Package org.craftercms.security.processors.impl

Class AuthenticationHeadersLoginProcessor

java.lang.Object
org.craftercms.security.processors.impl.AuthenticationHeadersLoginProcessor
All Implemented Interfaces:
RequestSecurityProcessor
public class AuthenticationHeadersLoginProcessor extends Object implements RequestSecurityProcessor
RequestSecurityProcessor that auto logins a user through the headers provided by the Apache mod_auth_mellon SAML authentication module. If the user doesn't exist, it creates it.
Author:
avasquez

  • Field Details

    • logger

      public static final org.slf4j.Logger logger

    • DEFAULT_MELLON_HEADER_PREFIX

      public static final String DEFAULT_MELLON_HEADER_PREFIX
      See Also:

    • DEFAULT_USERNAME_HEADER_NAME

      public static final String DEFAULT_USERNAME_HEADER_NAME
      See Also:

    • DEFAULT_EMAIL_HEADER_NAME

      public static final String DEFAULT_EMAIL_HEADER_NAME
      See Also:

    • DEFAULT_TOKEN_HEADER_NAME

      public static final String DEFAULT_TOKEN_HEADER_NAME
      See Also:

    • tenantService

      protected TenantService tenantService

    • profileService

      protected ProfileService profileService

    • tenantsResolver

      protected TenantsResolver tenantsResolver

    • authenticationManager

      protected AuthenticationManager authenticationManager

    • mellonHeaderPrefix

      protected String mellonHeaderPrefix

    • usernameHeaderName

      protected String usernameHeaderName

    • emailHeaderName

      protected String emailHeaderName

    • tokenHeaderName

      protected String tokenHeaderName

    • tokenExpectedValue

      protected String tokenExpectedValue

  • Constructor Details

  • Method Details

    • setMellonHeaderPrefix

      public void setMellonHeaderPrefix(String mellonHeaderPrefix)

    • setUsernameHeaderName

      public void setUsernameHeaderName(String usernameHeaderName)

    • setEmailHeaderName

      public void setEmailHeaderName(String emailHeaderName)

    • setTokenHeaderName

      public void setTokenHeaderName(String tokenHeaderName)

    • setTokenExpectedValue

      public void setTokenExpectedValue(String tokenExpectedValue)

    • getTokenExpectedValue

      public String getTokenExpectedValue()

    • processRequest

      public void processRequest(org.craftercms.commons.http.RequestContext context, RequestSecurityProcessorChain processorChain) throws Exception
      Description copied from interface: RequestSecurityProcessor
      Processes a request, enforcing security when required.
      Specified by:
      processRequest in interface RequestSecurityProcessor
      Parameters:
      context - the context which holds the current request and response
      processorChain - the RequestSecurityProcessorChain, used to call the next processor
      Throws:
      Exception

    • hasValidToken

      protected boolean hasValidToken(jakarta.servlet.http.HttpServletRequest request)

    • getSsoEnabledTenant

      protected Tenant getSsoEnabledTenant(String[] tenantNames) throws ProfileException
      Throws:
      ProfileException

    • createProfileWithSsoInfo

      protected Profile createProfileWithSsoInfo(String username, Tenant tenant, jakarta.servlet.http.HttpServletRequest request) throws ProfileException
      Throws:
      ProfileException