LoginModule serves as the parent of all login modules. User plugin login modules must extend this class. Login modules are configured in the authentication configuration file and called during the login process. Login modules are responsible for authenticating the given subject and associating relevant Principals and Credentials with the subject. They are also responsible for removing and disposing of such security information during logout.
For more information on implementing login modules, see the Login Module Developer’s Guide in the Oracle JDK - JAAS Documentation.
CallbackHandler is the mechanism that produces any necessary user callbacks for authentication credentials and other information. Callbacks are an array of callback objects which contain the information requested by an underlying security service that has the ability to interact with a calling application to retrieve specific authentication data such as usernames and passwords, or to display certain information, such as errors and warning messages.
To use the callback, you need to set the property vbroker.security.authentication. callbackHandler=<custom-handler-class-name> in the security property file, just like any other callback handler. This property specifies the callback handler that is used by login modules for interacting with users for credentials. You can specify one of the callback handlers provided, or your own custom callback handler. For information about this property, see
vbroker.security.authentication. callbackHandler for Java, or
vbroker.security. authentication. callbackHandler for C++.
Authorization is the process of making access control decisions on behalf of certain resources based on security attributes or privileges. VisiSecure uses the notion of Permission in authorization. The class RolePermission is defined to represent a “role” as a permission. Authorization Services Providers in turn provide the implementation on the homogeneous collection of role permissions that associate privileges with particular resources.
The AuthorizationServicesProvider is initialized during the construction of its corresponding Authorization domain.
vbroker.security.auth.domains=MyDomain
vbroker.security.domain.MyDomain.provider=MyProvider
vbroker.security.domain.MyDomain.property1=xxx
vbroker.security.domain.MyDomain.property2=xxx
vbroker.security.identity.attributeCodecs=MyCodec
vbroker.security.adapter.MyCodec.property1=xxx
vbroker.security.adapter.MyCodec.property2=xxx
USE_STD_NS is a definition set up by VisiBroker to use the
std namespace:
For example, if the authorization requirement for the BankManager object is that the clients should be members of the "Manager" role and for the
Account object, it is the "Customer" or "Teller" role:
The server configuration file is the JASS configuration file which defines the Hostlogin modules.