|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.jetspeed.pipeline.valve.AbstractValve
org.apache.jetspeed.security.impl.AbstractSecurityValve
org.apache.jetspeed.security.impl.ntlm.NtlmSecurityValve
public class NtlmSecurityValve
NTLMSecurityValve provides Subject creation based on the NTLM provided request.getRemoteUser() user name. When request.getRemoteUser() holds a valid value, then this user is authorized. Otherwise the username is retrieved from the Principal name in the request. In this way you can use NTLM authentication, with a fallback authentication method in case the user is not properly authenticated / authorized using NTLM. There are basically three authentication scenarios:
The user is successfully authenticated and authorized by Ntml authentication
A Subject is created, with Principal derived from the remoteUser value from Ntlm authentication
The user is not authenticated by Ntlm, or the authenticated (can be NTLM or any other method) user cannot be authorized by Jetspeed.
An anonymous Subject is created. The user can then be redirected to a login page for example.
The user is authenticated by a (non-NTLM) authentication method, e.g. container-based form authentication.
A subject is created based on the Principal name in the request.
Field Summary |
---|
Fields inherited from class org.apache.jetspeed.security.impl.AbstractSecurityValve |
---|
authenticationConfiguration |
Fields inherited from interface org.apache.jetspeed.pipeline.valve.SecurityValve |
---|
IP_ADDRESS |
Constructor Summary | |
---|---|
NtlmSecurityValve(UserManager userMgr,
java.lang.String networkDomain,
boolean omitDomain,
boolean ntlmAuthRequired)
|
|
NtlmSecurityValve(UserManager userMgr,
java.lang.String networkDomain,
boolean omitDomain,
boolean ntlmAuthRequired,
PortalStatistics statistics)
|
|
NtlmSecurityValve(UserManager userMgr,
java.lang.String networkDomain,
boolean omitDomain,
boolean ntlmAuthRequired,
PortalStatistics statistics,
PortalAuthenticationConfiguration authenticationConfiguration)
|
Method Summary | |
---|---|
protected javax.security.auth.Subject |
getSubject(RequestContext context)
getSubject |
protected java.security.Principal |
getUserPrincipal(RequestContext context)
getUserPrincipal |
java.lang.String |
toString()
|
Methods inherited from class org.apache.jetspeed.security.impl.AbstractSecurityValve |
---|
getSubjectFromSession, invoke, isSessionExpired |
Methods inherited from class org.apache.jetspeed.pipeline.valve.AbstractValve |
---|
initialize |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Methods inherited from interface org.apache.jetspeed.pipeline.valve.Valve |
---|
initialize |
Constructor Detail |
---|
public NtlmSecurityValve(UserManager userMgr, java.lang.String networkDomain, boolean omitDomain, boolean ntlmAuthRequired, PortalStatistics statistics, PortalAuthenticationConfiguration authenticationConfiguration)
userMgr
- A UserManagerstatistics
- Portal StatisticsnetworkDomain
- The network domain is used in combination with the omitDomain
flag.omitDomain
- If true
, then the network domain is stripped from the remoteUser name.ntlmAuthRequired
- if true
, then an exception is thrown when there is no valid remoteUser,
or the remoteUser cannot be authorized.public NtlmSecurityValve(UserManager userMgr, java.lang.String networkDomain, boolean omitDomain, boolean ntlmAuthRequired, PortalStatistics statistics)
public NtlmSecurityValve(UserManager userMgr, java.lang.String networkDomain, boolean omitDomain, boolean ntlmAuthRequired)
Method Detail |
---|
public java.lang.String toString()
toString
in class java.lang.Object
protected java.security.Principal getUserPrincipal(RequestContext context) throws java.lang.Exception
AbstractSecurityValve
getUserPrincipal
Should build and return ajava.security.Principal
that represents the user name
the Subject returned from getSubject()
getUserPrincipal
in class AbstractSecurityValve
java.lang.Exception
protected javax.security.auth.Subject getSubject(RequestContext context) throws java.lang.Exception
AbstractSecurityValve
getSubject
Should build and return ajavax.security.Subject
getSubject
in class AbstractSecurityValve
java.lang.Exception
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |