/** * Overriding to allow DN authorization based on DNs specified in text * files. * * @param certs The certificate the incoming connection provided. * @return The user's authenticated name or null if unable to authenticate * the user. * @throws LoginException Thrown if unable to find user file or connection * certificate. */ @Override protected String getUserNameForCertificates(final X509Certificate[] certs) throws LoginException { if (certs == null) { throw new LoginException("Client certificates not found. Cannot authenticate."); } String dn = getDistinguishedName(certs); return usersByDn.containsKey(dn) ? usersByDn.get(dn) : getUserByRegexp(dn); }
/** * Performs initialization of file paths. A standard JAAS override. */ @Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) { super.initialize(subject, callbackHandler, sharedState, options); usersByDn = load(USER_FILE_PROP_NAME, "", options).invertedPropertiesMap(); regexpByUser = load(USER_FILE_PROP_NAME, "", options).regexpPropertiesMap(); rolesByUser = load(ROLE_FILE_PROP_NAME, "", options).invertedPropertiesValuesMap(); }
@Before public void setUp() throws Exception { loginModule = new TextFileCertificateLoginModule(); }