GssApiLoginModule (Hazelcast Enterprise(Core) 4.2.7 API)

java.lang.Object
- com.hazelcast.security.ClusterLoginModule
- - com.hazelcast.security.loginimpl.GssApiLoginModule

All Implemented Interfaces:

LoginModule
```
public class GssApiLoginModule
extends ClusterLoginModule
```
Hazelcast GSS-API LoginModule implementation.

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`OPTION_KEYTAB_FILE` Option name which allows (together with the `OPTION_PRINCIPAL`) simplification of security realm configurations.
`static String`	`OPTION_PRINCIPAL` Option name which allows (together with the `OPTION_KEYTAB_FILE`) simplification of security realm configurations.
`static String`	`OPTION_RELAX_FLAGS_CHECK` Name of the option which allows disabling some of the checks on incoming token (e.g.
`static String`	`OPTION_SECURITY_REALM` Option name for referencing Security realm name in Hazelcast configuration.
`static String`	`OPTION_USE_NAME_WITHOUT_REALM` Option name which allows cutting off the Kerberos realm part from authenticated name.

Fields inherited from class com.hazelcast.security.ClusterLoginModule
callbackHandler, commitSucceeded, endpoint, logger, loginSucceeded, OPTION_SKIP_ENDPOINT, OPTION_SKIP_IDENTITY, OPTION_SKIP_ROLE, options, SHARED_STATE_IDENTITY, sharedState, subject

Constructor Summary

Constructors
Constructor and Description

GssApiLoginModule()

Constructors
Constructor and Description
`GssApiLoginModule()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected String`	`getAuthenticatedName(GSSContext gssContext)`
`protected String`	`getName()`
`protected void`	`onInitialize()`
`boolean`	`onLogin()`

Methods inherited from class com.hazelcast.security.ClusterLoginModule
abort, addRole, commit, getBoolOption, getIntOption, getLastIdentity, getStringOption, initialize, isSkipIdentity, isSkipRole, login, logout, onAbort, onCommit, onLogout

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - OPTION_RELAX_FLAGS_CHECK
```
public static final String OPTION_RELAX_FLAGS_CHECK
```
    Name of the option which allows disabling some of the checks on incoming token (e.g. passes authentication even if the mutual authentication is required by the token).
    
    See Also:
    
    Constant Field Values
  - OPTION_SECURITY_REALM
```
public static final String OPTION_SECURITY_REALM
```
    Option name for referencing Security realm name in Hazelcast configuration. The realm's authentication configuration (when defined) will be used to fill the Subject with Kerberos credentials (e.g. KeyTab entry).
    
    See Also:
    
    Constant Field Values
  - OPTION_USE_NAME_WITHOUT_REALM
```
public static final String OPTION_USE_NAME_WITHOUT_REALM
```
    Option name which allows cutting off the Kerberos realm part from authenticated name. When the property value is set to true, the '@REALM' part is removed from the name (e.g. jduke@ACME.COM becomes jduke).
    
    See Also:
    
    Constant Field Values
  - OPTION_KEYTAB_FILE
```
public static final String OPTION_KEYTAB_FILE
```
    Option name which allows (together with the OPTION_PRINCIPAL) simplification of security realm configurations. For basic scenarios you don't need to specify the OPTION_SECURITY_REALM, but you can instead define directly kerberos principal name and keytab file path with credentials for given principal.
    This property is only used when the OPTION_SECURITY_REALM is not configured.
    
    See Also:
    
    Constant Field Values
  - OPTION_PRINCIPAL
```
public static final String OPTION_PRINCIPAL
```
    Option name which allows (together with the OPTION_KEYTAB_FILE) simplification of security realm configurations. For basic scenarios you don't need to specify the OPTION_SECURITY_REALM, but you can instead define directly kerberos principal name and keytab file path with credentials for given principal.
    This property is only used when the OPTION_SECURITY_REALM is not configured.
    
    See Also:
    
    Constant Field Values
- Constructor Detail
  - GssApiLoginModule
```
public GssApiLoginModule()
```
- Method Detail
  - onInitialize
```
protected void onInitialize()
```
    Overrides:
    
    onInitialize in class ClusterLoginModule
  - onLogin
```
public boolean onLogin()
                throws LoginException
```
    Specified by:
    
    onLogin in class ClusterLoginModule
    
    Throws:
    
    LoginException
  - getAuthenticatedName
```
protected String getAuthenticatedName(GSSContext gssContext)
                               throws GSSException
```
    Throws:
    
    GSSException
  - getName
```
protected String getName()
```
    Specified by:
    
    getName in class ClusterLoginModule

Class GssApiLoginModule

Field Summary

Fields inherited from class com.hazelcast.security.ClusterLoginModule

Constructor Summary

Method Summary

Methods inherited from class com.hazelcast.security.ClusterLoginModule

Methods inherited from class java.lang.Object

Field Detail

OPTION_RELAX_FLAGS_CHECK

OPTION_SECURITY_REALM

OPTION_USE_NAME_WITHOUT_REALM

OPTION_KEYTAB_FILE

OPTION_PRINCIPAL

Constructor Detail

GssApiLoginModule

Method Detail

onInitialize

onLogin

getAuthenticatedName

getName