public class ConfigurableSpnegoLoginService extends ContainerLifeCycle implements LoginService
A configurable (as opposed to using system properties) SPNEGO LoginService.
At startup, this LoginService will login via JAAS the service principal, composed
of the service name
and the host name
,
for example HTTP/wonder.com
, using a keyTab
file as the service principal
credentials.
Upon receiving an HTTP request, the server tries to authenticate the client
calling login(String, Object, ServletRequest)
where the GSS APIs are used to
verify client tokens and (perhaps after a few round-trips) a GSSContext
is
established.
AbstractLifeCycle.AbstractLifeCycleListener
Container.InheritedListener, Container.Listener
LifeCycle.Listener
Constructor and Description |
---|
ConfigurableSpnegoLoginService(String realm,
org.eclipse.jetty.security.authentication.AuthorizationService authorizationService) |
Modifier and Type | Method and Description |
---|---|
String |
getHostName() |
IdentityService |
getIdentityService()
Get the IdentityService associated with this Login Service.
|
Path |
getKeyTabPath() |
String |
getName() |
String |
getServiceName() |
UserIdentity |
login(String username,
Object credentials,
ServletRequest req)
Login a user.
|
void |
logout(UserIdentity user) |
void |
setHostName(String hostName) |
void |
setIdentityService(IdentityService identityService)
Set the IdentityService associated with this Login Service.
|
void |
setKeyTabPath(Path keyTabFile) |
void |
setServiceName(String serviceName) |
boolean |
validate(UserIdentity user)
Validate a user identity.
|
addBean, addBean, addEventListener, addManaged, contains, destroy, dump, dump, dump, dump, dump, dumpObject, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, unmanage, updateBean, updateBean, updateBeans
addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
dumpContainer, dumpIterable, dumpMapEntries, dumpObjects, dumpSelf, named
public ConfigurableSpnegoLoginService(String realm, org.eclipse.jetty.security.authentication.AuthorizationService authorizationService)
public String getName()
getName
in interface LoginService
public Path getKeyTabPath()
public void setKeyTabPath(Path keyTabFile)
keyTabFile
- the path of the keyTab file containing service credentialspublic String getServiceName()
getHostName()
public void setServiceName(String serviceName)
serviceName
- the service namesetHostName(String)
public String getHostName()
setServiceName(String)
public void setHostName(String hostName)
hostName
- the host name of the servicepublic UserIdentity login(String username, Object credentials, ServletRequest req)
LoginService
login
in interface LoginService
username
- The user namecredentials
- The users credentialsreq
- TODOpublic boolean validate(UserIdentity user)
LoginService
LoginService.login(String, Object, ServletRequest)
is still valid.validate
in interface LoginService
user
- The user to validatepublic IdentityService getIdentityService()
LoginService
getIdentityService
in interface LoginService
public void setIdentityService(IdentityService identityService)
LoginService
setIdentityService
in interface LoginService
identityService
- the IdentityService associated with this Login Service.public void logout(UserIdentity user)
logout
in interface LoginService
Copyright © 2010 - 2020 Adobe. All Rights Reserved