Class TextFileCertificateLoginModule

  • All Implemented Interfaces:

    public class TextFileCertificateLoginModule
    extends CertificateLoginModule
    A LoginModule allowing for SSL certificate based authentication based on Distinguished Names (DN) stored in text files. The DNs are parsed using a Properties class where each line is either = or =//. This class also uses a group definition file where each line is =,,etc. The user and group files' locations must be specified in the org.apache.activemq.jaas.textfiledn.user and properties respectively. NOTE: This class will re-read user and group files for every authentication (i.e it does live updates of allowed groups and users).
    Author: (Sepand)
    • Constructor Detail

      • TextFileCertificateLoginModule

        public TextFileCertificateLoginModule()
    • Method Detail

      • getUserNameForCertificates

        protected String getUserNameForCertificates​(X509Certificate[] certs)
                                             throws LoginException
        Overriding to allow DN authorization based on DNs specified in text files.
        Specified by:
        getUserNameForCertificates in class CertificateLoginModule
        certs - The certificate the incoming connection provided.
        The user's authenticated name or null if unable to authenticate the user.
        LoginException - Thrown if unable to find user file or connection certificate.
      • getUserGroups

        protected Set<String> getUserGroups​(String username)
                                     throws LoginException
        Overriding to allow for group discovery based on text files.
        Specified by:
        getUserGroups in class CertificateLoginModule
        username - The name of the user being examined. This is the same name returned by getUserNameForCertificates.
        A Set of name Strings for groups this user belongs to.
        LoginException - Thrown if unable to find group definition file.