|
PicketLink Federation Common Server Bindings for Apache Tomcat 2.1.6.Final-redhat-2 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.catalina.valves.ValveBase
org.apache.catalina.authenticator.AuthenticatorBase
org.picketlink.identity.federation.bindings.tomcat.AbstractPicketLinkAuthenticator
public abstract class AbstractPicketLinkAuthenticator
An authenticator that delegates actual authentication to a realm, and in turn to a security manager, by presenting a "conventional" identity. The security manager must accept the conventional identity and generate the real identity for the authenticated principal.
Subclasses should override some methods to provide especific implementation according with the binding/environment.
Field Summary | |
---|---|
protected String |
authMethod
This is the auth method used in the register method |
protected static PicketLinkLogger |
logger
|
protected boolean |
needSubjectPrincipalSubstitution
The authenticator may not be aware of the user name until after the underlying security exercise is complete. |
protected SubjectSecurityInteraction |
subjectInteraction
|
protected String |
subjectInteractionClassName
|
Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase |
---|
algorithm, cache, changeSessionIdOnAuthentication, context, DEFAULT_ALGORITHM, digest, disableProxyCaching, entropy, info, lifecycle, random, randomClass, REALM_NAME, securePagesWithPragma, SESSION_ID_BYTES, sm, sso, started |
Fields inherited from class org.apache.catalina.valves.ValveBase |
---|
container, containerLog, controller, domain, mserver, next, oname |
Fields inherited from interface org.apache.catalina.Lifecycle |
---|
AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, DESTROY_EVENT, INIT_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT |
Constructor Summary | |
---|---|
AbstractPicketLinkAuthenticator()
|
Method Summary | |
---|---|
protected abstract void |
doRegister(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
Principal principal,
String password)
Subclasses should override this method to register an authenticated Principal. |
protected Principal |
getSubjectPrincipal()
|
protected boolean |
performAuthentication(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.LoginConfig loginConfig)
Actually performs the authentication. |
void |
setAuthMethod(String authMethod)
Set the auth method via WEB-INF/context.xml (JBoss AS) |
void |
setNeedSubjectPrincipalSubstitution(String needSubjectPrincipalSubstitutionVal)
|
void |
setSubjectInteractionClassName(String subjectRetrieverClassName)
Set this if you want to override the default SubjectSecurityInteraction |
Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase |
---|
addLifecycleListener, associate, authenticate, findLifecycleListeners, generateSessionId, getAlgorithm, getCache, getChangeSessionIdOnAuthentication, getContainer, getDigest, getDisableProxyCaching, getEntropy, getInfo, getRandom, getRandomClass, getSecurePagesWithPragma, invoke, reauthenticateFromSSO, register, removeLifecycleListener, setAlgorithm, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setEntropy, setRandomClass, setSecurePagesWithPragma, start, stop |
Methods inherited from class org.apache.catalina.valves.ValveBase |
---|
backgroundProcess, createObjectName, event, getContainerName, getController, getDomain, getNext, getObjectName, getParentName, postDeregister, postRegister, preDeregister, preRegister, setController, setNext, setObjectName, toString |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
protected static final PicketLinkLogger logger
protected String authMethod
protected boolean needSubjectPrincipalSubstitution
protected SubjectSecurityInteraction subjectInteraction
protected String subjectInteractionClassName
Constructor Detail |
---|
public AbstractPicketLinkAuthenticator()
Method Detail |
---|
public void setAuthMethod(String authMethod)
authMethod
- public void setNeedSubjectPrincipalSubstitution(String needSubjectPrincipalSubstitutionVal)
public void setSubjectInteractionClassName(String subjectRetrieverClassName)
SubjectSecurityInteraction
subjectRetrieverClassName
- protected boolean performAuthentication(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.LoginConfig loginConfig) throws IOException
Actually performs the authentication. Subclasses should call this method when implementing the AuthenticatorBase.authenticate
method.
This method was created to allow different signatures for the AuthenticatorBase.authenticate
method according with the catalina version.
request
- response
- loginConfig
-
IOException
protected abstract void doRegister(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, Principal principal, String password)
Subclasses should override this method to register an authenticated Principal.
request
- response
- principal
- password
- protected Principal getSubjectPrincipal()
|
PicketLink Federation Common Server Bindings for Apache Tomcat 2.1.6.Final-redhat-2 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |