AMLoginContext.java revision e46887926dcb280e7b450a39e50e294caadf3a8c
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: AMLoginContext.java,v 1.24 2009/12/23 20:03:04 mrudul_uchil Exp $
*
* Portions Copyrighted 2011-2015 ForgeRock AS.
* Portions Copyrighted 2014 Nomura Research Institute, Ltd
*/
/**
* <code>AMLoginContext</code> class is the core layer in the authentication
* middle tier which connects user clients to the JAAS <code>LoginModule</code>.
* The <code>AMLoginContext</code> executes pre and post authentication process
* based on authentication status.
* <p>
* <code>AMLoginContext</code> provides a synchronous layer on top of the JAAS
* framework for appropriate user interaction and communication between clients
* and authentication module via callbacks requirements
* <p>
* <code>AMLoginContext</code> sets and retrieves the authentication
* configuration entry
* <p>
* This class actually starts the JAAS login process by instantiating the
* <code>LoginContext</code> object with the JAAS configuration name and the
* <code>CallbackHandler</code> followed by calling the
* <code>LoginContext::login()</code> method.
*
*/
public class AMLoginContext {
/**
* AuthThreadManager associated with this AMLoginContext.
*/
private LoginStatus loginStatus;
private LoginState loginState;
private AuthContextLocal authContext;
private String clientType;
private boolean accountLocked = false;
private boolean isFailed = false;
private boolean internalAuthError = false;
private boolean processDone = false;
private int jaasCheck;
private Callback[] recdCallback;
private static SsoServerAuthSvcImpl authImpl;
//OPENAM-3959
private static boolean excludeRequiredOrRequisite = false;
/**
* Bundle to be used for localized error message. users can be in different
* locales. Since we create an AMLoginContext for each user, we can cache
* the bundle reference in the class
*/
private ResourceBundle bundle;
static {
// set the auth configuration programmatically.
// this getConfiguration() call throws null exception
// when no default config is available, which looks like
// a bug of JDK.
try {
//Continue
}
try {
}
if (MonitoringUtil.isRunning()) {
}
}
/**
* Sets the JAAS configuration to the default container's configuration.
*/
public static void resetJAASConfig() {
try {
}
}
/**
* Sets the configuration entries.
* @param entries configuration entries
*/
}
/**
* Creates <code>AMLoginContext</code> object.
* @param authContext <code>AuthContextLocal</code> object
*/
if (debug.messageEnabled()) {
}
this.authContext = authContext;
loginStatus = new LoginStatus();
//user login locale from LoginState object
}
/**
* Starts login process, the map passed to this method is the parameters
* required to start the login process. These parameters are
* <code>indexType</code>, <code>indexName</code> , <code>principal</code>,
* <code>subject</code>, <code>password</code>,
* <code>organization name</code>. Based on these parameters Module
* Configuration name is retrieved using Configuration component. Creates
* a new LoginContext and starts login process and returns. On error
* LoginException is thrown.
*
* @param loginParamsMap login parameters HashMap
* @throws AuthLoginException if execute login fails
*/
boolean errorState = false;
internalAuthError = false;
processDone = false;
isFailed = false;
setLoginHash();
/*
* Ensure loginState created and loginParamsMap provided
*/
if (loginState != null) {
}
internalAuthError = true;
}
/*
* Lookup resource bundle and locale specific settings based on locale associated with LoginState
*/
java.util.Locale loginLocale = com.sun.identity.shared.locale.Locale.getLocale(loginState.getLocale());
if (debug.messageEnabled()) {
}
/*
* Handle redirection if applicable
*/
if (redirectUrl != null) {
if (isPureJAAS()) {
} else {
}
return;
}
/*
* Initialize instance fields from loginParamsMap
*/
/*
* Copy orgDN and clientType values from LoginState
*/
} else {
}
if (debug.messageEnabled()) {
}
/*
* Throw an exception if module-based authentication is disabled and an authentication module other
* than APPLICATION_MODULE or FEDERATION_MODULE is explicitly requested.
*/
try {
} catch (AMConfigurationException amce) {
}
if (moduleClassName != null && !moduleClassName.equalsIgnoreCase(ISAuthConstants.FEDERATION_MODULE)) {
}
}
/*
* Update LoginState indexType and indexName
* (after storing current loginState indexType if required for HTTP callback processing)
*/
}
/*
* Delegate actual processing of requested authentication type to the dispatch method 'processIndexType'
*/
try {
return;
}
} catch (AuthLoginException le) {
if (MonitoringUtil.isRunning()) {
}
}
}
throw le;
} catch (Exception e) {
if (MonitoringUtil.isRunning()) {
}
}
}
throw new AuthLoginException(e);
}
/*
* Establish configName based on indexType, indexName, orgDN and clientType
*
* If configName can't be established, throw an exception
*/
if (configName == null) {
internalAuthError = true;
if (MonitoringUtil.isRunning()) {
}
}
}
}
/*
*/
if (debug.messageEnabled()) {
+ "\n orgDN : " + orgDN
+ "\n configName : " + configName);
}
try {
if (isPureJAAS()) {
if (authThread == null) {
authThread = new AuthThreadManager();
authThread.start();
}
}
if (isPureJAAS()) {
loginContext = new javax.security.auth.login.LoginContext(configName, subject, dsameCallbackHandler);
} else {
}
} else {
} else {
}
}
} catch (AuthLoginException ae) {
if (debug.messageEnabled()) {
}
/* The user based authentication errors should not be different
* for users who exist and who don't, which can lead to
* possiblity of enumerating existing users.
* The AMAuthErrorCode.AUTH_LOGIN_FAILED error code is used for
* all user based authentication errors.
* Refer issue3278
*/
if (indexType == IndexType.USER && AMAuthErrorCode.AUTH_CONFIG_NOT_FOUND.equals(ae.getErrorCode())) {
} else {
}
internalAuthError = true;
if (MonitoringUtil.isRunning()) {
}
}
}
throw ae;
} catch (LoginException le) {
if (debug.messageEnabled()) {
}
internalAuthError = true;
if (MonitoringUtil.isRunning()) {
}
}
}
} catch (SecurityException se) {
if (debug.messageEnabled()) {
}
internalAuthError = true;
if (MonitoringUtil.isRunning()) {
}
}
}
} catch (Exception e) {
internalAuthError = true;
if (MonitoringUtil.isRunning()) {
}
}
}
}
/*
* Perform the login using the objects this method has setup
*/
try {
if (isPureJAAS()) {
if (jaasThread != null) {
jaasThread = null;
errorState = true;
} else {
jaasThread = new JAASLoginThread(this);
jaasThread.start();
}
} else {
runLogin();
}
} catch (IllegalThreadStateException ite) {
errorState = true;
} catch (Exception e) {
errorState = true;
}
if (errorState) {
internalAuthError = true;
if (MonitoringUtil.isRunning()) {
}
}
}
}
}
/**
* Starts the login process ,calls JAAS Login Context
*/
public void runLogin() {
boolean loginSuccess = false;
try {
if (isPureJAAS()) {
} else {
}
if (!loginState.isAuthValidForInternalUser()) {
if (debug.warningEnabled()) {
+ "using invalid realm name for internal user");
}
logFailedMessage = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_MODULE_DENIED, AuthUtils.ERROR_MESSAGE);
logFailedError = "MODULEDENIED";
}
// retrieve authenticated user's profile or create
// a user profile if dynamic profile creation is
// is true
loginSuccess = true;
if (!profileState) {
logFailedError = "NOUSERPROFILE";
isFailed = true;
} else {
//update loginstate with authlevel , moduleName , role etc.
if (amAccountLockout.isLockedOut()) {
logFailedError = "LOCKEDOUT";
isFailed = true;
} else {
boolean accountExpired = false;
if (!loginState.ignoreProfile()) {
}
if (accountExpired) {
logFailedError = "ACCOUNTEXPIRED";
isFailed = true;
} else {
// came here successful auth.
if (debug.messageEnabled()) {
}
//activate session
if (isPureJAAS()) {
} else {
}
if (sessionActivated) {
if (amAccountLockout.isLockoutEnabled()) {
}
} else {
logFailedError = "MAXSESSIONREACHED";
}
}
}
}
} catch (InvalidPasswordException ipe) {
if (debug.messageEnabled()) {
}
if (debug.messageEnabled()) {
}
if (failedUserId != null) {
}
}
logFailedError = "INVALIDPASSWORD";
if (accountLocked) {
if (failedUserId != null) {
} else {
}
} else {
}
isFailed = true;
} catch (AuthErrorCodeException e) {
if (debug.messageEnabled()) {
}
isFailed = true;
} catch (MessageLoginException me) {
if (debug.messageEnabled()) {
}
isFailed = true;
} catch (AuthLoginException le) {
if (debug.warningEnabled()) {
"AMLoginContext.runLogin():auth failed, using invalid auth module name for internal user");
}
logFailedMessage = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_MODULE_DENIED, AuthUtils.ERROR_MESSAGE);
logFailedError = "MODULEDENIED";
} else {
}
if (debug.messageEnabled()) {
}
isFailed = true;
if (loginState.isTimedOut()) {
logFailedError = "LOGINTIMEOUT";
}
} catch (AuthException e) {
if (debug.messageEnabled()) {
}
isFailed = true;
} catch (Exception e) {
if (debug.messageEnabled()) {
}
isFailed = true;
} catch (DSAMECallbackHandlerError error) {
return;
}
if (isFailed) {
if (MonitoringUtil.isRunning()) {
}
}
}
if (loginSuccess) {
// this is the case where authentication to modules
// succeeded but framework failed to validate the
// user, in this case populate with all module user
// successfully authenticated as.
} else {
}
if (debug.messageEnabled()) {
}
}
} else {
if (debug.messageEnabled()) {
}
if (MonitoringUtil.isRunning()) {
}
}
}
}
if (debug.messageEnabled()) {
}
if (isPureJAAS()) {
// notify possible waiting thread
}
isFailed = false;
}
/**
* Logs out.
*
* @throws AuthLoginException when fails to logout
*/
public void logout() throws AuthLoginException {
try {
if (isPureJAAS()) {
if (loginContext != null) {
}
} else {
if (jaasLoginContext != null) {
}
}
} catch (AuthLoginException le) {
if (debug.messageEnabled()) {
}
//logout - ignore this error since logout will be done
} catch (Exception e) {
if (debug.messageEnabled()) {
}
}
}
/* destroy Session on a logout OR abort */
void destroySession() {
if (debug.messageEnabled()) {
}
}
/**
* Returns array of received callbacks from module.
*
* @return array of received callbacks from module.
*/
public Callback[] getRequiredInfo() {
return null;
}
// reset indexType since UI will start module based auth
} else {
if (isPureJAAS()) {
} else {
}
}
if (recdCallback != null) {
if (debug.messageEnabled()) {
}
}
} else {
}
return recdCallback;
}
/**
* Returns array of required callback information non-JAAS thread mode
* @return callbacks required <code>Callbacks</code> array to be submitted
*/
public Callback[] getRequiredInfoCallback_NoThread() {
return loginState.getReceivedInfo();
}
/**
* Returns the array of required Callbacks from <code>CallbackHandler</code>
* waits till <code>loginState::getReceivedInfo()</code> OR
* authentication status is not <code>AUTH_IN_PROGRESS</code> OR
* if thread receives a notify .
*
* @return array of Required Callbacks from <code>CallbackHandler</code>.
*/
public synchronized Callback[] getRequiredInfoCallback() {
if (debug.messageEnabled()) {
}
return null;
}
if (debug.messageEnabled()) {
}
try {
if (debug.messageEnabled()) {
}
return null;
}
if (!isFailed
this.wait();
}
} catch (InterruptedException e) {
break;
}
}
if (debug.messageEnabled()) {
}
if (debug.messageEnabled()) {
}
return getRequiredInfo;
}
/**
* Sets the submitted requirements, called by
* <code>AuthContext.submitRequirements</code>
* <code>loginState.setSubmittedCallback</code> is update.
*
* @param callback submit the required <code>Callbacks</code>
*/
}
if (isPureJAAS()) {
} else {
}
if (debug.messageEnabled()) {
}
}
/**
* <code>CallbackHandler</code> calls this to retrieve the submitted
* credentials/callbacks waits till
* <code>loginState.setSubmittedCallback</code> is set OR
* <code>LoginStatus</code> is not <code>AUTH_IN_PROGRESS</code>.
*
* @return submitted credentials/callbacks.
*/
public synchronized Callback[] submitCallbackInfo() {
if (debug.messageEnabled()) {
}
return null;
}
if (debug.messageEnabled()) {
}
while (loginState.getSubmittedInfo() == null && loginStatus.getStatus() == LoginStatus.AUTH_IN_PROGRESS) {
try {
if (debug.messageEnabled()) {
}
return null;
}
wait();
}
} catch (InterruptedException e) {
break;
}
}
return setSubmittedInfo;
}
/**
* Returns the authentication status.
*
* @return the authentication status.
*/
public int getStatus() {
}
if (debug.messageEnabled()) {
}
return status;
}
/**
* Returns login state for the authentication context.
*
* @return login state for the authentication context.
*/
public LoginState getLoginState() {
}
/**
* Terminates an ongoing login process.
*
* @throws AuthLoginException when fails to abort
*/
public void abort() throws AuthLoginException {
try {
logout();
if (debug.messageEnabled()) {
}
try {
} catch (Exception e) {
if (debug.messageEnabled()) {
}
// abort this error - since abort will be done
}
}
}
/**
* Returns authentication modules configured for a given organization.
*
* @return authentication modules configured for a given organization.
*/
try {
if (loginState != null) {
}
if (debug.messageEnabled()) {
}
} catch (Exception e) {
}
return moduleSet;
}
/**
* Returns organization/suborganization for a request.
*
* @return organization/suborganization for a request.
*/
public String getOrganizationName() {
return loginState.getQueryOrg();
}
/**
* Returns Single Sign On Token for authenticated user, returns null if
* session is inactive.
*
* @return Single Sign On Token for authenticated user.
*/
public SSOToken getSSOToken() {
try {
return loginState.getSSOToken();
} catch (SSOException e) {
if (debug.messageEnabled()) {
}
return null;
}
}
/**
* Returns Login Success URL for authenticated user.
*
* @return Login Success URL for authenticated user.
*/
public String getSuccessURL() {
try {
return loginState.getSuccessLoginURL();
} catch (Exception e) {
if (debug.messageEnabled()) {
}
return null;
}
}
/**
* Returns Login Failure URL for authenticated user.
*
* @return Login Failure URL for authenticated user.
*/
public String getFailureURL() {
try {
return loginState.getFailureLoginURL();
} catch (Exception e) {
if (debug.messageEnabled()) {
}
return null;
}
}
/**
* Returns the current <code>authIdentifier</code> of the authentication
* process as String Session ID.
*
* @return <code>authIdentifier</code> of the authentication process.
*/
public String getAuthIdentifier() {
try {
} catch (Exception e) {
if (debug.messageEnabled()) {
}
}
return sidString;
}
/**
* Returns the subject of authenticated user.
*
* @return the subject of authenticated user.
*/
public Subject getSubject() {
try {
return loginState.getSubject();
} catch (Exception e) {
if (debug.messageEnabled()) {
}
return null;
}
}
/* retrieve login parameters */
if (debug.messageEnabled()) {
}
try {
if (debug.messageEnabled()) {
}
//principal = (Principal) loginParamsMap.get("principal");
//password = (char[]) loginParamsMap.get("password");
}
} catch (Exception e) {
if (debug.messageEnabled()) {
}
}
}
/* retrieve config name from config component based on the
* indexType , indexName , orgDN and clientType
* if indexType , indexName are null then indexType is assumed
* to be org
*/
// if index type is null assume org based authentication
} else {
} else {
// means the index type is not ROLE or USER
// for SERVICE , MODULE pass the indexName as is
}
try {
if (universalID != null ) {
}
} catch (Exception e) {
if (debug.messageEnabled()) {
}
}
}
return configName;
}
/* for indexType level retreive the module names .
* if the more then 1 modules has the same level
* then generate choice callback , else if module
* is 1 then start module based authentication.
* throws Exception if no modules are found
*/
throws AuthException, AuthLoginException {
if (debug.messageEnabled()) {
}
if (numberOfModules <= 0) {
} else if (numberOfModules == 1) {
return false;
} else {
try {
return true;
} catch (AuthException ae) {
if (debug.messageEnabled()) {
}
return false;
}
}
}
/* for indexType composite_advice retrieves the module names .
* if there is more then one modules required in composite advice
* then generate choice callback , else if module
* is 1 then start module based authentication.
* throws Exception if no modules are found
*/
boolean processCompositeAdvice(IndexType indexType, String indexName, String orgDN, String clientType)
throws AuthException, AuthLoginException {
}
if (debug.messageEnabled()) {
}
if (numberOfModules <= 0) {
} else if (numberOfModules == 1) {
String qualifiedRealm = AMAuthUtils.getRealmFromRealmQualifiedData(compositeAdvice.getModuleName());
}
}
if (debug.messageEnabled()) {
}
return false;
} else {
try {
return true;
} catch (AuthException ae) {
if (debug.messageEnabled()) {
}
return false;
}
}
}
/*
* Throw an exception as module-based authentication is disabled.
*/
private void throwExceptionIfModuleBasedAuthenticationDisabled() throws AuthLoginException {
if (!loginState.getEnableModuleBasedAuth()) {
}
}
/* update login state with indexType,indexName */
// set authLevel in LoginState
} else {
// retrieve from config component check with Qingwen
// config component will return the max level in case
// of multiple authentication.
//authLevel=AMAuthConfigUtils.getAuthLevel(configName);
}
// set the module name
} else {
}
if (debug.messageEnabled()) {
}
}
/* check if user exists and is enabled if not return
* false - login process should not continue
*/
try {
} catch (Exception e) {
if (debug.messageEnabled()) {
}
return false;
}
}
/**
* Checks the warning count to determine the lockout message
* to be displayed to the user.
*
* @param amAccountLockout the account lockout object.
*/
try {
if (warningCount == 0) {
} else {
if (warningCount < 0) {
accountLocked=true;
} else {
accountLocked = false;
}
}
if (debug.messageEnabled()) {
}
} catch (Exception e) {
}
}
/**
* Sets the error message and template
*/
void setErrorMsgAndTemplate() {
if (loginState == null) {
return;
}
if (debug.messageEnabled()) {
}
if (debug.messageEnabled()) {
}
}
}
/* for error handling - methods to return error code , module error
* template , framework error template , error message
*/
loginState.setErrorMessage(AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_MESSAGE));
}
/**
* Returns error template.
*
* @return error template.
*/
public String getErrorTemplate() {
if (loginState == null) {
return errorTemplate;
}
if (loginState.isTimedOut()) {
} else {
}
}
if (debug.messageEnabled()) {
}
return errorTemplate;
}
/**
* Returns error message.
*
* @return error message.
*/
public String getErrorMessage() {
if (loginState == null) {
}
}
if (debug.messageEnabled()) {
}
return errorMsg;
}
/**
* Returns error code.
*
* @return Authentication error code.
*/
public String getErrorCode() {
if (loginState == null) {
return AMAuthErrorCode.AUTH_ERROR;
}
if (debug.messageEnabled()) {
}
return errorCode;
}
/**
* Gets the account lockout message
* @return account lockout message
*/
public String getLockoutMsg() {
if (debug.messageEnabled()) {
}
return lockoutMsg;
}
/**
* Checks if the account is locked
* @return <code>true</code> if account is locked
*/
public boolean isLockedOut() {
return accountLocked;
}
/* get the authlevel
* gets the module list for a given config for all
* modules having option REQUIRED, REQUISITE
* gets the level for each module in the list
* the highest level will be set.
*/
}
int authLevel = levelManager.getLevelForModule(moduleName, orgDN, loginState.getDefaultAuthLevel());
}
if (debug.messageEnabled()) {
}
}
if (debug.messageEnabled()) {
}
}
/* return the module list
* this methods gets the configuration list for a given configName
* retreives all module names which have option REQUIRED , REQUISITE
* if org.forgerock.openam.authLevel.excludeRequiredOrRequisite is false
*/
try {
if (excludeRequiredOrRequisite) {
if (debug.messageEnabled()) {
}
} else {
if (debug.messageEnabled()) {
}
}
if (debug.messageEnabled()) {
}
} catch (Exception e) {
}
return moduleSet;
}
/* constructs a module list string where each module is
* separated by a "|" e.g module1 | module2 | module3
*/
if (debug.messageEnabled()) {
}
return moduleList;
}
/* do the required process for different indextypes
* return true if needs to return back
* false if needs to continue
* Exception if error
*/
boolean processIndexType(IndexType indexType, String indexName, String orgDN) throws AuthLoginException {
boolean ignoreProfile = false;
/*
* Throw an exception if org specified in query does not match org specified in authContext/loginState
*
* (unless previous index type was LEVEL or COMPOSITE_ADVICE, or current index type is MODULE_INSTANCE)
*/
// proceed only when the org in the auth context matches
// that in the query. otherwise it means a call with a new org.
boolean isTokenValid = false;
try {
isTokenValid = true;
}
} catch (Exception e) {
}
if (!isTokenValid) {
if (debug.messageEnabled()) {
", orgDN from query string: " + newOrgDN);
}
internalAuthError = true;
}
}
}
}
}
/*
* Configure login following COMPOSITE_ADVICE
*/
// Set the Composite Advice in Login State after decoding
// if multiple modules are found then return
// else continue with login process
try {
return true;
} else {
return false;
}
} catch (AuthException ae) {
// no modules configured
throw new AuthLoginException(ae);
}
/*
* Configure login so that successful authentication achieve specified authentication LEVEL
*/
// if multiple modules are found then return
// else continue with login process
try {
return true;
} else {
return false;
}
} catch (AuthException ae) {
// no modules configured
throw new AuthLoginException(ae);
}
/*
* Configure login for specified user
*/
// if user is not active throw exception
// else continue with login
boolean userValid = false;
if (!loginState.ignoreProfile()) {
} else {
ignoreProfile = true;
}
if ((!userValid) && (!ignoreProfile)) {
/* The user based authentication errors should not be different
* for users who exist and who don't, which can lead to
* possibility of enumerating existing users.
* The AMAuthErrorCode.AUTH_LOGIN_FAILED error code is used for
* all user based authentication errors.
* Refer issue3278
*/
//destroySession();
} else if (ignoreProfile) {
} else {
return false;
}
/*
* Configure login for specified authentication module
*/
// check if module exists in the allowed modules list
} else {
return false;
}
/*
* Configure login for specified role - No longer supported, throw an exception
*/
if (loginState.ignoreProfile()) {
}
}
/*
* IndexType not processed by this method
*/
return false;
}
/* set sid and loginState */
void setLoginHash() {
try {
if (debug.messageEnabled()) {
}
} catch (Exception e) {
}
}
}
/**
* Sets the failure URL and execute the post process login SPI.
* for <code>internalAutherror</code> and if already executed
* just skip this,
*/
public void postProcessOnFail() {
if (!internalAuthError && !processDone) {
if (debug.messageEnabled()) {
}
//setErrorMsgAndTemplate();
processDone = true;
}
}
/**
* Sets the success URL and execute the post process login
* SPI. for <code>internalAutherror</code> and if already executed
* just skip this.
*/
public void postProcessOnSuccess() {
if (!processDone) {
if (debug.messageEnabled()) {
}
processDone = true;
}
}
/** This method returns a Set with is the list of
* modules for a Authentication Configuration.
* Only modules with control flag REQUIRED and
* REQUISITE are returned.
* @param moduleListSet list of configured auth module
* @return set of configured auth module with control flag REQUIRED and
* REQUISITE are returned
*/
if (configName == null) {
}
if (debug.messageEnabled()) {
}
} else {
if (isControlFlagMatchFound(controlFlag)) {
}
}
}
}
if (debug.messageEnabled()) {
}
return moduleListSet;
}
/* return the failure module list */
try {
if (debug.messageEnabled()) {
}
} catch (Exception e) {
}
if (debug.messageEnabled()) {
}
return moduleList;
}
/* Checks if the control flag matches the JAAS flags,
* REQUIRED and REQUISITE flags
*/
}
/* Returns the successful list of modules names */
}
return getModuleString(moduleSet);
}
/**
* Checks if is pure JAAS mode
* @return <code>true</code> if pure JAAS
*/
public boolean isPureJAAS() {
return jaasCheck == 1;
}
private void nullifyUsedVars() {
clientType = null;
recdCallback = null;
}
}