org.alfresco.repo.security.authentication.jaas
Class JAASAuthenticationComponent
java.lang.Object
org.alfresco.repo.security.authentication.AbstractAuthenticationComponent
org.alfresco.repo.security.authentication.jaas.JAASAuthenticationComponent
- All Implemented Interfaces:
- AuthenticationComponent, AuthenticationContext
public class JAASAuthenticationComponent
- extends AbstractAuthenticationComponent
JAAS based authentication
The user name and password are picked up from login.
The other configurable parameters are:
realm - the authentication realm if required,
and the entry name to use from the login context.
You will need to be familiar with the JAAS authentication process to set this up.
In summary you will need to configure java.security (in the lib/security directory of the jre you are using)
to find a jaas configuration.
This entry could be used if you want to put the login configuration in the same place (in the lib/security directory of the jre you are using)
login.config.url.1=file:${java.home}/lib/security/java.login.config
Example configuration entries for Kerberos would be:
Alfresco {
com.sun.security.auth.module.Krb5LoginModule sufficient;
};
com.sun.net.ssl.client {
com.sun.security.auth.module.Krb5LoginModule sufficient;
};
other {
com.sun.security.auth.module.Krb5LoginModule sufficient;
};
This sets up authentication using Kerberos for Alfresco and some defaults that would use the same mechanism if sasl failed for example.
You could use kerberos and LDAP combined against an Active Directory server.
Methods inherited from class org.alfresco.repo.security.authentication.AbstractAuthenticationComponent |
authenticate, clearCurrentSecurityContext, getAllowGuestLogin, getCurrentAuthentication, getCurrentUserName, getDefaultAdministratorUserNames, getDefaultGuestUserNames, getGuestUserName, getGuestUserName, getNodeService, getPersonService, getSystemUserName, getSystemUserName, getTransactionService, getUserDetails, getUserDomain, guestUserAuthenticationAllowed, isCurrentUserTheSystemUser, isGuestUserName, isSystemUserName, setAllowGuestLogin, setAuthenticationContext, setCurrentAuthentication, setCurrentUser, setCurrentUser, setDefaultAdministratorUserNameList, setDefaultAdministratorUserNames, setDefaultGuestUserNameList, setDefaultGuestUserNames, setGuestUserAsCurrentUser, setNodeService, setPersonService, setSystemUserAsCurrentUser, setSystemUserAsCurrentUser, setTransactionService, setUserDetails, setUserRegistrySynchronizer |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
JAASAuthenticationComponent
public JAASAuthenticationComponent()
setJaasConfigEntryName
public void setJaasConfigEntryName(java.lang.String jaasConfigEntryName)
setRealm
public void setRealm(java.lang.String realm)
implementationAllowsGuestLogin
protected boolean implementationAllowsGuestLogin()
- Jaas does not support guest login
- Specified by:
implementationAllowsGuestLogin
in class AbstractAuthenticationComponent
authenticateImpl
protected void authenticateImpl(java.lang.String userName,
char[] password)
throws org.alfresco.repo.security.authentication.AuthenticationException
- Implement Authentication
- Overrides:
authenticateImpl
in class AbstractAuthenticationComponent
- Throws:
org.alfresco.repo.security.authentication.AuthenticationException
Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.