| Home >> All >> net >> sf >> acegisecurity >> [ providers Javadoc ] |
• net.sf.acegisecurity.providers: Javadoc index of package net.sf.acegisecurity.providers.
Package Samples:
• net.sf.acegisecurity.providers.cas.cache: An authentication provider that can process Yale Central Authentication Service (CAS) service tickets and proxy tickets.
• net.sf.acegisecurity.providers.dao.salt: An authentication provider that relies upon a data access object.
• net.sf.acegisecurity.providers.rememberme: Implements a provider-based approach to authentication decisions.
• net.sf.acegisecurity.providers.x509
• net.sf.acegisecurity.providers.x509.populator
• net.sf.acegisecurity.providers.x509.cache
• net.sf.acegisecurity.providers.dao.jdbc
• net.sf.acegisecurity.providers.dao.event
• net.sf.acegisecurity.providers.dao.cache
• net.sf.acegisecurity.providers.dao.memory
• net.sf.acegisecurity.providers.dao
• net.sf.acegisecurity.providers.cas.ticketvalidator
• net.sf.acegisecurity.providers.cas.proxy
• net.sf.acegisecurity.providers.cas.populator
• net.sf.acegisecurity.providers.cas
• net.sf.acegisecurity.providers.anonymous
• net.sf.acegisecurity.providers.encoding
• net.sf.acegisecurity.providers.jaas.event
• net.sf.acegisecurity.providers.jaas
• net.sf.acegisecurity.providers.rcp
Classes:
• JaasAuthenticationProvider: An net.sf.acegisecurity.providers.AuthenticationProvider implementation that retrieves user details from a JAAS login configuration. This AuthenticationProvider is capable of validating net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken requests contain the correct username and password. This implementation is backed by a JAAS configuration. The loginConfig property must be set to a given JAAS configuration file. This setter accepts a Spring org.springframework.core.io.Resource instance. It should point to a JAAS configuration file containing an index matching the loginContextName ...
• PasswordDaoAuthenticationProvider: An net.sf.acegisecurity.providers.AuthenticationProvider implementation that retrieves user details from a PasswordAuthenticationDao . This AuthenticationProvider is capable of validating net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken requests containing the correct username, password and when the user is not disabled. Unlike DaoAuthenticationProvider , the responsibility for password validation is delegated to PasswordAuthenticationDao . Upon successful validation, a UsernamePasswordAuthenticationToken will be created and returned to the caller. The token will include as its ...
• DaoAuthenticationProvider: An net.sf.acegisecurity.providers.AuthenticationProvider implementation that retrieves user details from an AuthenticationDao . This AuthenticationProvider is capable of validating net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken requests contain the correct username, password and the user is not disabled. Upon successful validation, a UsernamePasswordAuthenticationToken will be created and returned to the caller. The token will include as its principal either a String representation of the username, or the net.sf.acegisecurity.UserDetails that was returned from the authentication ...
• AnonymousProcessingFilter: Detects if there is no Authentication object in the ContextHolder , and populates it with one if needed. In summary, this filter is responsible for processing any request that has a HTTP request header of Authorization with an authentication scheme of Basic and a Base64-encoded username:password token. For example, to authenticate user "Aladdin" with password "open sesame" the following header would be presented: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== . This filter can be used to provide BASIC authentication services to both remoting protocol clients (such as Hessian and SOAP) as well ...
• StatelessTicketCache: Caches CAS service tickets and CAS proxy tickets for stateless connections. When a service ticket or proxy ticket is validated against the CAS server, it is unable to be used again. Most types of callers are stateful and are associated with a given HttpSession . This allows the affirmative CAS validation outcome to be stored in the HttpSession , meaning the removal of the ticket from the CAS server is not an issue. Stateless callers, such as remoting protocols, cannot take advantage of HttpSession . If the stateless caller is located a significant network distance from the CAS server, acquiring ...
• CasProxyDecider: Decides whether a proxy list presented via CAS is trusted or not. CAS 1.0 allowed services to receive a service ticket and then validate it. CAS 2.0 allows services to receive a service ticket and then validate it with a proxy callback URL. The callback will enable the CAS server to authenticate the service. In doing so the service will receive a proxy-granting ticket and a proxy-granting ticket IOU. The IOU is just an internal record that a proxy-granting ticket is due to be received via the callback URL. With a proxy-granting ticket, a service can request the CAS server provides it with a proxy ...
• JdbcDaoImpl: Retrieves user details (username, password, enabled flag, and authorities) from a JDBC location. A default database structure is assumed, (see DEF_USERS_BY_USERNAME_QUERY 55 and DEF_AUTHORITIES_BY_USERNAME_QUERY 55 , which most users of this class will need to override, if using an existing scheme. This may be done by setting the default query strings used. If this does not provide enough flexibility, another strategy would be to subclass this class and override the org.springframework.jdbc.object.MappingSqlQuery instances used, via the initMappingSqlQueries() 55 extension point. In order to minimise ...
• CasAuthoritiesPopulator: Populates the UserDetails associated with a CAS authenticated user. CAS does not provide the authorities (roles) granted to a user. It merely authenticates their identity. As the Acegi Security System for Spring needs to know the authorities granted to a user in order to construct a valid Authentication object, implementations of this interface will provide this information. A net.sf.acegisecurity.UserDetails is returned by implementations. The UserDetails must, at minimum, contain the username and GrantedAuthority[] objects applicable to the CAS-authenticated user. Note that Acegi Security ignores ...
• RemoteAuthenticationProvider: Client-side object which queries a RemoteAuthenticationManager to validate an authentication request. A new Authentication object is created by this class comprising the request Authentication object's principal , credentials and the GrantedAuthority []s returned by the RemoteAuthenticationManager . The RemoteAuthenticationManager should not require any special username or password setting on the remoting client proxy factory to execute the call. Instead the entire authentication request must be encapsulated solely within the Authentication request object. In practical terms this means the RemoteAuthenticationManager ...
• UserMapEditor: Property editor to assist with the setup of a UserMap . The format of entries should be: username=password,grantedAuthority[,grantedAuthority][,enabled|disabled] The password must always be the first entry after the equals. The enabled or disabled keyword can appear anywhere (apart from the first entry reserved for the password). If neither enabled or disabled appear, the default is enabled . At least one granted authority must be listed. The username represents the key and duplicates are handled the same was as duplicates would be in Java Properties files. If the above requirements are not met, ...
• CasAuthenticationProvider: An net.sf.acegisecurity.providers.AuthenticationProvider implementation that integrates with Yale Central Authentication Service (CAS). This AuthenticationProvider is capable of validating net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken requests which contain a principal name equal to either CasProcessingFilter.CAS_STATEFUL_IDENTIFIER > CasProcessingFilter.CAS_STATEFUL_IDENTIFIER 55 or CasProcessingFilter.CAS_STATELESS_IDENTIFIER > CasProcessingFilter.CAS_STATELESS_IDENTIFIER 55 . It can also validate a previously created CasAuthenticationToken .
• ConcurrentSessionControllerImpl: Used by the ProviderManager to track Authentications and their respective sessions. A given user is allowed setMaxSessions(int) 55 sessions. If they attempt to exceed that ammount a ConcurrentLoginException will be thrown. The ConcurrentSessionControllerImpl class will listen for net.sf.acegisecurity.ui.session.HttpSessionDestroyedEvent s in the ApplicationContext to remove a session from the internal tracking. This class will not function properly without a net.sf.acegisecurity.ui.session.HttpSessionEventPublisher configured in web.xml.
• AnonymousAuthenticationProvider: An net.sf.acegisecurity.providers.AuthenticationProvider implementation that validates AnonymousAuthenticationToken s. To be successfully validated, the AnonymousAuthenticationToken.getKeyHash() 55 must match this class' getKey() 55 .
• AuthenticationEvent: Represents a net.sf.acegisecurity.provider.dao application event. Subclasses exist for different types of authentication events. All authentication events relate to a particular net.sf.acegisecurity.providers.dao.User and are caused by a particular net.sf.acegisecurity.Authentication object. This is intended to permit logging of successful and unsuccessful login attempts, and facilitate the locking of accounts. The ApplicationEvent 's source will be the Authentication object.
• TestingAuthenticationProvider: An AuthenticationProvider implementation for the TestingAuthenticationToken . It simply accepts as valid whatever is contained within the TestingAuthenticationToken . The purpose of this implementation is to facilitate unit testing. This provider should never be enabled on a production system .
• RememberMeAuthenticationProvider: An net.sf.acegisecurity.providers.AuthenticationProvider implementation that validates RememberMeAuthenticationToken s. To be successfully validated, the must match this class' getKey() 55 .
• X509UserCache: Provides a cache of net.sf.acegisecurity.UserDetails objects for the X509AuthenticationProvider . Similar in function to the net.sf.acegisecurity.providers.dao.UserCache used by the Dao provider, but the cache is keyed with the user's certificate rather than the user name.
• JaasAuthenticationCallbackHandler: The JaasAuthenticationCallbackHandler is similar to the javax.security.auth.callback.CallbackHandler interface in that it defines a handle method. The JaasAuthenticationCallbackHandler is only asked to handle one Callback instance at at time rather than an array of all Callbacks, as the javax... CallbackHandler defines. Before a JaasAuthenticationCallbackHandler is asked to 'handle' any callbacks, it is first passed the Authentication object that the login attempt is for. NOTE: The Authentication object has not been 'authenticated' yet.
• ProviderManager: Iterates an net.sf.acegisecurity.Authentication request through a list of AuthenticationProvider s. Can optionally be configured with a ConcurrentSessionController to limit the number of sessions a user can have.
• TicketValidator: Validates a CAS service ticket. Implementations must accept CAS proxy tickets, in addition to CAS service tickets. If proxy tickets should be rejected, this is resolved by a CasProxyDecider implementation (not by the TicketValidator ). Implementations may request a proxy granting ticket if wish, although this behaviour is not mandatory.
• UserCache: Provides a cache of User objects. Implementations should provide appropriate methods to set their cache parameters (eg time-to-live) and/or force removal of entities before their normal expiration. These are not part of the UserCache interface contract because they vary depending on the type of caching system used (eg in-memory vs disk vs cluster vs hybrid).
• User: Models core user information retieved by an AuthenticationDao . Implemented with value object semantics (immutable after construction, like a String ). Developers may use this class directly, subclass it, or write their own net.sf.acegisecurity.UserDetails implementation from scratch.
• X509AuthoritiesPopulator: Populates the UserDetails associated with the X.509 certificate presented by a client. Although the certificate will already have been validated by the web container, implementations may choose to perform additional application-specific checks on the certificate content here. If an implementation chooses to reject the certificate, it should throw a net.sf.acegisecurity.BadCredentialsException .
• ProviderNotFoundException: Thrown by ProviderManager if no AuthenticationProvider could be found that supports the presented net.sf.acegisecurity.Authentication object.
• UsernamePasswordAuthenticationToken: An net.sf.acegisecurity.Authentication implementation that is designed for simple presentation of a username and password. The principal and credentials should be set with an Object that provides the respective property via its Object.toString() method. The simplest such Object to use is String .
| Home | Contact Us | Privacy Policy | Terms of Service |