Package com.netscape.cms.authentication
Class PortalEnroll
java.lang.Object
org.dogtagpki.server.authentication.AuthManager
com.netscape.cms.authentication.DirBasedAuthentication
com.netscape.cms.authentication.PortalEnroll
- All Implemented Interfaces:
IExtendedPluginInfo
uid/pwd directory based authentication manager
- Version:
- $Revision$, $Date$
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
static final String
static org.slf4j.Logger
protected static String[]
protected static String[]
protected static final String
protected static final String
protected static final String
protected static final String
protected static final String
protected static final String
protected static final String
protected static final String
Fields inherited from class com.netscape.cms.authentication.DirBasedAuthentication
DEFAULT_DNPATTERN, mBoundConnEnable, mConnFactory, mExtendedPluginInfo, mGroupObjectClass, mGroups, mGroupsBaseDN, mGroupsEnable, mGroupUserIDName, mLdapAttrs, mLdapByteAttrs, mLdapConfig, mLdapStringAttrs, mPattern, mSearchGroupUserByUserdn, mTag, mUserIDName, PROP_DNPATTERN, PROP_GROUP_OBJECT_CLASS, PROP_GROUP_USERID_NAME, PROP_GROUPS, PROP_GROUPS_BASEDN, PROP_GROUPS_ENABLE, PROP_LDAP_BOUND_CONN, PROP_LDAPBYTEATTRS, PROP_LDAPSTRINGATTRS, PROP_SEARCH_GROUP_USER_BY_USERDN, PROP_USERID_NAME, USER_DN
Fields inherited from class org.dogtagpki.server.authentication.AuthManager
AUTHENTICATED_NAME, authenticationConfig, CRED_CERT_SERIAL_TO_REVOKE, CRED_CMC_SELF_SIGNED, CRED_CMC_SIGNING_CERT, CRED_HOST_NAME, CRED_SESSION_ID, CRED_SSL_CLIENT_CERT, engine, mConfig, mImplName, mName
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected String
authenticate
(netscape.ldap.LDAPConnection conn, AuthCredentials authCreds, AuthToken token) Authenticates a user based on uid, pwd in the directory.String[]
Returns a list of configuration parameter names.String[]
This method returns an array of strings.String[]
Returns array of required credentials for this authentication manager.void
init
(ConfigStore config) Initializes this default policy.void
init
(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) Initializes the PortalEnrollment auth manager.void
initLdapAttrs
(netscape.ldap.LDAPSchema dirSchema, String oclass) adds a user to the directory.Methods inherited from class com.netscape.cms.authentication.DirBasedAuthentication
authenticate, formCertInfo, formSubjectName, getLdapAttrs, getLdapByteAttrs, getText, getValueDescriptor, getValueNames, init, isSSLClientRequired, isValueWriteable, populate, setAuthTokenByteValue, setAuthTokenStringValue, setAuthTokenValues, shutdown
Methods inherited from class org.dogtagpki.server.authentication.AuthManager
getAuthenticationConfig, getCMSEngine, getConfigStore, getImplName, getName, getName, setAuthenticationConfig, setCMSEngine
-
Field Details
-
logger
public static org.slf4j.Logger logger -
PROP_AUTHTYPE
- See Also:
-
PROP_BINDDN
- See Also:
-
PROP_BINDPW
- See Also:
-
PROP_HOST
- See Also:
-
PROP_PORT
- See Also:
-
PROP_SECURECONN
- See Also:
-
PROP_VERSION
- See Also:
-
PROP_OBJECTCLASS
- See Also:
-
CRED_UID
- See Also:
-
CRED_PWD
- See Also:
-
mRequiredCreds
-
mConfigParams
-
-
Constructor Details
-
PortalEnroll
Default constructor, initialization must follow.- Throws:
EBaseException
-
-
Method Details
-
init
public void init(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) throws EBaseException Initializes the PortalEnrollment auth manager.- Overrides:
init
in classDirBasedAuthentication
- Parameters:
name
- - The name for this authentication manager instance.implName
- - The name of the authentication manager plugin.config
- - The configuration store for this instance.- Throws:
EBaseException
- If an error occurs during initialization.
-
init
Description copied from class:AuthManager
Initializes this default policy.- Specified by:
init
in classAuthManager
- Parameters:
config
- configuration store- Throws:
EProfileException
- failed to initialize
-
authenticate
protected String authenticate(netscape.ldap.LDAPConnection conn, AuthCredentials authCreds, AuthToken token) throws EBaseException Authenticates a user based on uid, pwd in the directory.- Specified by:
authenticate
in classDirBasedAuthentication
- Parameters:
authCreds
- The authentication credentials.- Returns:
- The user's ldap entry dn.
- Throws:
EInvalidCredentials
- If the uid and password are not validEBaseException
- If an internal error occurs.
-
getConfigParams
Returns a list of configuration parameter names. The list is passed to the configuration console so instances of this implementation can be configured through the console.- Overrides:
getConfigParams
in classAuthManager
- Returns:
- String array of configuration parameter names.
-
getExtendedPluginInfo
Description copied from interface:IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"- Specified by:
getExtendedPluginInfo
in interfaceIExtendedPluginInfo
- Overrides:
getExtendedPluginInfo
in classDirBasedAuthentication
-
getRequiredCreds
Returns array of required credentials for this authentication manager.- Specified by:
getRequiredCreds
in classDirBasedAuthentication
- Returns:
- Array of required credentials.
-
regist
adds a user to the directory.- Parameters:
token
- authentication tokenuid
- the user's id.- Returns:
- dn upon success and null upon failure.
-
initLdapAttrs
-