See: Description
| Class | Description |
|---|---|
| AbstractAuthenticationHandler |
Base class for all authentication handlers that support configurable naming.
|
| AbstractCredential |
Base class for CAS credentials that are safe for long-term storage.
|
| AcceptAnyAuthenticationPolicyFactory |
Produces authentication policies that passively satisfy any given
Authentication. |
| AcceptUsersAuthenticationHandler |
Handler that contains a list of valid users and passwords.
|
| AllAuthenticationPolicy |
Authentication security policy that is satisfied iff all given credentials are successfully authenticated.
|
| AnyAuthenticationPolicy |
Authentication policy that is satisfied by at least one successfully authenticated credential.
|
| BasicCredentialMetaData |
Basic credential metadata implementation that stores the original credential ID and the original credential type.
|
| CacheCredentialsMetaDataPopulator |
We utilize the
AuthenticationMetaDataPopulator to retrieve and store
the password as an authentication attribute under the key
UsernamePasswordCredential.AUTHENTICATION_ATTRIBUTE_PASSWORD. |
| DefaultAuthenticationBuilder |
Constructs immutable
Authentication objects using the builder pattern. |
| DefaultHandlerResult |
Contains information about a successful authentication produced by an
AuthenticationHandler. |
| FileTrustStoreSslSocketFactory |
The SSL socket factory that loads the SSL context from a custom
truststore file strictly used ssl handshakes for proxy authentication.
|
| HttpBasedServiceCredential |
A credential representing an HTTP endpoint given by a URL.
|
| ImmutableAuthentication |
Immutable authentication event whose attributes may not change after creation.
|
| NotPreventedAuthenticationPolicy |
Authentication policy that defines success as at least one authentication success and no authentication attempts
that were prevented by system errors.
|
| OneTimePasswordCredential |
Describes a one-time-password credential that contains an optional unique identifier and required password.
|
| PolicyBasedAuthenticationManager |
Provides an authenticaiton manager that is inherently aware of multiple credentials and supports pluggable
security policy via the
AuthenticationPolicy component. |
| RememberMeUsernamePasswordCredential |
Handles both remember me services and username and password.
|
| RequiredHandlerAuthenticationPolicy |
Authentication security policy that is satisfied iff a specified authentication handler successfully authenticates
at least one credential.
|
| RequiredHandlerAuthenticationPolicyFactory |
Produces
ContextualAuthenticationPolicy instances that are satisfied iff the given Authentication
was created by authenticating credentials by all handlers named in
RegisteredService.getRequiredHandlers(). |
| SuccessfulHandlerMetaDataPopulator |
Sets an authentication attribute containing the collection of authentication handlers (by name) that successfully
authenticated credential.
|
| UsernamePasswordCredential |
Credential for authenticating with a username and password.
|
| Exception | Description |
|---|---|
| AccountDisabledException |
Describes an authentication error condition where a user account has been administratively disabled.
|
| AccountPasswordMustChangeException |
Describes an authentication error condition where a user account's password must change before login.
|
| InvalidLoginLocationException |
Describes an error condition where authentication occurs from a location that is disallowed by security policy
applied to the underlying user account.
|
| InvalidLoginTimeException |
Describes an error condition where authentication occurs at a time that is disallowed by security policy
applied to the underlying user account.
|
| MixedPrincipalException |
Describes an error condition where non-identical principals have been resolved while authenticating
multiple credentials.
|
| PrincipalException |
Describes a principal resolution error, which is a subcategory of authentication error.
|
| UnresolvedPrincipalException |
Describes an error condition where a principal could not be resolved.
|
Authentication validates the Credentials provided during a /login request. In this context, "Credentials" are an opaque object declared with the Credentials marker interface. The AuthenticationManager typically passes the Credentials to a sequence of plug-in elements to see if any of them can recognize and process the concrete implementing type.
Successful authentication generates a Principal object wrapped in an Authentication object. All these objects must be serializable, and the Authentication becomes part of the TGT in the ticket cache.
Unsucessful authentication must throw an AuthenticationException. The AuthenticationManager may not return null to signal a failure.
Copyright © 2004-2016 Apereo. All Rights Reserved.