Version 9.8
 —  LoginModules Guide  —

Developing Login Modules

This document shows how to develop new login modules based on Security Infrastructure.

The information is useful for creating new login modules by adapting the pre-defined modules configurations.

The document details ways of writing basic LoginModules and lists possible scenarios for using SIN security components.

The information is organized under the following topics:


Writing a Module

The information in this section will help you to develop your own login modules.

All LoginModules must extend the SagAbstractLoginModule. This class is an abstract superclass for all SIN LoginModules. It handles the retrieval of credentials for all derived classes and the handling of the inter-LoginModule SSO. Derived classes have to implement initConfiguration () and authenticate (). Check the Javadoc for details.

Important:
When you extend the SagAbstractLoginModule, do not overwrite the initialized () method. If you need to overwrite it, for example when you use a new Callback and CallbackHandler, invoke explicitly the super.initialize () method instead. This prevents the failure of other SIN-based login modules.

Start of instruction setTo write a LoginModule using SagAbstractLoginModule

  1. Define the parameters for the new module.

  2. Extend SagAbstracLoginModule with main focus on the implementation of initConfiguration () and authenticate (). The first method gets the incoming parameters from the JAAS configuration file in the following way:

    String optionValue = (String) options.get(OPTION_VALUE);
    

    The second method takes care of the actual authentication of the user. It is called by the login () method from the SagAbstracLoginModule. You can modify the user credentials according to the inter-LoginModule SSO.

If you want to implement other methods from the SagAbstracLoginModule (logout(), commit(), etc.), it is a good idea to invoke the super method from the parent class at the end.

See Common Security Scenarios for ways of using SIN with products from the webMethods suite.

Top of page

Common Security Scenarios

SIN functionality covers the existing user scenarios for the webMethods Suite for authentication of users, management of roles, and query of user, role, and group information. The login modules are used for different authentication methods. If you configure them according to your environment requirements, you can implement the desired authentication process for your product.

Top of page