See: Description
| Interface | Description |
|---|---|
| Credentials |
Marker interface for credentials required to authenticate a principal.
|
| CredentialsToPrincipalResolver |
CredentialsToPrincipalResolvers extract information from the Credentials
provided and determine the Principal represented by those credentials.
|
| PersistentIdGenerator |
Generates a unique consistant Id based on the principal, a service, and some
algorithm.
|
| Principal |
Generic concept of an authenticated thing.
|
| RememberMeCredentials |
Credentials that wish to handle remember me scenarios need
to implement this class.
|
| Service |
Marker interface for Services.
|
| WebApplicationService |
Represents a service using CAS that comes from the web.
|
| Class | Description |
|---|---|
| AbstractPersonDirectoryCredentialsToPrincipalResolver | |
| AbstractWebApplicationService |
Abstract implementation of a WebApplicationService.
|
| GoogleAccountsService |
Implementation of a Service that supports Google Accounts (eventually a more
generic SAML2 support will come).
|
| HttpBasedServiceCredentials |
The Credentials representing an HTTP-based service.
|
| HttpBasedServiceCredentialsToPrincipalResolver |
HttpBasedServiceCredentialsToPrincipalResolver extracts the callbackUrl from
the HttpBasedServiceCredentials and constructs a SimpleService with the
callbackUrl as the unique Id.
|
| RememberMeAuthenticationMetaDataPopulator |
Determines if the credentials provided are for Remember Me Services and then sets the appropriate
Authentication attribute if remember me services have been requested.
|
| RememberMeUsernamePasswordCredentials |
Handles both remember me services and username and password.
|
| Response |
Encapsulates a Response to send back for a particular service.
|
| SamlService |
Class to represent that this service wants to use SAML.
|
| ShibbolethCompatiblePersistentIdGenerator |
Generates PersistentIds based on the Shibboleth algorithm.
|
| SimplePrincipal |
Simple implementation of a AttributePrincipal that exposes an unmodifiable
map of attributes.
|
| SimpleWebApplicationServiceImpl |
Represents a service which wishes to use the CAS protocol.
|
| UsernamePasswordCredentials |
UsernamePasswordCredentials respresents the username and password that a user
may provide in order to prove the authenticity of who they say they are.
|
| UsernamePasswordCredentialsToPrincipalResolver |
Implementation of CredentialsToPrincipalResolver for Credentials based on
UsernamePasswordCredentials when a SimplePrincipal (username only) is
sufficient.
|
| Enum | Description |
|---|---|
| Response.ResponseType |
Credentials is a marker interface for an opaque object that may be recognized by Handlers and Resolvers. Credentials may be a Userid/Password, Certificate, RemoteUser, IP address, etc.
When the simple AuthenticationManagerImpl is used, that bean is configured with a list of AuthenticationHandlers that validate Credentials and CredentialsToPrincipalResolvers that turn Credentials into Principal objects.
The Authentication Handler validates Credentials but does not extract information. This seems curious in the simple case when the credentials are a Userid/Password. It becomes clearer for a Certificate. A Certificate is valid if you trust the CA, if it hasn't expired, and if it isn't revoked. You can decide all this, and still not have the foggiest idea what ID to give to the person (if it is a person) reprepsented by the Certificate.
The CredentialsToPrincipalResolver looks into previously validated Credentials to construct a Principal object containing an ID (and in more complex cases some attributes). The DefaultCredentialsToPrincipalResolver takes UsernamePasswordCredentials and creates a SimplePrincipal containing the Userid.
Copyright © 2004-2012 Jasig. All Rights Reserved.