org.jboss.as.web.security.jaspi

Class WebJASPIAuthenticator

java.lang.Object

org.apache.catalina.valves.ValveBase

org.apache.catalina.authenticator.AuthenticatorBase

org.jboss.as.web.security.jaspi.WebJASPIAuthenticator

All Implemented Interfaces:

MBeanRegistration, org.apache.catalina.Authenticator, org.apache.catalina.Contained, org.apache.catalina.Lifecycle, org.apache.catalina.Valve

public class WebJASPIAuthenticator
extends org.apache.catalina.authenticator.AuthenticatorBase

Tomcat authenticator that does JSR-196 (JASPI) authentication.

Author:

Anil Saldhana, Stefan Guilhen

Field Summary

Fields

Modifier and Type	Field and Description
protected String	messageLayer
protected boolean	secureResponse
protected String	serverAuthenticationManagerClass

Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase

AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, info, lifecycle, REALM_NAME, securePagesWithPragma, SESSION_ID_BYTES, sm, sso, started

Fields inherited from class org.apache.catalina.valves.ValveBase

container, controller, domain, mserver, next, oname

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, DESTROY_EVENT, INIT_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

Constructors

Constructor and Description
WebJASPIAuthenticator()

Method Summary

Methods

Modifier and Type	Method and Description
protected boolean	authenticate(org.apache.catalina.connector.Request request, javax.servlet.http.HttpServletResponse response, org.apache.catalina.deploy.LoginConfig config)
protected Principal	buildJBossPrincipal(Subject subject, Principal principal)
boolean	getSecureResponse() Obtains the value of the flag that indicates whether JASPI should be used to secure the HTTP response or not.
protected org.jboss.security.ServerAuthenticationManager	getServerAuthenticationManager() Instantiates and returns the ServerAuthenticationManager implementation.
String	getServerAuthenticationManagerClass() Obtains the fully-qualified name of the class that implements the ServerAuthenticationManager interface.
protected void	register(org.apache.catalina.connector.Request request, javax.servlet.http.HttpServletResponse response, Principal principal, String authType, String username, String password) Registers an authenticated Principal and authentication type in our request, in the current session (if there is one), and with our SingleSignOn valve, if there is one.
void	setSecureResponse(boolean secureResponse) Sets the flag that indicates whether JASPI should be used to secure the HTTP response or not.
void	setServerAuthenticationManagerClass(String serverAuthenticationManagerClass) Sets the fully-qualified name of the class that implements the ServerAuthenticationManager interface.

Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase

addLifecycleListener, associate, authenticate, findLifecycleListeners, generateSessionId, getCache, getContainer, getDisableProxyCaching, getInfo, getSecurePagesWithPragma, invoke, isChangeSessionIdOnAuthentication, login, logout, reauthenticateFromSSO, removeLifecycleListener, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setSecurePagesWithPragma, start, stop, unregister

Methods inherited from class org.apache.catalina.valves.ValveBase

backgroundProcess, createObjectName, event, getContainerName, getController, getDomain, getNext, getObjectName, getParentName, postDeregister, postRegister, preDeregister, preRegister, setController, setNext, setObjectName, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

messageLayer

protected final String messageLayer

See Also:

Constant Field Values

serverAuthenticationManagerClass

protected String serverAuthenticationManagerClass

secureResponse

protected boolean secureResponse

Constructor Detail

WebJASPIAuthenticator

public WebJASPIAuthenticator()

Method Detail

authenticate

protected boolean authenticate(org.apache.catalina.connector.Request request,
                   javax.servlet.http.HttpServletResponse response,
                   org.apache.catalina.deploy.LoginConfig config)
                        throws IOException

Specified by:

authenticate in class org.apache.catalina.authenticator.AuthenticatorBase

Throws:

IOException

getServerAuthenticationManagerClass

public String getServerAuthenticationManagerClass()

Obtains the fully-qualified name of the class that implements the ServerAuthenticationManager interface.

Returns:

the name of the ServerAuthenticationManager implementation class.

setServerAuthenticationManagerClass

public void setServerAuthenticationManagerClass(String serverAuthenticationManagerClass)

Sets the fully-qualified name of the class that implements the ServerAuthenticationManager interface.

Parameters:

serverAuthenticationManagerClass - the name ServerAuthenticationManager implementation class.

getSecureResponse

public boolean getSecureResponse()

Obtains the value of the flag that indicates whether JASPI should be used to secure the HTTP response or not.

Returns:

true if the authenticator is to secure the response; false otherwise.

setSecureResponse

public void setSecureResponse(boolean secureResponse)

Sets the flag that indicates whether JASPI should be used to secure the HTTP response or not.

Parameters:

secureResponse - true if the authenticator is to secure the response; false otherwise.

getServerAuthenticationManager

protected org.jboss.security.ServerAuthenticationManager getServerAuthenticationManager()

Instantiates and returns the ServerAuthenticationManager implementation.

Returns:

a reference to the instantiated ServerAuthenticationManager instance.

register

protected void register(org.apache.catalina.connector.Request request,
            javax.servlet.http.HttpServletResponse response,
            Principal principal,
            String authType,
            String username,
            String password)

Registers an authenticated Principal and authentication type in our request, in the current session (if there is one), and with our SingleSignOn valve, if there is one. Set the appropriate cookie to be returned.

Overrides:

register in class org.apache.catalina.authenticator.AuthenticatorBase

Parameters:

request - the servlet request we are processing.

response - the servlet response we are generating.

principal - the authenticated Principal to be registered.

authType - the authentication type to be registered.

username - username used to authenticate (if any).

password - password used to authenticate (if any).

buildJBossPrincipal

protected Principal buildJBossPrincipal(Subject subject,
                            Principal principal)