org.alfresco.repo.webdav.auth
Class BaseKerberosAuthenticationFilter

java.lang.Object
  extended by org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
      extended by org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
          extended by org.alfresco.repo.webdav.auth.BaseKerberosAuthenticationFilter
All Implemented Interfaces:
javax.security.auth.callback.CallbackHandler, org.alfresco.repo.management.subsystems.ActivateableBean, DependencyInjectedFilter, org.springframework.beans.factory.InitializingBean
Direct Known Subclasses:
KerberosAuthenticationFilter

public abstract class BaseKerberosAuthenticationFilter
extends BaseSSOAuthenticationFilter
implements javax.security.auth.callback.CallbackHandler

Base class with common code and initialisation for Kerberos authentication filters.


Field Summary
 
Fields inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
authenticationComponent, NO_AUTH_REQUIRED
 
Fields inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
ARG_TICKET, AUTHENTICATION_USER, authenticationService, nodeService, personService, transactionService
 
Constructor Summary
BaseKerberosAuthenticationFilter()
           
 
Method Summary
 void doFilter(javax.servlet.ServletContext context, javax.servlet.ServletRequest sreq, javax.servlet.ServletResponse sresp, javax.servlet.FilterChain chain)
          The doFilter method of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain.
 void handle(javax.security.auth.callback.Callback[] callbacks)
          JAAS callback handler
protected  void init()
          Initializes the filter.
protected  void restartLoginChallenge(javax.servlet.http.HttpServletResponse resp, javax.servlet.http.HttpSession session)
          Restart the Kerberos logon process
 void setJaasConfigEntryName(java.lang.String jaasConfigEntryName)
          Sets the HTTP service login configuration entry name.
 void setPassword(java.lang.String password)
          Sets the HTTP service account password.
 void setRealm(java.lang.String realm)
          Sets the HTTP service account realm.
 
Methods inherited from class org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter
afterPropertiesSet, allowsTicketLogons, checkForTicketParameter, createUserEnvironment, getLoginPage, getSecurityConfigSection, getServerName, hasLoginPage, isActive, isNTLMSSPBlob, mapClientAddressToDomain, onLoginComplete, onValidate, onValidateFailed, redirectToLoginPage, setActive, setAuthenticationComponent, setLoginPage, setServerConfiguration, setTicketLogons
 
Methods inherited from class org.alfresco.repo.webdav.auth.BaseAuthenticationFilter
createUserEnvironment, createUserObject, doInSystemTransaction, getLogger, getSessionUser, getUserAttributeName, handleLoginForm, invalidateSession, setAuthenticationService, setNodeService, setPersonService, setTransactionService, setUserAttributeName
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BaseKerberosAuthenticationFilter

public BaseKerberosAuthenticationFilter()
Method Detail

setPassword

public void setPassword(java.lang.String password)
Sets the HTTP service account password. (the Principal should be configured in java.login.config)

Parameters:
password - the password to set

setRealm

public void setRealm(java.lang.String realm)
Sets the HTTP service account realm.

Parameters:
realm - the realm to set

setJaasConfigEntryName

public void setJaasConfigEntryName(java.lang.String jaasConfigEntryName)
Sets the HTTP service login configuration entry name. The default is "AlfrescoHTTP".

Parameters:
loginEntryName - the loginEntryName to set

init

protected void init()
             throws javax.servlet.ServletException
Description copied from class: BaseSSOAuthenticationFilter
Initializes the filter. Only called if the filter is active, as indicated by BaseSSOAuthenticationFilter.isActive(). Subclasses should override.

Overrides:
init in class BaseSSOAuthenticationFilter
Throws:
javax.servlet.ServletException

doFilter

public void doFilter(javax.servlet.ServletContext context,
                     javax.servlet.ServletRequest sreq,
                     javax.servlet.ServletResponse sresp,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException
Description copied from interface: DependencyInjectedFilter
The doFilter method of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain. The FilterChain passed in to this method allows the Filter to pass on the request and response to the next entity in the chain.

A typical implementation of this method would follow the following pattern:-
1. Examine the request
2. Optionally wrap the request object with a custom implementation to filter content or headers for input filtering
3. Optionally wrap the response object with a custom implementation to filter content or headers for output filtering
4. a) Either invoke the next entity in the chain using the FilterChain object ( chain.doFilter()),
4. b) or not pass on the request/response pair to the next entity in the filter chain to block the request processing
5. Directly set headers on the response after invocation of the next entity in the filter chain.

Specified by:
doFilter in interface DependencyInjectedFilter
Throws:
java.io.IOException
javax.servlet.ServletException

handle

public void handle(javax.security.auth.callback.Callback[] callbacks)
            throws java.io.IOException,
                   javax.security.auth.callback.UnsupportedCallbackException
JAAS callback handler

Specified by:
handle in interface javax.security.auth.callback.CallbackHandler
Parameters:
callbacks - Callback[]
Throws:
java.io.IOException
javax.security.auth.callback.UnsupportedCallbackException

restartLoginChallenge

protected void restartLoginChallenge(javax.servlet.http.HttpServletResponse resp,
                                     javax.servlet.http.HttpSession session)
                              throws java.io.IOException
Restart the Kerberos logon process

Parameters:
resp - HttpServletResponse
httpSess - HttpSession
Throws:
java.io.IOException


Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.