapLoginModule
    
    Parameters:
    
    dirContext - context
    
    username - username
    
    Returns:
    
    empty or supplemental roles list only if "ignoreRoles" is true, otherwise performs normal LDAP lookup
    
    Throws:
    
    javax.security.auth.login.LoginException
    
    javax.naming.NamingException
  - login
```
public boolean login()
              throws javax.security.auth.login.LoginException
```
    Override default login logic, to use shared login credentials if available
    
    Specified by:
    
    login in interface javax.security.auth.spi.LoginModule
    
    Overrides:
    
    login in class JettyCachingLdapLoginModule
    
    Returns:
    
    true if authenticated
    
    Throws:
    
    javax.security.auth.login.LoginException
  - wasAuthenticated
```
protected void wasAuthenticated(java.lang.String user,
                                java.lang.Object pass)
```
  - commit
```
public boolean commit()
               throws javax.security.auth.login.LoginException
```
    Specified by:
    
    commit in interface javax.security.auth.spi.LoginModule
    
    Overrides:
    
    commit in class JettyCachingLdapLoginModule
    
    Throws:
    
    javax.security.auth.login.LoginException
  - getShared
```
public SharedLoginCreds getShared()
```

Class JettyCombinedLdapLoginModule

Nested Class Summary

Nested classes/interfaces inherited from class org.eclipse.jetty.jaas.spi.AbstractLoginModule

Field Summary

Fields inherited from class com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule

Constructor Summary

Method Summary

Methods inherited from class com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule

Methods inherited from class org.eclipse.jetty.jaas.spi.AbstractLoginModule

Methods inherited from class java.lang.Object

Field Detail

shared

_ignoreRoles

Constructor Detail

JettyCombinedLdapLoginModule

Method Detail

initialize

getUserRoles

login

wasAuthenticated

commit

getShared