Class ConfigurableSpnegoLoginService

  • All Implemented Interfaces:
    LoginService, Container, Destroyable, Dumpable, LifeCycle

    public class ConfigurableSpnegoLoginService
    extends ContainerLifeCycle
    implements LoginService

    A configurable (as opposed to using system properties) SPNEGO LoginService.

    At startup, this LoginService will login via JAAS the service principal, composed of the service name and the host name, for example HTTP/wonder.com, using a keyTab file as the service principal credentials.

    Upon receiving an HTTP request, the server tries to authenticate the client calling login(String, Object, ServletRequest) where the GSS APIs are used to verify client tokens and (perhaps after a few round-trips) a GSSContext is established.

    • Constructor Detail

      • ConfigurableSpnegoLoginService

        public ConfigurableSpnegoLoginService​(java.lang.String realm,
                                              AuthorizationService authorizationService)
    • Method Detail

      • getName

        public java.lang.String getName()
        Specified by:
        getName in interface LoginService
        Returns:
        the realm name
      • getKeyTabPath

        public java.nio.file.Path getKeyTabPath()
        Returns:
        the path of the keyTab file containing service credentials
      • setKeyTabPath

        public void setKeyTabPath​(java.nio.file.Path keyTabFile)
        Parameters:
        keyTabFile - the path of the keyTab file containing service credentials
      • getServiceName

        public java.lang.String getServiceName()
        Returns:
        the service name, typically "HTTP"
        See Also:
        getHostName()
      • setServiceName

        public void setServiceName​(java.lang.String serviceName)
        Parameters:
        serviceName - the service name
        See Also:
        setHostName(String)
      • getHostName

        public java.lang.String getHostName()
        Returns:
        the host name of the service
        See Also:
        setServiceName(String)
      • setHostName

        public void setHostName​(java.lang.String hostName)
        Parameters:
        hostName - the host name of the service
      • doStart

        protected void doStart()
                        throws java.lang.Exception
        Description copied from class: ContainerLifeCycle
        Starts the managed lifecycle beans in the order they were added.
        Overrides:
        doStart in class ContainerLifeCycle
        Throws:
        java.lang.Exception
      • login

        public UserIdentity login​(java.lang.String username,
                                  java.lang.Object credentials,
                                  javax.servlet.ServletRequest req)
        Description copied from interface: LoginService
        Login a user.
        Specified by:
        login in interface LoginService
        Parameters:
        username - The user name
        credentials - The users credentials
        req - TODO
        Returns:
        A UserIdentity if the credentials matched, otherwise null
      • getIdentityService

        public IdentityService getIdentityService()
        Description copied from interface: LoginService
        Get the IdentityService associated with this Login Service.
        Specified by:
        getIdentityService in interface LoginService
        Returns:
        the IdentityService associated with this Login Service.
      • setIdentityService

        public void setIdentityService​(IdentityService identityService)
        Description copied from interface: LoginService
        Set the IdentityService associated with this Login Service.
        Specified by:
        setIdentityService in interface LoginService
        Parameters:
        identityService - the IdentityService associated with this Login Service.