+

Search Tips   |   Advanced Search

Example: Custom propagation token login module

This example shows how to determine if the login is an initial login or a propagation login.

public customLoginModule() 
{
	public void initialize(Subject subject, CallbackHandler callbackHandler, 
         Map sharedState, Map options) 
	{
		// (For more information on what to do during initialization, see 
     // Developing custom login modules for a system login configuration for JAAS.)
	}

	public boolean login() throws LoginException 
	{
		// (For more information on what to do during login, see 
     // Developing custom login modules for a system login configuration for JAAS.)

		// Handles the WSTokenHolderCallback to see if this is an initial
     // or propagation login.
		Callback callbacks[] = new Callback[1];
		callbacks[0] = new WSTokenHolderCallback("Authz Token List: ");
	        
		try
		{
			callbackHandler.handle(callbacks);
		} 
		catch (Exception e)
		{
			// handle exception
		} 
            
		// Receives the ArrayList of TokenHolder objects (the serialized tokens)
		List authzTokenList = ((WSTokenHolderCallback) callbacks[0]).getTokenHolderList();
        
		if (authzTokenList != null)
		{
			// Iterates through the list looking for our custom token
			for (int i=0; i<authzTokenList.size(); i++)
			{
				TokenHolder tokenHolder = (TokenHolder)authzTokenList.get(i);

				// Looks for the name and version of our custom PropagationToken implementation
				if (tokenHolder.getName().equals("
              com.ibm.websphere.security.token.CustomPropagationTokenImpl") &&
				    tokenHolder.getVersion() == 1)
				{
					// Passes the bytes into our custom PropagationToken constructor 
            //  to deserialize
					customPropToken = new 									
						com.ibm.websphere.security.token.CustomPropagationTokenImpl(tokenHolder.
                  getBytes());

				}
			}
		}
		else // This is not a propagation login. Create a new instance of 
          // your PropagationToken implementation
		{
			// Adds a new custom propagation token. This is an initial login 
			customPropToken = new com.ibm.websphere.security.token.CustomPropagationTokenImpl();

			// Adds any initial attributes
			if (customPropToken != null)
			{
				customPropToken.addAttribute("key1", "value1");
				customPropToken.addAttribute("key1", "value2");
				customPropToken.addAttribute("key2", "value1");
				customPropToken.addAttribute("key3", "something different");
			}
		}

		// Note: We can add the token to the thread during commit in case 
     // something happens during the login.
	}

	public boolean commit() throws LoginException 
	{
		// For more information on what to do during commit, see
     // Developing custom login modules for a system login configuration for JAAS.
		if (customPropToken != null)
		{
			// Sets the propagation token on the thread
			try
			{

				System.out.println(tc, "*** ADDED MY CUSTOM PROPAGATION TOKEN TO THE THREAD ***");
				// Prints out the values in the deserialized propagation token
				java.util.Enumeration keys = customPropToken.getAttributeNames();
				while (keys.hasMoreElements()) 
				{
					String key = (String) keys.nextElement();
					String[] list = (String[]) customPropToken.getAttributes(key);
					for (int k=0; k<list.length; k++)
					System.out.println("Key/Value: " + key + "/" + list[k]);
				}

				// This sets it on the thread using getName() + getVersion() as the key
				com.ibm.wsspi.security.token.WSSecurityPropagationHelper.addPropagationToken(
              customPropToken);
			}
			catch (Exception e)
			{
				// Handles exception
			}


			// Now we can verify that we have set it properly by trying to get
       // it back from the thread and print the values.
			try
			{
				// This gets the PropagationToken from the thread using getName() 
          // and getVersion() parameters.
				com.ibm.wsspi.security.token.PropagationToken tempPropagationToken = 			
					com.ibm.wsspi.security.token.WSSecurityPropagationHelper.getPropagationToken 
						("com.ibm.websphere.security.token.CustomPropagationTokenImpl", 1);

				if  (tempPropagationToken != null)
				{
					System.out.println(tc, "*** RECEIVED MY CUSTOM PROPAGATION 
               TOKEN FROM THE THREAD ***");
					// Prints out the values in the deserialized propagation token
					java.util.Enumeration keys = tempPropagationToken.getAttributeNames();
					while (keys.hasMoreElements()) 
					{
						String key = (String) keys.nextElement();
						String[] list = (String[]) tempPropagationToken.getAttributes(key);
						for (int k=0; k<list.length; k++)
						System.out.println("Key/Value: " + key + "/" + list[k]);
					}
				}
			}
			catch (Exception e)
			{
				// Handles exception
			}
		}
	}

	// Defines your login module variables
	com.ibm.wsspi.security.token.PropagationToken customPropToken = null;

}

  • Implement a custom propagation token for security attribute propagation
  • Developing custom login modules for a system login configuration for JAAS