org.jasig.cas.authentication.handler.support
Class JaasAuthenticationHandler

java.lang.Object
  org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler
      org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler
          org.jasig.cas.authentication.handler.support.JaasAuthenticationHandler

All Implemented Interfaces:

AuthenticationHandler, NamedAuthenticationHandler

public class JaasAuthenticationHandler
extends AbstractUsernamePasswordAuthenticationHandler

JAAS Authentication Handler for CAAS. This is a simple bridge from CAS' authentication to JAAS.

Using the JAAS Authentication Handler requires you to configure the appropriate JAAS modules. You can specify the location of a jass.conf file using the VM parameter -Djava.security.auth.login.config=$PATH_TO_JAAS_CONF/jaas.conf.

This example jaas.conf would try Kerberos based authentication, then try LDAP authentication CAS { com.sun.security.auth.module.Krb5LoginModule sufficient client=TRUE debug=FALSE useTicketCache=FALSE; edu.uconn.netid.jaas.LDAPLoginModule sufficient
java.naming.provider.url="ldap://ldapserver.my.edu:389/dc=my,dc=edu"
java.naming.security.principal="uid=jaasauth,dc=my,dc=edu"
java.naming.security.credentials="password" Attribute="uid" startTLS="true"; };

Since:

3.0.5

Version:

$Revision: 47522 $ $Date: 2009-12-14 23:33:36 -0500 (Mon, 14 Dec 2009) $

Author:

Matthew J. Smith

See Also:

CallbackHandler, PasswordCallback, NameCallback

Nested Class Summary

protected static class

JaasAuthenticationHandler.UsernamePasswordCallbackHandler A simple JAAS CallbackHandler which accepts a Name String and Password String in the constructor.

Field Summary

Fields inherited from class org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

log

Constructor Summary

JaasAuthenticationHandler()

Method Summary

protected boolean	authenticateUsernamePasswordInternal(UsernamePasswordCredentials credentials) Abstract convenience method that assumes the credentials passed in are a subclass of UsernamePasswordCredentials.
void	setRealm(java.lang.String realm)

Methods inherited from class org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler

doAuthentication, getPasswordEncoder, getPrincipalNameTransformer, setClassToSupport, setPasswordEncoder, setPrincipalNameTransformer, setSupportSubClasses, supports

Methods inherited from class org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

authenticate, getName, postAuthenticate, preAuthenticate, setName

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JaasAuthenticationHandler

public JaasAuthenticationHandler()

Method Detail

authenticateUsernamePasswordInternal

protected final boolean authenticateUsernamePasswordInternal(UsernamePasswordCredentials credentials)
                                                      throws AuthenticationException

Description copied from class: AbstractUsernamePasswordAuthenticationHandler

Abstract convenience method that assumes the credentials passed in are a subclass of UsernamePasswordCredentials.

Specified by:

authenticateUsernamePasswordInternal in class AbstractUsernamePasswordAuthenticationHandler

Parameters:

credentials - the credentials representing the Username and Password presented to CAS

Returns:

true if the credentials are authentic, false otherwise.

Throws:

AuthenticationException - if authenticity cannot be determined.

setRealm

public void setRealm(java.lang.String realm)