Class JaasAuthenticationProperties
- All Implemented Interfaces:
Serializable
JaasAuthenticationProperties
.- Since:
- 5.0.0
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionA number of authentication handlers are allowed to determine whether they can operate on the provided credential and as such lend themselves to be tried and tested during the authentication handler selection phase.Typically, the default realm and the KDC for that realm are indicated in the Kerberoskrb5.conf
configuration file.Typically, the default realm and the KDC for that realm are indicated in the Kerberoskrb5.conf
configuration file.Typically set toJavaLoginConfig
which is the default Configuration implementation from the SUN provider.Path to the location of configuration file (i.e.getName()
Name of the authentication handler.int
getOrder()
Order of the authentication handler in the chain.Password encoder settings for JAAS authentication.Password policy settings.Principal construction settings.Principal transformation settings.getRealm()
JAAS realm to use.getState()
Define the scope and state of this authentication handler and the lifecycle in which it can be invoked or activated.setCredentialCriteria
(String credentialCriteria) A number of authentication handlers are allowed to determine whether they can operate on the provided credential and as such lend themselves to be tried and tested during the authentication handler selection phase.setKerberosKdcSystemProperty
(String kerberosKdcSystemProperty) Typically, the default realm and the KDC for that realm are indicated in the Kerberoskrb5.conf
configuration file.setKerberosRealmSystemProperty
(String kerberosRealmSystemProperty) Typically, the default realm and the KDC for that realm are indicated in the Kerberoskrb5.conf
configuration file.setLoginConfigType
(String loginConfigType) Typically set toJavaLoginConfig
which is the default Configuration implementation from the SUN provider.setLoginConfigurationFile
(String loginConfigurationFile) Path to the location of configuration file (i.e.Name of the authentication handler.setOrder
(int order) Order of the authentication handler in the chain.setPasswordEncoder
(PasswordEncoderProperties passwordEncoder) Password encoder settings for JAAS authentication.setPasswordPolicy
(PasswordPolicyProperties passwordPolicy) Password policy settings.Principal construction settings.setPrincipalTransformation
(PrincipalTransformationProperties principalTransformation) Principal transformation settings.JAAS realm to use.Define the scope and state of this authentication handler and the lifecycle in which it can be invoked or activated.
-
Constructor Details
-
JaasAuthenticationProperties
public JaasAuthenticationProperties()
-
-
Method Details
-
getRealm
JAAS realm to use. -
getKerberosRealmSystemProperty
Typically, the default realm and the KDC for that realm are indicated in the Kerberoskrb5.conf
configuration file. However, if you like, you can instead specify the realm value by setting this following system property value.If you set the realm property, you SHOULD also configure the kerberos KDC system property.
Also note that if you set these properties, then no cross-realm authentication is possible unless a
krb5.conf
file is also provided from which the additional information required for cross-realm authentication may be obtained.If you set values for these properties, then they override the default realm and KDC values specified in
krb5.conf
(if such a file is found). Thekrb5.conf
file is still consulted if values for items other than the default realm and KDC are needed. If nokrb5.conf
file is found, then the default values used for these items are implementation-specific.- See Also:
-
getKerberosKdcSystemProperty
Typically, the default realm and the KDC for that realm are indicated in the Kerberoskrb5.conf
configuration file. However, if you like, you can instead specify the realm value by setting this following system property value.If you set the realm property, you SHOULD also configure the kerberos KDC system property.
Also note that if you set these properties, then no cross-realm authentication is possible unless a
krb5.conf
file is also provided from which the additional information required for cross-realm authentication may be obtained.If you set values for these properties, then they override the default realm and KDC values specified in
krb5.conf
(if such a file is found). Thekrb5.conf
file is still consulted if values for items other than the default realm and KDC are needed. If nokrb5.conf
file is found, then the default values used for these items are implementation-specific.- See Also:
-
getCredentialCriteria
A number of authentication handlers are allowed to determine whether they can operate on the provided credential and as such lend themselves to be tried and tested during the authentication handler selection phase. The credential criteria may be one of the following options:- 1) A regular expression pattern that is tested against the credential identifier.
- 2) A fully qualified class name of your own design that implements
Predicate
. - 3) Path to an external Groovy script that implements the same interface.
-
getLoginConfigType
Typically set toJavaLoginConfig
which is the default Configuration implementation from the SUN provider. This type accepts a URI/path to a configuration file as a valid parameter type specified vialoginConfigurationFile
. If this parameter is not specified, then the configuration information is loaded from the sources described in the ConfigFile class specification. If this parameter is specified, the configuration information is loaded solely from the specified URI. -
getLoginConfigurationFile
Path to the location of configuration file (i.e. jaas.conf) that contains the realms and login modules. -
getPrincipalTransformation
Principal transformation settings. -
getPasswordPolicy
Password policy settings. -
getPasswordEncoder
Password encoder settings for JAAS authentication. -
getPrincipal
Principal construction settings. -
getName
Name of the authentication handler. -
getOrder
public int getOrder()Order of the authentication handler in the chain. -
getState
Define the scope and state of this authentication handler and the lifecycle in which it can be invoked or activated. -
setRealm
JAAS realm to use.- Returns:
this
.
-
setKerberosRealmSystemProperty
public JaasAuthenticationProperties setKerberosRealmSystemProperty(String kerberosRealmSystemProperty) Typically, the default realm and the KDC for that realm are indicated in the Kerberoskrb5.conf
configuration file. However, if you like, you can instead specify the realm value by setting this following system property value.If you set the realm property, you SHOULD also configure the kerberos KDC system property.
Also note that if you set these properties, then no cross-realm authentication is possible unless a
krb5.conf
file is also provided from which the additional information required for cross-realm authentication may be obtained.If you set values for these properties, then they override the default realm and KDC values specified in
krb5.conf
(if such a file is found). Thekrb5.conf
file is still consulted if values for items other than the default realm and KDC are needed. If nokrb5.conf
file is found, then the default values used for these items are implementation-specific.- Returns:
this
.- See Also:
-
setKerberosKdcSystemProperty
Typically, the default realm and the KDC for that realm are indicated in the Kerberoskrb5.conf
configuration file. However, if you like, you can instead specify the realm value by setting this following system property value.If you set the realm property, you SHOULD also configure the kerberos KDC system property.
Also note that if you set these properties, then no cross-realm authentication is possible unless a
krb5.conf
file is also provided from which the additional information required for cross-realm authentication may be obtained.If you set values for these properties, then they override the default realm and KDC values specified in
krb5.conf
(if such a file is found). Thekrb5.conf
file is still consulted if values for items other than the default realm and KDC are needed. If nokrb5.conf
file is found, then the default values used for these items are implementation-specific.- Returns:
this
.- See Also:
-
setCredentialCriteria
A number of authentication handlers are allowed to determine whether they can operate on the provided credential and as such lend themselves to be tried and tested during the authentication handler selection phase. The credential criteria may be one of the following options:- 1) A regular expression pattern that is tested against the credential identifier.
- 2) A fully qualified class name of your own design that implements
Predicate
. - 3) Path to an external Groovy script that implements the same interface.
- Returns:
this
.
-
setLoginConfigType
Typically set toJavaLoginConfig
which is the default Configuration implementation from the SUN provider. This type accepts a URI/path to a configuration file as a valid parameter type specified vialoginConfigurationFile
. If this parameter is not specified, then the configuration information is loaded from the sources described in the ConfigFile class specification. If this parameter is specified, the configuration information is loaded solely from the specified URI.- Returns:
this
.
-
setLoginConfigurationFile
Path to the location of configuration file (i.e. jaas.conf) that contains the realms and login modules.- Returns:
this
.
-
setPrincipalTransformation
public JaasAuthenticationProperties setPrincipalTransformation(PrincipalTransformationProperties principalTransformation) Principal transformation settings.- Returns:
this
.
-
setPasswordPolicy
Password policy settings.- Returns:
this
.
-
setPasswordEncoder
Password encoder settings for JAAS authentication.- Returns:
this
.
-
setPrincipal
public JaasAuthenticationProperties setPrincipal(PersonDirectoryPrincipalResolverProperties principal) Principal construction settings.- Returns:
this
.
-
setName
Name of the authentication handler.- Returns:
this
.
-
setOrder
Order of the authentication handler in the chain.- Returns:
this
.
-
setState
Define the scope and state of this authentication handler and the lifecycle in which it can be invoked or activated.- Returns:
this
.
-