org.craftercms.security.processors.impl

Class AuthenticationHeadersLoginProcessor

java.lang.Object

org.craftercms.security.processors.impl.AuthenticationHeadersLoginProcessor

All Implemented Interfaces:

RequestSecurityProcessor

public class AuthenticationHeadersLoginProcessor
extends Object
implements RequestSecurityProcessor

RequestSecurityProcessor that auto logins a user through the headers provided by the Apache mod_auth_mellon SAML authentication module. If the user doesn't exist, it creates it.

Author:

avasquez

Field Summary

Fields

Modifier and Type	Field and Description
protected AuthenticationManager	authenticationManager
static String	DEFAULT_EMAIL_HEADER_NAME
static String	DEFAULT_MELLON_HEADER_PREFIX
static String	DEFAULT_TOKEN_HEADER_NAME
static String	DEFAULT_USERNAME_HEADER_NAME
protected String	emailHeaderName
static org.slf4j.Logger	logger
protected String	mellonHeaderPrefix
protected ProfileService	profileService
protected TenantService	tenantService
protected TenantsResolver	tenantsResolver
protected String	tokenExpectedValue
protected String	tokenHeaderName
protected String	usernameHeaderName

Constructor Summary

Constructors

Constructor and Description
AuthenticationHeadersLoginProcessor()

Method Summary

Modifier and Type	Method and Description
protected Profile	createProfileWithSsoInfo(String username, Tenant tenant, javax.servlet.http.HttpServletRequest request)
protected Tenant	getSsoEnabledTenant(String[] tenantNames)
String	getTokenExpectedValue()
protected boolean	hasValidToken(javax.servlet.http.HttpServletRequest request)
void	processRequest(org.craftercms.commons.http.RequestContext context, RequestSecurityProcessorChain processorChain) Processes a request, enforcing security when required.
void	setAuthenticationManager(AuthenticationManager authenticationManager)
void	setEmailHeaderName(String emailHeaderName)
void	setMellonHeaderPrefix(String mellonHeaderPrefix)
void	setProfileService(ProfileService profileService)
void	setTenantService(TenantService tenantService)
void	setTenantsResolver(TenantsResolver tenantsResolver)
void	setTokenExpectedValue(String tokenExpectedValue)
void	setTokenHeaderName(String tokenHeaderName)
void	setUsernameHeaderName(String usernameHeaderName)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

public static final org.slf4j.Logger logger

DEFAULT_MELLON_HEADER_PREFIX

public static final String DEFAULT_MELLON_HEADER_PREFIX

See Also:

Constant Field Values

DEFAULT_USERNAME_HEADER_NAME

public static final String DEFAULT_USERNAME_HEADER_NAME

See Also:

Constant Field Values

DEFAULT_EMAIL_HEADER_NAME

public static final String DEFAULT_EMAIL_HEADER_NAME

See Also:

Constant Field Values

DEFAULT_TOKEN_HEADER_NAME

public static final String DEFAULT_TOKEN_HEADER_NAME

See Also:

Constant Field Values

tenantService

protected TenantService tenantService

profileService

protected ProfileService profileService

tenantsResolver

protected TenantsResolver tenantsResolver

authenticationManager

protected AuthenticationManager authenticationManager

mellonHeaderPrefix

protected String mellonHeaderPrefix

usernameHeaderName

protected String usernameHeaderName

emailHeaderName

protected String emailHeaderName

tokenHeaderName

protected String tokenHeaderName

tokenExpectedValue

protected String tokenExpectedValue

Constructor Detail

AuthenticationHeadersLoginProcessor

public AuthenticationHeadersLoginProcessor()

Method Detail

setTenantService

public void setTenantService(TenantService tenantService)

setProfileService

public void setProfileService(ProfileService profileService)

setTenantsResolver

public void setTenantsResolver(TenantsResolver tenantsResolver)

setAuthenticationManager

public void setAuthenticationManager(AuthenticationManager authenticationManager)

setMellonHeaderPrefix

public void setMellonHeaderPrefix(String mellonHeaderPrefix)

setUsernameHeaderName

public void setUsernameHeaderName(String usernameHeaderName)

setEmailHeaderName

public void setEmailHeaderName(String emailHeaderName)

setTokenHeaderName

public void setTokenHeaderName(String tokenHeaderName)

setTokenExpectedValue

public void setTokenExpectedValue(String tokenExpectedValue)

getTokenExpectedValue

public String getTokenExpectedValue()

processRequest

public void processRequest(org.craftercms.commons.http.RequestContext context,
                           RequestSecurityProcessorChain processorChain)
                    throws Exception

Description copied from interface: RequestSecurityProcessor

Processes a request, enforcing security when required.

Specified by:

processRequest in interface RequestSecurityProcessor

Parameters:

context - the context which holds the current request and response

processorChain - the RequestSecurityProcessorChain, used to call the next processor

Throws:

Exception

hasValidToken

protected boolean hasValidToken(javax.servlet.http.HttpServletRequest request)

getSsoEnabledTenant

protected Tenant getSsoEnabledTenant(String[] tenantNames)
                              throws ProfileException

Throws:

ProfileException

createProfileWithSsoInfo

protected Profile createProfileWithSsoInfo(String username,
                                           Tenant tenant,
                                           javax.servlet.http.HttpServletRequest request)
                                    throws ProfileException

Throws:

ProfileException