Package com.netscape.cms.authentication
Class FlatFileAuth
java.lang.Object
com.netscape.cms.authentication.FlatFileAuth
- All Implemented Interfaces:
IExtendedPluginInfo
,ProfileAuthenticator
,AuthManager
This represents the authentication manager that authenticates
user against a file where id, and password are stored.
- Version:
- $Revision$, $Date$
-
Field Summary
FieldsModifier and TypeFieldDescriptionHashtable of entries from Auth File.protected String
static org.slf4j.Logger
protected String
protected AuthManagerConfig
configuration storeprotected static String[]
protected boolean
protected long
protected String
protected String
name of the authentication manager pluginprotected String
protected String
name of this authentication manager instanceprotected static final String
protected static final String
protected static final String
protected static final String
Fields inherited from interface org.dogtagpki.server.authentication.AuthManager
CRED_CERT_SERIAL_TO_REVOKE, CRED_CMC_SELF_SIGNED, CRED_CMC_SIGNING_CERT, CRED_HOST_NAME, CRED_SESSION_ID, CRED_SSL_CLIENT_CERT
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
Fields inherited from interface com.netscape.cms.profile.ProfileAuthenticator
AUTHENTICATED_NAME
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionauthenticate
(IAuthCredentials authCred) Authenticate the requestString[]
Returns a list of configuration parameters, so the console can prompt the user when configuring.Returns the configuration store used by this authentication managerString[]
This method returns an array of strings.Get name of authentication manager plugin.getName()
Get the name of this authentication manager instance.Retrieves the localizable name of this policy.protected boolean
getPropertyB
(String propertyName, boolean b) Get the named property, If the property is not set, use b as the default, and create a new value for the property in the config file.protected String
getPropertyS
(String propertyName, String s) Get the named property If the property is not set, use s as the default, and create a new value for the property in the config file.String[]
Return a list of HTTP parameters which will be taken from the request posting and placed into the AuthCredentials block Note that this method will not be called until after the init() method is calledRetrieves the localizable description of this policy.getValueDescriptor
(Locale locale, String name) Retrieves the descriptor of the given value property by name.Retrieves a list of names of the value parameter.void
init
(Profile profile, ConfigStore config) Initializes this default policy.void
init
(String name, String implName, AuthManagerConfig config) Initialize this authentication manager.boolean
Checks if this authenticator requires SSL client authentication.boolean
isValueWriteable
(String name) Checks if the value of the given property should be serializable into the request.void
populate
(IAuthToken token, Request request) Populates authentication specific information into the request for auditing purposes.Read a file with the following format:void
shutdown()
Prepare this authentication manager for a shutdown.String[]
unionOfStrings
(String[][] stringArrays) Return a string array which is the union of all the string arrays passed in.
-
Field Details
-
logger
public static org.slf4j.Logger logger -
PROP_FILENAME
- See Also:
-
PROP_KEYATTRIBUTES
- See Also:
-
PROP_AUTHATTRS
- See Also:
-
PROP_DEFERONFAILURE
- See Also:
-
mFilename
-
mFileLastRead
protected long mFileLastRead -
mKeyAttributes
-
mAuthAttrs
-
mDeferOnFailure
protected boolean mDeferOnFailure -
mConfigParams
-
mName
name of this authentication manager instance -
FFAUTH
-
mImplName
name of the authentication manager plugin -
mConfig
configuration store -
entries
Hashtable of entries from Auth File. Hash index is the concatenation of the attributes from matchAttributes property
-
-
Constructor Details
-
FlatFileAuth
public FlatFileAuth()
-
-
Method Details
-
getExtendedPluginInfo
Description copied from interface:IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"- Specified by:
getExtendedPluginInfo
in interfaceIExtendedPluginInfo
-
getPropertyS
Get the named property If the property is not set, use s as the default, and create a new value for the property in the config file.- Parameters:
propertyName
- Property names
- The default value of the property- Throws:
EBaseException
-
isSSLClientRequired
public boolean isSSLClientRequired()Description copied from interface:ProfileAuthenticator
Checks if this authenticator requires SSL client authentication.- Specified by:
isSSLClientRequired
in interfaceProfileAuthenticator
- Returns:
- client authentication required or not
-
getPropertyB
Get the named property, If the property is not set, use b as the default, and create a new value for the property in the config file.- Parameters:
propertyName
- Property nameb
- The default value of the property- Throws:
EBaseException
-
init
Description copied from interface:AuthManager
Initialize this authentication manager.- Specified by:
init
in interfaceAuthManager
- Parameters:
name
- The name of this authentication manager instance.implName
- The name of the authentication manager plugin.config
- The configuration store for this authentication manager.- Throws:
EBaseException
- If an initialization error occurred.
-
unionOfStrings
Return a string array which is the union of all the string arrays passed in. The strings are treated as case sensitive -
readFile
protected Hashtable<String,Hashtable<String, readFileString>> (File f, String[] keys) throws IOException Read a file with the following format:param1: valuea param2: valueb -blank-line- param1: valuec param2: valued
- Parameters:
f
- The file to readkeys
- The parameters to concat together to form the hash key- Returns:
- a hashtable of hashtables.
- Throws:
IOException
-
authenticate
public IAuthToken authenticate(IAuthCredentials authCred) throws EMissingCredential, EInvalidCredentials, EBaseException Authenticate the request- Specified by:
authenticate
in interfaceAuthManager
- Parameters:
authCred
- The authentication credentials- Returns:
- authentication token
- Throws:
EMissingCredential
- If a required credential for this authentication manager is missing.EInvalidCredentials
- If credentials cannot be authenticated.EBaseException
- If an internal error occurred.
-
getRequiredCreds
Return a list of HTTP parameters which will be taken from the request posting and placed into the AuthCredentials block Note that this method will not be called until after the init() method is called- Specified by:
getRequiredCreds
in interfaceAuthManager
- Returns:
- The required credential attributes.
-
getConfigParams
Returns a list of configuration parameters, so the console can prompt the user when configuring.- Specified by:
getConfigParams
in interfaceAuthManager
- Returns:
- a list of configuration parameters.
-
getConfigStore
Returns the configuration store used by this authentication manager- Specified by:
getConfigStore
in interfaceAuthManager
- Specified by:
getConfigStore
in interfaceProfileAuthenticator
- Returns:
- configuration store
-
shutdown
public void shutdown()Description copied from interface:AuthManager
Prepare this authentication manager for a shutdown. Called when the server is exiting for any cleanup needed.- Specified by:
shutdown
in interfaceAuthManager
-
getName
Description copied from interface:AuthManager
Get the name of this authentication manager instance.- Specified by:
getName
in interfaceAuthManager
- Returns:
- the name of this authentication manager.
-
getImplName
Description copied from interface:AuthManager
Get name of authentication manager plugin.- Specified by:
getImplName
in interfaceAuthManager
- Returns:
- the name of the authentication manager plugin.
-
init
Description copied from interface:ProfileAuthenticator
Initializes this default policy.- Specified by:
init
in interfaceProfileAuthenticator
- Parameters:
profile
- owner of this authenticatorconfig
- configuration store- Throws:
EProfileException
- failed to initialize
-
getName
Retrieves the localizable name of this policy.- Specified by:
getName
in interfaceProfileAuthenticator
- Parameters:
locale
- end user locale- Returns:
- localized authenticator name
-
getValueNames
Retrieves a list of names of the value parameter.- Specified by:
getValueNames
in interfaceProfileAuthenticator
- Returns:
- a list of property names
-
isValueWriteable
Description copied from interface:ProfileAuthenticator
Checks if the value of the given property should be serializable into the request. Passsword or other security-related value may not be desirable for storage.- Specified by:
isValueWriteable
in interfaceProfileAuthenticator
- Parameters:
name
- property name- Returns:
- true if the property is not security related
-
getValueDescriptor
Description copied from interface:ProfileAuthenticator
Retrieves the descriptor of the given value property by name.- Specified by:
getValueDescriptor
in interfaceProfileAuthenticator
- Parameters:
locale
- user localename
- property name- Returns:
- descriptor of the requested property
-
populate
Description copied from interface:ProfileAuthenticator
Populates authentication specific information into the request for auditing purposes.- Specified by:
populate
in interfaceProfileAuthenticator
- Parameters:
token
- authentication tokenrequest
- request- Throws:
EProfileException
- failed to populate
-
getText
Retrieves the localizable description of this policy.- Specified by:
getText
in interfaceProfileAuthenticator
- Parameters:
locale
- end user locale- Returns:
- localized authenticator description
-