Package com.netscape.cms.authentication
Class HashAuthentication
java.lang.Object
org.dogtagpki.server.authentication.AuthManager
com.netscape.cms.authentication.HashAuthentication
- All Implemented Interfaces:
IExtendedPluginInfo
Hash uid/pwd directory based authentication manager
- Version:
- $Revision$, $Date$
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
static final String
static final String
static final String
static final long
static org.slf4j.Logger
protected static String[]
static final String
Fields inherited from class org.dogtagpki.server.authentication.AuthManager
AUTHENTICATED_NAME, authenticationConfig, CRED_CERT_SERIAL_TO_REVOKE, CRED_CMC_SELF_SIGNED, CRED_CMC_SIGNING_CERT, CRED_HOST_NAME, CRED_SESSION_ID, CRED_SSL_CLIENT_CERT, engine, mConfig, mConfigParams, mImplName, mName
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
addAuthToken
(String pageID, AuthToken token) authenticate
(AuthCredentials authCreds) Authenticates a user based on uid, pwd in the directory.void
createEntry
(String host, String dn, long timeout, String secret, long lastLogin) void
deleteToken
(String pageID) void
getAgentName
(String hostname) getAuthToken
(String key) getData()
String[]
This method returns an array of strings.getHosts()
long
getLastLogin
(String hostname) long
String[]
Returns array of required credentials for this authentication manager.Retrieves the localizable description of this policy.long
getTimeout
(String hostname) getValueDescriptor
(Locale locale, String name) Retrieves the descriptor of the given value property by name.Retrieves a list of names of the property.hashFingerprint
(String host, String pageID, String uid) void
init
(ConfigStore config) Initializes this default policy.void
init
(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) Initialize this authentication manager.boolean
boolean
Checks if this authenticator requires SSL client authentication.boolean
isValueWriteable
(String name) Checks if the value of the given property should be serializable into the request.void
Populates authentication specific information into the request for auditing purposes.void
setAgentName
(String hostname, String agentName) void
setLastLogin
(String hostname, long lastlogin) void
void
setTimeout
(String hostname, long timeout) void
shutdown()
Prepare this authentication manager for a shutdown.boolean
validFingerprint
(String host, String pageID, String uid, String fingerprint) Methods inherited from class org.dogtagpki.server.authentication.AuthManager
getAuthenticationConfig, getCMSEngine, getConfigParams, getConfigStore, getImplName, getName, getName, setAuthenticationConfig, setCMSEngine
-
Field Details
-
logger
public static org.slf4j.Logger logger -
SALT
- See Also:
-
CRED_UID
- See Also:
-
CRED_FINGERPRINT
- See Also:
-
CRED_PAGEID
- See Also:
-
CRED_HOST
- See Also:
-
mRequiredCreds
-
DEFAULT_TIMEOUT
public static final long DEFAULT_TIMEOUT- See Also:
-
-
Constructor Details
-
HashAuthentication
public HashAuthentication()Default constructor, initialization must follow.
-
-
Method Details
-
init
public void init(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) throws EBaseException Description copied from class:AuthManager
Initialize this authentication manager.- Specified by:
init
in classAuthManager
name
- The name of this authentication manager instance.implName
- The name of the authentication manager plugin.config
- The configuration store for this authentication manager.- Throws:
EBaseException
- If an initialization error occurred.
-
init
Description copied from class:AuthManager
Initializes this default policy.- Specified by:
init
in classAuthManager
- Parameters:
config
- configuration store- Throws:
EProfileException
- failed to initialize
-
getAuthToken
-
addAuthToken
-
deleteToken
-
getData
-
createEntry
-
disable
-
getAgentName
-
setAgentName
-
isEnable
-
getTimeout
-
setTimeout
-
getSecret
-
setSecret
-
getLastLogin
-
setLastLogin
-
getPageID
public long getPageID() -
validFingerprint
-
getHosts
-
hashFingerprint
-
shutdown
public void shutdown()Description copied from class:AuthManager
Prepare this authentication manager for a shutdown. Called when the server is exiting for any cleanup needed.- Specified by:
shutdown
in classAuthManager
-
authenticate
Authenticates a user based on uid, pwd in the directory.- Specified by:
authenticate
in classAuthManager
- Parameters:
authCreds
- The authentication credentials.- Returns:
- The user's ldap entry dn.
- Throws:
EInvalidCredentials
- If the uid and password are not validEBaseException
- If an internal error occurs.
-
populate
Description copied from class:AuthManager
Populates authentication specific information into the request for auditing purposes.- Specified by:
populate
in classAuthManager
- Parameters:
token
- authentication tokenrequest
- request- Throws:
EProfileException
- failed to populate
-
getRequiredCreds
Returns array of required credentials for this authentication manager.- Specified by:
getRequiredCreds
in classAuthManager
- Returns:
- Array of required credentials.
-
getText
Description copied from class:AuthManager
Retrieves the localizable description of this policy.- Specified by:
getText
in classAuthManager
- Parameters:
locale
- end user locale- Returns:
- localized authenticator description
-
getValueNames
Description copied from class:AuthManager
Retrieves a list of names of the property.- Specified by:
getValueNames
in classAuthManager
- Returns:
- a list of property names
-
getValueDescriptor
Description copied from class:AuthManager
Retrieves the descriptor of the given value property by name.- Specified by:
getValueDescriptor
in classAuthManager
- Parameters:
locale
- user localename
- property name- Returns:
- descriptor of the requested property
-
isValueWriteable
Description copied from class:AuthManager
Checks if the value of the given property should be serializable into the request. Passsword or other security-related value may not be desirable for storage.- Specified by:
isValueWriteable
in classAuthManager
- Parameters:
name
- property name- Returns:
- true if the property is not security related
-
isSSLClientRequired
public boolean isSSLClientRequired()Description copied from class:AuthManager
Checks if this authenticator requires SSL client authentication.- Specified by:
isSSLClientRequired
in classAuthManager
- Returns:
- client authentication required or not
-
getExtendedPluginInfo
Description copied from interface:IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"- Specified by:
getExtendedPluginInfo
in interfaceIExtendedPluginInfo
-