public class ConfigurableSpnegoLoginService extends ContainerLifeCycle implements LoginService
A configurable (as opposed to using system properties) SPNEGO LoginService.
At startup, this LoginService will login via JAAS the service principal, composed
of the service name
and the host name
,
for example HTTP/wonder.com
, using a keyTab
file as the service principal
credentials.
Upon receiving a HTTP request, the server tries to authenticate the client
calling login(String, Object, ServletRequest)
where the GSS APIs are used to
verify client tokens and (perhaps after a few round-trips) a GSSContext
is
established.
AbstractLifeCycle.AbstractLifeCycleListener
Container.InheritedListener, Container.Listener
LifeCycle.Listener
Constructor and Description |
---|
ConfigurableSpnegoLoginService(java.lang.String realm,
AuthorizationService authorizationService) |
Modifier and Type | Method and Description |
---|---|
protected void |
doStart()
Starts the managed lifecycle beans in the order they were added.
|
java.lang.String |
getHostName() |
IdentityService |
getIdentityService()
Get the IdentityService associated with this Login Service.
|
java.nio.file.Path |
getKeyTabPath() |
java.lang.String |
getName() |
java.lang.String |
getServiceName() |
UserIdentity |
login(java.lang.String username,
java.lang.Object credentials,
javax.servlet.ServletRequest req)
Login a user.
|
void |
logout(UserIdentity user) |
void |
setHostName(java.lang.String hostName) |
void |
setIdentityService(IdentityService identityService)
Set the IdentityService associated with this Login Service.
|
void |
setKeyTabPath(java.nio.file.Path keyTabFile) |
void |
setServiceName(java.lang.String serviceName) |
boolean |
validate(UserIdentity user)
Validate a user identity.
|
addBean, addBean, addBean, addEventListener, addManaged, contains, destroy, doStop, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpObjects, dumpStdErr, dumpThis, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans
addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
dumpObjects, dumpSelf
public ConfigurableSpnegoLoginService(java.lang.String realm, AuthorizationService authorizationService)
public java.lang.String getName()
getName
in interface LoginService
public java.nio.file.Path getKeyTabPath()
public void setKeyTabPath(java.nio.file.Path keyTabFile)
keyTabFile
- the path of the keyTab file containing service credentialspublic java.lang.String getServiceName()
getHostName()
public void setServiceName(java.lang.String serviceName)
serviceName
- the service namesetHostName(String)
public java.lang.String getHostName()
setServiceName(String)
public void setHostName(java.lang.String hostName)
hostName
- the host name of the serviceprotected void doStart() throws java.lang.Exception
ContainerLifeCycle
doStart
in class ContainerLifeCycle
java.lang.Exception
public UserIdentity login(java.lang.String username, java.lang.Object credentials, javax.servlet.ServletRequest req)
LoginService
login
in interface LoginService
username
- The user namecredentials
- The users credentialsreq
- TODOpublic boolean validate(UserIdentity user)
LoginService
LoginService.login(String, Object, ServletRequest)
is still valid.validate
in interface LoginService
user
- The user to validatepublic IdentityService getIdentityService()
LoginService
getIdentityService
in interface LoginService
public void setIdentityService(IdentityService identityService)
LoginService
setIdentityService
in interface LoginService
identityService
- the IdentityService associated with this Login Service.public void logout(UserIdentity user)
logout
in interface LoginService
Copyright © 1995–2023 Webtide. All rights reserved.