Package org.alfresco.repo.webdav.auth
Class BaseKerberosAuthenticationFilter
java.lang.Object
org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
org.alfresco.repo.webdav.auth.BaseKerberosAuthenticationFilter
- All Implemented Interfaces:
CallbackHandler
,ActivateableBean
,DependencyInjectedFilter
,AuthenticationDriver
,org.springframework.beans.factory.InitializingBean
- Direct Known Subclasses:
KerberosAuthenticationFilter
,KerberosAuthenticationFilter
public abstract class BaseKerberosAuthenticationFilter
extends BaseSSOAuthenticationFilter
implements CallbackHandler
Base class with common code and initialisation for Kerberos authentication filters.
- Author:
- gkspencer
-
Field Summary
Fields inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
loginPageLink, MIME_HTML_TEXT
Fields inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
ARG_TICKET, AUTHENTICATION_USER, authenticationComponent, authenticationListener, authenticationService, NO_AUTH_REQUIRED, nodeService, personService, remoteUserMapper, transactionService
Fields inherited from interface org.alfresco.repo.webdav.auth.AuthenticationDriver
AUTHENTICATION_USER
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionboolean
authenticateRequest
(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) Authenticate user based on information in http request such as Authorization header or cached session information.protected boolean
checkLoginPage
(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) void
JAAS callback handlerprotected void
init()
Initializes the filter.void
logonStartAgain
(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) The logon to start againvoid
restartLoginChallenge
(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) Restart the Kerberos logon processvoid
setJaasConfigEntryName
(String jaasConfigEntryName) Sets the HTTP service login configuration entry name.void
setPassword
(String password) Sets the HTTP service account password.void
Sets the HTTP service account realm.void
setStripKerberosUsernameSuffix
(boolean stripKerberosUsernameSuffix) Indicates whether the @domain suffix should be removed from Kerberos user IDsMethods inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
afterPropertiesSet, allowsTicketLogons, checkForTicketParameter, doFilter, getLoginPage, getLoginPageLink, getSecurityConfigSection, getServerName, hasLoginPage, includeFallbackAuth, isActive, isFallbackEnabled, isNTLMSSPBlob, onLoginComplete, onValidate, onValidateFailed, performFallbackAuthentication, redirectToLoginPage, setActive, setFallback, setFallbackEnabled, setLoginPage, setLoginPageLink, setServerConfiguration, setTicketLogons, writeLoginPageLink
Methods inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
createUserEnvironment, createUserEnvironment, createUserObject, doInSystemTransaction, getLogger, getSessionUser, getUserAttributeName, handleLoginForm, invalidateSession, setAuthenticationComponent, setAuthenticationListener, setAuthenticationService, setNodeService, setPersonService, setRemoteUserMapper, setTransactionService, setUserAttributeName
-
Constructor Details
-
BaseKerberosAuthenticationFilter
public BaseKerberosAuthenticationFilter()
-
-
Method Details
-
setPassword
Sets the HTTP service account password. (the Principal should be configured in java.login.config)- Parameters:
password
- the password to set
-
setRealm
Sets the HTTP service account realm.- Parameters:
realm
- the realm to set
-
setJaasConfigEntryName
Sets the HTTP service login configuration entry name. The default is"AlfrescoHTTP"
.- Parameters:
jaasConfigEntryName
- the jaasConfigEntryName to set
-
setStripKerberosUsernameSuffix
public void setStripKerberosUsernameSuffix(boolean stripKerberosUsernameSuffix) Indicates whether the @domain suffix should be removed from Kerberos user IDs- Parameters:
stripKerberosUsernameSuffix
-true
if the @domain suffix should be removed from Kerberos user IDs
-
init
protected void init() throws javax.servlet.ServletExceptionDescription copied from class:BaseSSOAuthenticationFilter
Initializes the filter. Only called if the filter is active, as indicated byBaseSSOAuthenticationFilter.isActive()
. Subclasses should override.- Overrides:
init
in classBaseSSOAuthenticationFilter
- Throws:
javax.servlet.ServletException
-
authenticateRequest
public boolean authenticateRequest(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException, javax.servlet.ServletException Description copied from interface:AuthenticationDriver
Authenticate user based on information in http request such as Authorization header or cached session information.- Specified by:
authenticateRequest
in interfaceAuthenticationDriver
- Parameters:
context
- the contextreq
- http requestresp
- http response- Returns:
true
if authentication was successful- Throws:
IOException
javax.servlet.ServletException
-
checkLoginPage
protected boolean checkLoginPage(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) -
handle
JAAS callback handler- Specified by:
handle
in interfaceCallbackHandler
- Parameters:
callbacks
- Callback[]- Throws:
IOException
UnsupportedCallbackException
-
restartLoginChallenge
public void restartLoginChallenge(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException Restart the Kerberos logon process- Specified by:
restartLoginChallenge
in interfaceAuthenticationDriver
- Parameters:
context
- ServletContextreq
- HttpServletRequestresp
- HttpServletResponse- Throws:
IOException
-
logonStartAgain
public void logonStartAgain(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException The logon to start again- Parameters:
context
- ServletContextreq
- HttpServletRequestresp
- HttpServletResponse- Throws:
IOException
-