IPAddressLoginHandler (Shibboleth Identity Provider 2.4.2 API)

java.lang.Object
- edu.internet2.middleware.shibboleth.idp.authn.provider.AbstractLoginHandler
- - edu.internet2.middleware.shibboleth.idp.authn.provider.IPAddressLoginHandler

All Implemented Interfaces:

LoginHandler
```
public class IPAddressLoginHandler
extends AbstractLoginHandler
```
IP Address authentication handler. This "authenticates" a user based on their IP address. It operates in either default deny or default allow mode, and evaluates a given request against a list of blocked or permitted IPs. It supports both IPv4 and IPv6.

Field Summary

Fields
Modifier and Type	Field and Description
`private String`	`authenticatedUser` The username to use for IP-address "authenticated" users.
`private boolean`	`ipInRangeIsAuthenticated` Whether a user is "authenticated" if their IP address is within a configured IP range.
`private List<IPRange>`	`ipRanges` List of configured IP ranged.
`private org.slf4j.Logger`	`log` Class logger.

Fields inherited from interface edu.internet2.middleware.shibboleth.idp.authn.LoginHandler
AUTHENTICATION_ERROR_KEY, AUTHENTICATION_EXCEPTION_KEY, AUTHENTICATION_INSTANT_KEY, AUTHENTICATION_METHOD_KEY, PRINCIPAL_KEY, PRINCIPAL_NAME_KEY, SUBJECT_KEY

Constructor Summary

Constructors
Constructor and Description

IPAddressLoginHandler(String user, List<IPRange> ranges, boolean isIpInRangeAuthenticated)
Constructor.

Constructors
Constructor and Description
`IPAddressLoginHandler(String user, List<IPRange> ranges, boolean isIpInRangeAuthenticated)` Constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`protected boolean`	`authenticate(InetAddress clientAddress)` Authenticates the client address.
`void`	`login(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)` Authenticate the user making the request.
`boolean`	`supportsForceAuthentication()` Returns if this handler supports the ability to force a user to (re-)authenticate.
`boolean`	`supportsPassive()` Gets whether this handler supports passive authentication.

Methods inherited from class edu.internet2.middleware.shibboleth.idp.authn.provider.AbstractLoginHandler
getAuthenticationDuration, getSupportedAuthenticationMethods, setAuthenticationDuration, setAuthenticationDurection, setSupportsForceAuthentication, setSupportsPassive

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - log
```
private final org.slf4j.Logger log
```
    Class logger.
  - authenticatedUser
```
private String authenticatedUser
```
    The username to use for IP-address "authenticated" users.
  - ipRanges
```
private List<IPRange> ipRanges
```
    List of configured IP ranged.
  - ipInRangeIsAuthenticated
```
private boolean ipInRangeIsAuthenticated
```
    Whether a user is "authenticated" if their IP address is within a configured IP range.
- Constructor Detail
  - IPAddressLoginHandler
```
public IPAddressLoginHandler(String user,
                     List<IPRange> ranges,
                     boolean isIpInRangeAuthenticated)
```
    Constructor.
    
    Parameters:
    user - username to return upon successful "authentication"
    ranges - range of IP addresses specified
    isIpInRangeAuthenticated - whether the specified IP address range represent those that are authenticated or those that are not
- Method Detail
  - supportsPassive
```
public boolean supportsPassive()
```
    Gets whether this handler supports passive authentication.
    
    Specified by:
    
    supportsPassive in interface LoginHandler
    
    Overrides:
    
    supportsPassive in class AbstractLoginHandler
    
    Returns:
    whether this handler supports passive authentication
  - supportsForceAuthentication
```
public boolean supportsForceAuthentication()
```
    Returns if this handler supports the ability to force a user to (re-)authenticate.
    
    Specified by:
    
    supportsForceAuthentication in interface LoginHandler
    
    Overrides:
    
    supportsForceAuthentication in class AbstractLoginHandler
    
    Returns:
    if this handler can force a user to (re-)authenticate.
  - login
```
public void login(javax.servlet.http.HttpServletRequest httpRequest,
         javax.servlet.http.HttpServletResponse httpResponse)
```
    Authenticate the user making the request.
    
    Parameters:
    httpRequest - user request
    httpResponse - response to user
  - authenticate
```
protected boolean authenticate(InetAddress clientAddress)
```
    Authenticates the client address.
    
    Parameters:
    clientAddress - the client address
    
    Returns:
    true if the client address is authenticated, false it not

Class IPAddressLoginHandler

Field Summary

Fields inherited from interface edu.internet2.middleware.shibboleth.idp.authn.LoginHandler

Constructor Summary

Method Summary

Methods inherited from class edu.internet2.middleware.shibboleth.idp.authn.provider.AbstractLoginHandler

Methods inherited from class java.lang.Object

Field Detail

log

authenticatedUser

ipRanges

ipInRangeIsAuthenticated

Constructor Detail

IPAddressLoginHandler

Method Detail

supportsPassive

supportsForceAuthentication

login

authenticate