Example: Custom propagation token login module
This example shows how to determine if the login is an initial login or a propagation login.
public customLoginModule() { public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { // (For more information on what to do during initialization, see // Developing custom login modules for a system login configuration for JAAS.) } public boolean login() throws LoginException { // (For more information on what to do during login, see // Developing custom login modules for a system login configuration for JAAS.) // Handles the WSTokenHolderCallback to see if this is an initial // or propagation login. Callback callbacks[] = new Callback[1]; callbacks[0] = new WSTokenHolderCallback("Authz Token List: "); try { callbackHandler.handle(callbacks); } catch (Exception e) { // handle exception } // Receives the ArrayList of TokenHolder objects (the serialized tokens) List authzTokenList = ((WSTokenHolderCallback) callbacks[0]).getTokenHolderList(); if (authzTokenList != null) { // Iterates through the list looking for our custom token for (int i=0; i<authzTokenList.size(); i++) { TokenHolder tokenHolder = (TokenHolder)authzTokenList.get(i); // Looks for the name and version of our custom PropagationToken implementation if (tokenHolder.getName().equals(" com.ibm.websphere.security.token.CustomPropagationTokenImpl") && tokenHolder.getVersion() == 1) { // Passes the bytes into our custom PropagationToken constructor // to deserialize customPropToken = new com.ibm.websphere.security.token.CustomPropagationTokenImpl(tokenHolder. getBytes()); } } } else // This is not a propagation login. Create a new instance of // your PropagationToken implementation { // Adds a new custom propagation token. This is an initial login customPropToken = new com.ibm.websphere.security.token.CustomPropagationTokenImpl(); // Adds any initial attributes if (customPropToken != null) { customPropToken.addAttribute("key1", "value1"); customPropToken.addAttribute("key1", "value2"); customPropToken.addAttribute("key2", "value1"); customPropToken.addAttribute("key3", "something different"); } } // Note: We can add the token to the thread during commit in case // something happens during the login. } public boolean commit() throws LoginException { // For more information on what to do during commit, see // Developing custom login modules for a system login configuration for JAAS. if (customPropToken != null) { // Sets the propagation token on the thread try { System.out.println(tc, "*** ADDED MY CUSTOM PROPAGATION TOKEN TO THE THREAD ***"); // Prints out the values in the deserialized propagation token java.util.Enumeration keys = customPropToken.getAttributeNames(); while (keys.hasMoreElements()) { String key = (String) keys.nextElement(); String[] list = (String[]) customPropToken.getAttributes(key); for (int k=0; k<list.length; k++) System.out.println("Key/Value: " + key + "/" + list[k]); } // This sets it on the thread using getName() + getVersion() as the key com.ibm.wsspi.security.token.WSSecurityPropagationHelper.addPropagationToken( customPropToken); } catch (Exception e) { // Handles exception } // Now we can verify that we have set it properly by trying to get // it back from the thread and print the values. try { // This gets the PropagationToken from the thread using getName() // and getVersion() parameters. com.ibm.wsspi.security.token.PropagationToken tempPropagationToken = com.ibm.wsspi.security.token.WSSecurityPropagationHelper.getPropagationToken ("com.ibm.websphere.security.token.CustomPropagationTokenImpl", 1); if (tempPropagationToken != null) { System.out.println(tc, "*** RECEIVED MY CUSTOM PROPAGATION TOKEN FROM THE THREAD ***"); // Prints out the values in the deserialized propagation token java.util.Enumeration keys = tempPropagationToken.getAttributeNames(); while (keys.hasMoreElements()) { String key = (String) keys.nextElement(); String[] list = (String[]) tempPropagationToken.getAttributes(key); for (int k=0; k<list.length; k++) System.out.println("Key/Value: " + key + "/" + list[k]); } } } catch (Exception e) { // Handles exception } } } // Defines your login module variables com.ibm.wsspi.security.token.PropagationToken customPropToken = null; }
Implement a custom propagation token for security attribute propagation Developing custom login modules for a system login configuration for JAAS