logincontext.html
来自「SUN公司官方J2EE中文帮助文档 应该不错 有兴趣的下来看看 html格式的」· HTML 代码 · 共 613 行 · 第 1/2 页
HTML
613 行
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN""http://www.w3.org/TR/REC-html40/frameset.dtd">
<!--NewPage-->
<HTML>
<HEAD>
<!-- Generated by javadoc on Thu Jan 17 03:51:37 PST 2002 -->
<TITLE>
Java 2 Platform EE v1.3: Class LoginContext
</TITLE>
<LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../stylesheet.css" TITLE="Style">
</HEAD>
<BODY BGCOLOR="white">
<!-- ========== START OF NAVBAR ========== -->
<A NAME="navbar_top"><!-- --></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_top_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3">
<TR ALIGN="center" VALIGN="top">
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD>
<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD>
</TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
</EM>
</TD>
</TR>
<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
<A HREF="../../../../javax/security/auth/login/Configuration.html"><B>PREV CLASS</B></A>
NEXT CLASS</FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
<A HREF="../../../../index.html" TARGET="_top"><B>FRAMES</B></A>
<A HREF="LoginContext.html" TARGET="_top"><B>NO FRAMES</B></A></FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
SUMMARY: INNER | FIELD | <A HREF="#constructor_summary">CONSTR</A> | <A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL: FIELD | <A HREF="#constructor_detail">CONSTR</A> | <A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<!-- =========== END OF NAVBAR =========== -->
<HR>
<!-- ======== START OF CLASS DATA ======== -->
<H2>
<FONT SIZE="-1">
javax.security.auth.login</FONT>
<BR>
Class LoginContext</H2>
<PRE>
java.lang.Object
|
+--<B>javax.security.auth.login.LoginContext</B>
</PRE>
<HR>
<DL>
<DT>public class <B>LoginContext</B><DT>extends java.lang.Object</DL>
<P>
<p> The <code>LoginContext</code> class describes the basic methods used
to authenticate Subjects and provides a way to develop an
application independent of the underlying authentication technology.
A <code>Configuration</code> specifies the authentication technology, or
<code>LoginModule</code>, to be used with a particular application.
Therefore, different LoginModules can be plugged in under an application
without requiring any modifications to the application itself.
<p> In addition to supporting <i>pluggable</i> authentication, this class
also supports the notion of <i>stacked</i> authentication. In other words,
an application may be configured to use more than one
<code>LoginModule</code>. For example, one could
configure both a Kerberos <code>LoginModule</code> and a smart card
<code>LoginModule</code> under an application.
<p> A typical caller instantiates this class and passes in
a <i>name</i> and a <code>CallbackHandler</code>.
<code>LoginContext</code> uses the <i>name</i> as the index into the
<code>Configuration</code> to determine which LoginModules should be used,
and which ones must succeed in order for the overall authentication to
succeed. The <code>CallbackHandler</code> is passed to the underlying
LoginModules so they may communicate and interact with users
(prompting for a username and password via a graphical user interface,
for example).
<p> Once the caller has instantiated a <code>LoginContext</code>,
it invokes the <code>login</code> method to authenticate
a <code>Subject</code>. This <code>login</code> method invokes the
<code>login</code> method from each of the LoginModules configured for
the <i>name</i> specified by the caller. Each <code>LoginModule</code>
then performs its respective type of authentication (username/password,
smart card pin verification, etc.). Note that the LoginModules will not
attempt authentication retries or introduce delays if the authentication
fails. Such tasks belong to the caller.
<p> Regardless of whether or not the overall authentication succeeded,
this <code>login</code> method completes a 2-phase authentication process
by then calling either the <code>commit</code> method or the
<code>abort</code> method for each of the configured LoginModules.
The <code>commit</code> method for each <code>LoginModule</code>
gets invoked if the overall authentication succeeded,
whereas the <code>abort</code> method for each <code>LoginModule</code>
gets invoked if the overall authentication failed.
Each successful LoginModule's <code>commit</code>
method associates the relevant Principals (authenticated identities)
and Credentials (authentication data such as cryptographic keys)
with the <code>Subject</code>. Each LoginModule's <code>abort</code>
method cleans up or removes/destroys any previously stored authentication
state.
<p> If the <code>login</code> method returns without
throwing an exception, then the overall authentication succeeded.
The caller can then retrieve
the newly authenticated <code>Subject</code> by invoking the
<code>getSubject</code> method. Principals and Credentials associated
with the <code>Subject</code> may be retrieved by invoking the Subject's
respective <code>getPrincipals</code>, <code>getPublicCredentials</code>,
and <code>getPrivateCredentials</code> methods.
<p> To logout the <code>Subject</code>, the caller simply needs to
invoke the <code>logout</code> method. As with the <code>login</code>
method, this <code>logout</code> method invokes the <code>logout</code>
method for each <code>LoginModule</code> configured for this
<code>LoginContext</code>. Each LoginModule's <code>logout</code>
method cleans up state and removes/destroys Principals and Credentials
from the <code>Subject</code> as appropriate.
<p> Each of the configured LoginModules invoked by the
<code>LoginContext</code> is initialized with a
<code>Subject</code> to be authenticated, a <code>CallbackHandler</code>
used to communicate with users, shared <code>LoginModule</code> state,
and LoginModule-specific options.
If the <code>LoginContext</code> was not provided a <code>Subject</code>
then it instantiates one itself. Each <code>LoginModule</code>
which successfully authenticates a user updates the <code>Subject</code>
with the relevant user information (Principals and Credentials).
This <code>Subject</code> can then be returned via the
<code>getSubject</code> method from the <code>LoginContext</code> class
if the overall authentication succeeds. Note that LoginModules are always
invoked from within an <code>AccessController.doPrivileged</code> call.
Therefore, although LoginModules that perform security-sensitive tasks
(such as connecting to remote hosts) need to be granted the relevant
Permissions in the security <code>Policy</code>, the callers of the
LoginModules do not require those Permissions.
<p> A <code>LoginContext</code> supports authentication retries
by the calling application. For example, a LoginContext's
<code>login</code> method may be invoked multiple times
if the user incorrectly types in a password. However, a
<code>LoginContext</code> should not be used to authenticate
more than one <code>Subject</code>. A separate <code>LoginContext</code>
should be used to authenticate each different <code>Subject</code>.
<p> Multiple calls into the same <code>LoginContext</code>
do not affect the <code>LoginModule</code> state, or the
LoginModule-specific options.
<P>
<DL>
<DT><B>See Also: </B><DD><A HREF="../../../../javax/security/auth/Subject.html"><CODE>Subject</CODE></A>,
<A HREF="../../../../javax/security/auth/callback/CallbackHandler.html"><CODE>CallbackHandler</CODE></A>,
<A HREF="../../../../javax/security/auth/login/Configuration.html"><CODE>Configuration</CODE></A>,
<A HREF="../../../../javax/security/auth/spi/LoginModule.html"><CODE>LoginModule</CODE></A></DL>
<HR>
<P>
<!-- ======== INNER CLASS SUMMARY ======== -->
<!-- =========== FIELD SUMMARY =========== -->
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<A NAME="constructor_summary"><!-- --></A>
<TABLE BORDER="1" CELLPADDING="3" CELLSPACING="0" WIDTH="100%">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TD COLSPAN=2><FONT SIZE="+2">
<B>Constructor Summary</B></FONT></TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><B><A HREF="../../../../javax/security/auth/login/LoginContext.html#LoginContext(java.lang.String)">LoginContext</A></B>(java.lang.String name)</CODE>
<BR>
Constructor for the <code>LoginContext</code> class.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><B><A HREF="../../../../javax/security/auth/login/LoginContext.html#LoginContext(java.lang.String, javax.security.auth.callback.CallbackHandler)">LoginContext</A></B>(java.lang.String name,
<A HREF="../../../../javax/security/auth/callback/CallbackHandler.html">CallbackHandler</A> callbackHandler)</CODE>
<BR>
Constructor for the <code>LoginContext</code> class.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><B><A HREF="../../../../javax/security/auth/login/LoginContext.html#LoginContext(java.lang.String, javax.security.auth.Subject)">LoginContext</A></B>(java.lang.String name,
<A HREF="../../../../javax/security/auth/Subject.html">Subject</A> subject)</CODE>
<BR>
Constructor for the <code>LoginContext</code> class.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><B><A HREF="../../../../javax/security/auth/login/LoginContext.html#LoginContext(java.lang.String, javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler)">LoginContext</A></B>(java.lang.String name,
<A HREF="../../../../javax/security/auth/Subject.html">Subject</A> subject,
<A HREF="../../../../javax/security/auth/callback/CallbackHandler.html">CallbackHandler</A> callbackHandler)</CODE>
<BR>
Constructor for the <code>LoginContext</code> class.</TD>
</TR>
</TABLE>
<!-- ========== METHOD SUMMARY =========== -->
<A NAME="method_summary"><!-- --></A>
<TABLE BORDER="1" CELLPADDING="3" CELLSPACING="0" WIDTH="100%">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TD COLSPAN=2><FONT SIZE="+2">
<B>Method Summary</B></FONT></TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE> <A HREF="../../../../javax/security/auth/Subject.html">Subject</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../javax/security/auth/login/LoginContext.html#getSubject()">getSubject</A></B>()</CODE>
<BR>
Return the authenticated Subject.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE> void</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../javax/security/auth/login/LoginContext.html#login()">login</A></B>()</CODE>
<BR>
Perform the authentication and, if successful,
associate Principals and Credentials with the authenticated
<code>Subject</code>.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE> void</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../javax/security/auth/login/LoginContext.html#logout()">logout</A></B>()</CODE>
<BR>
Logout the <code>Subject</code>.</TD>
</TR>
</TABLE>
<A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A>
<TABLE BORDER="1" CELLPADDING="3" CELLSPACING="0" WIDTH="100%">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TD><B>Methods inherited from class java.lang.Object</B></TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</CODE></TD>
</TR>
</TABLE>
<P>
<!-- ============ FIELD DETAIL =========== -->
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<A NAME="constructor_detail"><!-- --></A>
<TABLE BORDER="1" CELLPADDING="3" CELLSPACING="0" WIDTH="100%">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TD COLSPAN=1><FONT SIZE="+2">
<B>Constructor Detail</B></FONT></TD>
</TR>
</TABLE>
<A NAME="LoginContext(java.lang.String)"><!-- --></A><H3>
LoginContext</H3>
<PRE>
public <B>LoginContext</B>(java.lang.String name)
throws <A HREF="../../../../javax/security/auth/login/LoginException.html">LoginException</A></PRE>
<DL>
<DD>Constructor for the <code>LoginContext</code> class.
<p> Initialize the new <code>LoginContext</code> object with a name.
<code>LoginContext</code> uses the specified name as the index
into the <code>Configuration</code> to determine which LoginModules
should be used. If the provided name does not match any in the
<code>Configuration</code>, then the <code>LoginContext</code>
uses the default <code>Configuration</code> entry, "<i>other</i>".
If there is no <code>Configuration</code> entry for "<i>other</i>",
then a <code>LoginException</code> is thrown.
<p> This constructor does not allow for a
<code>CallbackHandler</code>. Therefore the underlying LoginModules
will not have a <code>CallbackHandler</code> for use in communicating
with users. The caller thus assumes that the configured
LoginModules have alternative means for authenticating the user.
<p> Since no <code>Subject</code> can be specified to this constructor,
it instantiates a <code>Subject</code> itself.
<p><DD><DL>
<DT><B>Parameters:</B><DD><CODE>name</CODE> - the name used as the index into the
<code>Configuration</code>.<DT><B>Throws:</B><DD><CODE><A HREF="../../../../javax/security/auth/login/LoginException.html">LoginException</A></CODE> - if the specified <code>name</code>
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?