|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectjavax.servlet.GenericServlet
javax.servlet.http.HttpServlet
edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet
public class UsernamePasswordLoginServlet
This Servlet authenticates a user via JAAS. The user's credential is always added to the returned Subject as
a UsernamePasswordCredential within the subject's private credentials.
By default, this Servlet assumes that the authentication method
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport to be returned to the authentication
engine. This can be override by setting the servlet configuration parameter authnMethod.
| Nested Class Summary | |
|---|---|
protected class |
UsernamePasswordLoginServlet.SimpleCallbackHandler
A callback handler that provides static name and password data to a JAAS loging process. |
| Field Summary | |
|---|---|
private String |
authenticationMethod
The authentication method returned to the authentication engine. |
private String |
failureParam
Parameter name to indicate login failure. |
private String |
jaasConfigName
Name of JAAS configuration used to authenticate users. |
private String |
jaasInitParam
init-param which can be passed to the servlet to override the default JAAS config. |
private org.slf4j.Logger |
log
Class logger. |
private String |
loginPage
Login page name. |
private String |
loginPageInitParam
init-param which can be passed to the servlet to override the default login page. |
private String |
passwordAttribute
HTTP request parameter containing the user's password. |
private static long |
serialVersionUID
Serial version UID. |
private String |
usernameAttribute
HTTP request parameter containing the user name. |
| Constructor Summary | |
|---|---|
UsernamePasswordLoginServlet()
|
|
| Method Summary | |
|---|---|
protected void |
authenticateUser(javax.servlet.http.HttpServletRequest request,
String username,
String password)
Authenticate a username and password against JAAS. |
void |
init(javax.servlet.ServletConfig config)
|
protected void |
redirectToLoginPage(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Sends the user to the login page. |
protected void |
service(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
|
| Methods inherited from class javax.servlet.http.HttpServlet |
|---|
doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service |
| Methods inherited from class javax.servlet.GenericServlet |
|---|
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
private static final long serialVersionUID
private final org.slf4j.Logger log
private String authenticationMethod
private String jaasConfigName
private final String jaasInitParam
private String loginPage
private final String loginPageInitParam
private final String failureParam
private final String usernameAttribute
private final String passwordAttribute
| Constructor Detail |
|---|
public UsernamePasswordLoginServlet()
| Method Detail |
|---|
public void init(javax.servlet.ServletConfig config)
throws javax.servlet.ServletException
init in interface javax.servlet.Servletinit in class javax.servlet.GenericServletjavax.servlet.ServletException
protected void service(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws javax.servlet.ServletException,
IOException
service in class javax.servlet.http.HttpServletjavax.servlet.ServletException
IOException
protected void redirectToLoginPage(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
request - current requestresponse - current response
protected void authenticateUser(javax.servlet.http.HttpServletRequest request,
String username,
String password)
throws LoginException
request - current authentication requestusername - the principal name of the user to be authenticatedpassword - the password of the user to be authenticated
LoginException - thrown if there is a problem authenticating the user
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||