commit
boolean commit() throws LoginException;
The commit method
is called to commit the authentication process. This is phase 2 of
authentication when phase 1 succeeds. It is called if the LoginContext's
overall authentication succeeded (that is, if the relevant REQUIRED,
REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded.)
This
method should access the authentication result and corresponding authentication
state saved by the login method.
If the authentication
result denotes that the login method failed, then
this commit method should remove/destroy any corresponding
state that was originally saved.
If the saved result instead
denotes that this LoginModule's login method
succeeded, then the corresponding state information should be accessed
to build any relevant Principal and credential information.
Such Principals and credentials should then be added
to the Subject stored away by the initialize method.
After
adding Principals and credentials, dispensable state
fields should be destroyed expeditiously. Likely fields to destroy
would be user names and passwords stored during the authentication
process.
The commit method should save private
state indicating whether the commit succeeded or failed.
LoginModule's commit method
should return. The different boxes represent the different situations
that may occur. For example, the second cell of the third row depicts
what the commit method should return if both the
previous call to login succeeded and the commit method
itself succeeded.
| LOGIN | COMMIT | |
|---|---|---|
| SUCCESS | FAILURE | |
| SUCCESS | return TRUE |
throw EXCEPTION |
| FAILURE | return FALSE |
return FALSE |