org.alfresco.repo.webdav.auth
Class BaseKerberosAuthenticationFilter

java.lang.Object
  extended by org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
      extended by org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
          extended by org.alfresco.repo.webdav.auth.BaseKerberosAuthenticationFilter
All Implemented Interfaces:
javax.security.auth.callback.CallbackHandler, org.alfresco.repo.management.subsystems.ActivateableBean, DependencyInjectedFilter, AuthenticationDriver, org.springframework.beans.factory.InitializingBean
Direct Known Subclasses:
KerberosAuthenticationFilter

public abstract class BaseKerberosAuthenticationFilter
extends BaseSSOAuthenticationFilter
implements javax.security.auth.callback.CallbackHandler

Base class with common code and initialisation for Kerberos authentication filters.


Field Summary
 
Fields inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
MIME_HTML_TEXT
 
Fields inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
ARG_TICKET, AUTHENTICATION_USER, authenticationComponent, authenticationService, NO_AUTH_REQUIRED, nodeService, personService, remoteUserMapper, transactionService
 
Constructor Summary
BaseKerberosAuthenticationFilter()
           
 
Method Summary
 boolean authenticateRequest(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
          Authenticate user based on information in http request such as Authorization header or cached session information.
 void handle(javax.security.auth.callback.Callback[] callbacks)
          JAAS callback handler
protected  void init()
          Initializes the filter.
 void restartLoginChallenge(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
          Restart the Kerberos logon process
 void setJaasConfigEntryName(java.lang.String jaasConfigEntryName)
          Sets the HTTP service login configuration entry name.
 void setPassword(java.lang.String password)
          Sets the HTTP service account password.
 void setRealm(java.lang.String realm)
          Sets the HTTP service account realm.
 
Methods inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
afterPropertiesSet, allowsTicketLogons, checkForTicketParameter, doFilter, getLoginPage, getSecurityConfigSection, getServerName, hasLoginPage, isActive, isNTLMSSPBlob, mapClientAddressToDomain, onLoginComplete, onValidate, onValidateFailed, redirectToLoginPage, setActive, setLoginPage, setServerConfiguration, setTicketLogons, writeLoginPageLink
 
Methods inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
createUserEnvironment, createUserEnvironment, createUserObject, doInSystemTransaction, getLogger, getSessionUser, getUserAttributeName, handleLoginForm, invalidateSession, setAuthenticationComponent, setAuthenticationService, setNodeService, setPersonService, setRemoteUserMapper, setTransactionService, setUserAttributeName
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BaseKerberosAuthenticationFilter

public BaseKerberosAuthenticationFilter()
Method Detail

setPassword

public void setPassword(java.lang.String password)
Sets the HTTP service account password. (the Principal should be configured in java.login.config)

Parameters:
password - the password to set

setRealm

public void setRealm(java.lang.String realm)
Sets the HTTP service account realm.

Parameters:
realm - the realm to set

setJaasConfigEntryName

public void setJaasConfigEntryName(java.lang.String jaasConfigEntryName)
Sets the HTTP service login configuration entry name. The default is "AlfrescoHTTP".

Parameters:
loginEntryName - the loginEntryName to set

init

protected void init()
             throws javax.servlet.ServletException
Description copied from class: BaseSSOAuthenticationFilter
Initializes the filter. Only called if the filter is active, as indicated by BaseSSOAuthenticationFilter.isActive(). Subclasses should override.

Overrides:
init in class BaseSSOAuthenticationFilter
Throws:
javax.servlet.ServletException

authenticateRequest

public boolean authenticateRequest(javax.servlet.ServletContext context,
                                   javax.servlet.http.HttpServletRequest req,
                                   javax.servlet.http.HttpServletResponse resp)
                            throws java.io.IOException,
                                   javax.servlet.ServletException
Description copied from interface: AuthenticationDriver
Authenticate user based on information in http request such as Authorization header or cached session information.

Specified by:
authenticateRequest in interface AuthenticationDriver
Parameters:
context - the context
req - http request
resp - http response
Returns:
true if authentication was successful
Throws:
java.io.IOException
javax.servlet.ServletException

handle

public void handle(javax.security.auth.callback.Callback[] callbacks)
            throws java.io.IOException,
                   javax.security.auth.callback.UnsupportedCallbackException
JAAS callback handler

Specified by:
handle in interface javax.security.auth.callback.CallbackHandler
Parameters:
callbacks - Callback[]
Throws:
java.io.IOException
javax.security.auth.callback.UnsupportedCallbackException

restartLoginChallenge

public void restartLoginChallenge(javax.servlet.ServletContext context,
                                  javax.servlet.http.HttpServletRequest req,
                                  javax.servlet.http.HttpServletResponse resp)
                           throws java.io.IOException
Restart the Kerberos logon process

Specified by:
restartLoginChallenge in interface AuthenticationDriver
Parameters:
resp - HttpServletResponse
httpSess - HttpSession
Throws:
java.io.IOException


Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.