Package org.apereo.cas.configuration.model.support.jaas

Class JaasAuthenticationProperties

java.lang.Object
org.apereo.cas.configuration.model.support.jaas.JaasAuthenticationProperties
All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-core-authentication", automated=true) public class JaasAuthenticationProperties extends Object implements Serializable
This is JaasAuthenticationProperties.
Since:
5.0.0
See Also:

  • Constructor Details

    • JaasAuthenticationProperties

      public JaasAuthenticationProperties()

  • Method Details

    • getRealm

      public String getRealm()
      JAAS realm to use.

    • getKerberosRealmSystemProperty

      public String getKerberosRealmSystemProperty()
      Typically, the default realm and the KDC for that realm are indicated in the Kerberos krb5.conf configuration file. However, if you like, you can instead specify the realm value by setting this following system property value.

      If you set the realm property, you SHOULD also configure the kerberos KDC system property.

      Also note that if you set these properties, then no cross-realm authentication is possible unless a krb5.conf file is also provided from which the additional information required for cross-realm authentication may be obtained.

      If you set values for these properties, then they override the default realm and KDC values specified in krb5.conf (if such a file is found). The krb5.conf file is still consulted if values for items other than the default realm and KDC are needed. If no krb5.conf file is found, then the default values used for these items are implementation-specific.

      See Also:

    • getKerberosKdcSystemProperty

      public String getKerberosKdcSystemProperty()
      Typically, the default realm and the KDC for that realm are indicated in the Kerberos krb5.conf configuration file. However, if you like, you can instead specify the realm value by setting this following system property value.

      If you set the realm property, you SHOULD also configure the kerberos KDC system property.

      Also note that if you set these properties, then no cross-realm authentication is possible unless a krb5.conf file is also provided from which the additional information required for cross-realm authentication may be obtained.

      If you set values for these properties, then they override the default realm and KDC values specified in krb5.conf (if such a file is found). The krb5.conf file is still consulted if values for items other than the default realm and KDC are needed. If no krb5.conf file is found, then the default values used for these items are implementation-specific.

      See Also:

    • getCredentialCriteria

      public String getCredentialCriteria()
      A number of authentication handlers are allowed to determine whether they can operate on the provided credential and as such lend themselves to be tried and tested during the authentication handler selection phase. The credential criteria may be one of the following options:
      • 1) A regular expression pattern that is tested against the credential identifier.
      • 2) A fully qualified class name of your own design that implements Predicate.
      • 3) Path to an external Groovy script that implements the same interface.

    • getLoginConfigType

      public String getLoginConfigType()
      Typically set to JavaLoginConfig which is the default Configuration implementation from the SUN provider. This type accepts a URI/path to a configuration file as a valid parameter type specified via loginConfigurationFile. If this parameter is not specified, then the configuration information is loaded from the sources described in the ConfigFile class specification. If this parameter is specified, the configuration information is loaded solely from the specified URI.

    • getLoginConfigurationFile

      public String getLoginConfigurationFile()
      Path to the location of configuration file (i.e. jaas.conf) that contains the realms and login modules.

    • getPrincipalTransformation

      public PrincipalTransformationProperties getPrincipalTransformation()
      Principal transformation settings.

    • getPasswordPolicy

      public PasswordPolicyProperties getPasswordPolicy()
      Password policy settings.

    • getPasswordEncoder

      public PasswordEncoderProperties getPasswordEncoder()
      Password encoder settings for JAAS authentication.

    • getPrincipal

      public PersonDirectoryPrincipalResolverProperties getPrincipal()
      Principal construction settings.

    • getName

      public String getName()
      Name of the authentication handler.

    • getOrder

      public int getOrder()
      Order of the authentication handler in the chain.

    • getState

      public AuthenticationHandlerStates getState()
      Define the scope and state of this authentication handler and the lifecycle in which it can be invoked or activated.

    • setRealm

      public JaasAuthenticationProperties setRealm(String realm)
      JAAS realm to use.
      Returns:
      this.

    • setKerberosRealmSystemProperty

      public JaasAuthenticationProperties setKerberosRealmSystemProperty(String kerberosRealmSystemProperty)
      Typically, the default realm and the KDC for that realm are indicated in the Kerberos krb5.conf configuration file. However, if you like, you can instead specify the realm value by setting this following system property value.

      If you set the realm property, you SHOULD also configure the kerberos KDC system property.

      Also note that if you set these properties, then no cross-realm authentication is possible unless a krb5.conf file is also provided from which the additional information required for cross-realm authentication may be obtained.

      If you set values for these properties, then they override the default realm and KDC values specified in krb5.conf (if such a file is found). The krb5.conf file is still consulted if values for items other than the default realm and KDC are needed. If no krb5.conf file is found, then the default values used for these items are implementation-specific.

      Returns:
      this.
      See Also:

    • setKerberosKdcSystemProperty

      public JaasAuthenticationProperties setKerberosKdcSystemProperty(String kerberosKdcSystemProperty)
      Typically, the default realm and the KDC for that realm are indicated in the Kerberos krb5.conf configuration file. However, if you like, you can instead specify the realm value by setting this following system property value.

      If you set the realm property, you SHOULD also configure the kerberos KDC system property.

      Also note that if you set these properties, then no cross-realm authentication is possible unless a krb5.conf file is also provided from which the additional information required for cross-realm authentication may be obtained.

      If you set values for these properties, then they override the default realm and KDC values specified in krb5.conf (if such a file is found). The krb5.conf file is still consulted if values for items other than the default realm and KDC are needed. If no krb5.conf file is found, then the default values used for these items are implementation-specific.

      Returns:
      this.
      See Also:

    • setCredentialCriteria

      public JaasAuthenticationProperties setCredentialCriteria(String credentialCriteria)
      A number of authentication handlers are allowed to determine whether they can operate on the provided credential and as such lend themselves to be tried and tested during the authentication handler selection phase. The credential criteria may be one of the following options:
      • 1) A regular expression pattern that is tested against the credential identifier.
      • 2) A fully qualified class name of your own design that implements Predicate.
      • 3) Path to an external Groovy script that implements the same interface.
      Returns:
      this.

    • setLoginConfigType

      public JaasAuthenticationProperties setLoginConfigType(String loginConfigType)
      Typically set to JavaLoginConfig which is the default Configuration implementation from the SUN provider. This type accepts a URI/path to a configuration file as a valid parameter type specified via loginConfigurationFile. If this parameter is not specified, then the configuration information is loaded from the sources described in the ConfigFile class specification. If this parameter is specified, the configuration information is loaded solely from the specified URI.
      Returns:
      this.

    • setLoginConfigurationFile

      public JaasAuthenticationProperties setLoginConfigurationFile(String loginConfigurationFile)
      Path to the location of configuration file (i.e. jaas.conf) that contains the realms and login modules.
      Returns:
      this.

    • setPrincipalTransformation

      public JaasAuthenticationProperties setPrincipalTransformation(PrincipalTransformationProperties principalTransformation)
      Principal transformation settings.
      Returns:
      this.

    • setPasswordPolicy

      public JaasAuthenticationProperties setPasswordPolicy(PasswordPolicyProperties passwordPolicy)
      Password policy settings.
      Returns:
      this.

    • setPasswordEncoder

      public JaasAuthenticationProperties setPasswordEncoder(PasswordEncoderProperties passwordEncoder)
      Password encoder settings for JAAS authentication.
      Returns:
      this.

    • setPrincipal

      public JaasAuthenticationProperties setPrincipal(PersonDirectoryPrincipalResolverProperties principal)
      Principal construction settings.
      Returns:
      this.

    • setName

      public JaasAuthenticationProperties setName(String name)
      Name of the authentication handler.
      Returns:
      this.

    • setOrder

      public JaasAuthenticationProperties setOrder(int order)
      Order of the authentication handler in the chain.
      Returns:
      this.

    • setState

      public JaasAuthenticationProperties setState(AuthenticationHandlerStates state)
      Define the scope and state of this authentication handler and the lifecycle in which it can be invoked or activated.
      Returns:
      this.