com.ibm.crypto.pkcs11impl.module

Class PKCS11LoginModule

  • java.lang.Object
    • com.ibm.crypto.pkcs11impl.module.PKCS11LoginModule
  • All Implemented Interfaces:
    javax.security.auth.spi.LoginModule
    Deprecated.

    public class PKCS11LoginModule
extends java.lang.Object
implements javax.security.auth.spi.LoginModule

    This LoginModule interacts with a hardware cryptographic device to login a user. Than the module creates a PKCS11 session and associates it with a PKCS11Principal. Finally, the PKCS11Principal is associated with a Subject.

    This LoginModule requires CallbackHandlers.

    This LoginModule recognizes the debug option. If set to true in the login Configuration, debug messages will be output to the output stream, system.out.

    Author:
    John Peck
    See Also:
    LoginModule, TextInputCallback, PasswordCallback, LoginContext

    • Constructor Summary

      Constructors 
      Constructor and Description
      PKCS11LoginModule()
      Deprecated. 
       

    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method and Description
      boolean abort()
      Deprecated.  
      boolean commit()
      Deprecated.  
      void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler callbackHandler, java.util.Map sharedState, java.util.Map options)
      Deprecated.  
      boolean login()
      Deprecated.  
      boolean logout()
      Deprecated.  

      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • PKCS11LoginModule

        public PKCS11LoginModule()
        Deprecated. 

    • Method Detail

      • initialize

        public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler callbackHandler,
                       java.util.Map sharedState,
                       java.util.Map options)
        Deprecated. 
        Initialize this LoginModule.

        Specified by:
        initialize in interface javax.security.auth.spi.LoginModule
        Parameters:
        subject - the Subject to be authenticated.
        callbackHandler - a CallbackHandler for communicating with the end user (prompting for PKCS11 Library colon slot (such as cryptoki.dll:0) and PIN.
        sharedState - shared LoginModule state.
        options - options specified in the login Configuration for this particular LoginModule.

      • login

        public boolean login()
              throws javax.security.auth.login.LoginException
        Deprecated. 
        Authenticate the user by prompting for a PKCS11 Library colon slot number, such as cryptoki.dll:0, and PIN.

        Specified by:
        login in interface javax.security.auth.spi.LoginModule
        Returns:
        true in all cases since this LoginModule should not be ignored.
        Throws:
        javax.security.auth.login.FailedLoginException - if the authentication fails.
        javax.security.auth.login.LoginException - if this LoginModule is unable to perform the authentication.

      • commit

        public boolean commit()
               throws javax.security.auth.login.LoginException
        Deprecated. 

        This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).

        If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login method), then this method associates a PKCS11Principal with the Subject located in the LoginModuleContext. If this LoginModule's own authentication attempted failed, then this method removes any state that was originally saved.

        Specified by:
        commit in interface javax.security.auth.spi.LoginModule
        Returns:
        true if this LoginModule's own login and commit attempts succeeded, or false otherwise.
        Throws:
        javax.security.auth.login.LoginException - if the commit fails.

      • abort

        public boolean abort()
              throws javax.security.auth.login.LoginException
        Deprecated. 

        This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).

        If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the login and commit methods), then this method cleans up any state that was originally saved.

        Specified by:
        abort in interface javax.security.auth.spi.LoginModule
        Returns:
        false if this LoginModule's own login and/or commit attempts failed, and true otherwise.
        Throws:
        javax.security.auth.login.LoginException - if the abort fails.

      • logout

        public boolean logout()
               throws javax.security.auth.login.LoginException
        Deprecated. 
        Logout the user.

        This method removes the PKCS11Principal, that may have been added by the commit method.

        Specified by:
        logout in interface javax.security.auth.spi.LoginModule
        Returns:
        true in all cases since this LoginModule should not be ignored.
        Throws:
        javax.security.auth.login.LoginException - if the logout fails.
Skip navigation links

© Portions Copyright 2003, 2017 IBM Corporation. All rights reserved.
© Portions Copyright 2003, 2017, Oracle and/or its affiliates. All rights reserved.