@Override public boolean identify(Subject subject) throws LoginException { if (secureAdmin == null) { return false; } final String providedIndicator = textCB.getText(); final SpecialAdminIndicatorChecker checker = new SpecialAdminIndicatorChecker( providedIndicator, secureAdmin.getSpecialAdminIndicator(), remoteHostAuth.textCB.getText()); if (checker.result() == SpecialAdminIndicatorChecker.Result.MISMATCHED) { throw new LoginException(); } /* * Either there was no special indicator or there was one and * it matched what we expect. */ if (checker.result() == SpecialAdminIndicatorChecker.Result.MATCHED) { /* * Add a principal indicating that this subject represents * another server in the domain and so we * can trust it completely, even if the request is remote and secure * admin is disabled. */ subject.getPrincipals().add(new AdminIndicatorPrincipal(providedIndicator)); return true; } return false; } }