See: Description
| Interface | Description |
|---|---|
| Authentication |
The Authentication object represents a successful authentication request.
|
| AuthenticationHandler |
An authentication handler authenticates a single credential.
|
| AuthenticationManager |
Authenticates one or more credentials.
|
| AuthenticationMetaDataPopulator |
An extension point to the Authentication process that allows CAS to provide
additional attributes related to the overall Authentication (such as
authentication type) that are specific to the Authentication request versus
the Principal itself.
|
| AuthenticationPolicy |
Stategy interface for pluggable authentication security policies.
|
| ContextualAuthenticationPolicy<T> |
A stateful authentication policy that is applied using arbitrary contextual information.
|
| ContextualAuthenticationPolicyFactory<T> |
A factory for producing (stateful) authentication policies based on arbitrary context data.
|
| Credential |
Describes an authentication credential.
|
| CredentialMetaData |
Describes a credential provided for authentication.
|
| RememberMeCredential |
Credential that wish to handle remember me scenarios need
to implement this class.
|
| Class | Description |
|---|---|
| AbstractAuthenticationHandler |
Base class for all authentication handlers that support configurable naming.
|
| AbstractCredential |
Base class for CAS credentials that are safe for long-term storage.
|
| AcceptAnyAuthenticationPolicyFactory |
Produces authentication policies that passively satisfy any given
Authentication. |
| AcceptUsersAuthenticationHandler |
Handler that contains a list of valid users and passwords.
|
| AllAuthenticationPolicy |
Authentication security policy that is satisfied iff all given credentials are successfully authenticated.
|
| AnyAuthenticationPolicy |
Authentication policy that is satisfied by at least one successfully authenticated credential.
|
| AuthenticationBuilder |
Constructs immutable
Authentication objects using the builder pattern. |
| BasicCredentialMetaData |
Basic credential metadata implementation that stores the original credential ID and the original credential type.
|
| HandlerResult |
Contains information about a successful authentication produced by an
AuthenticationHandler. |
| HttpBasedServiceCredential |
A credential representing an HTTP endpoint given by a URL.
|
| ImmutableAuthentication |
Immutable authentication event whose attributes may not change after creation.
|
| NotPreventedAuthenticationPolicy |
Authentication policy that defines success as at least one authentication success and no authentication attempts
that were prevented by system errors.
|
| OneTimePasswordCredential |
Describes a one-time-password credential that contains an optional unique identifier and required password.
|
| PolicyBasedAuthenticationManager |
Provides an authenticaiton manager that is inherently aware of multiple credentials and supports pluggable
security policy via the
AuthenticationPolicy component. |
| RememberMeUsernamePasswordCredential |
Handles both remember me services and username and password.
|
| RequiredHandlerAuthenticationPolicy |
Authentication security policy that is satisfied iff a specified authentication handler successfully authenticates
at least one credential.
|
| RequiredHandlerAuthenticationPolicyFactory |
Produces
ContextualAuthenticationPolicy instances that are satisfied iff the given Authentication
was created by authenticating credentials by all handlers named in
RegisteredService.getRequiredHandlers(). |
| SuccessfulHandlerMetaDataPopulator |
Sets an authentication attribute containing the collection of authentication handlers (by name) that successfully
authenticated credential.
|
| UsernamePasswordCredential |
Credential for authenticating with a username and password.
|
| Exception | Description |
|---|---|
| AccountDisabledException |
Describes an authentication error condition where a user account has been administratively disabled.
|
| AccountPasswordMustChangeException |
Describes an authentication error condition where a user account's password must change before login.
|
| AuthenticationException |
Authentication raised by
AuthenticationManager to signal authentication failure. |
| InvalidLoginLocationException |
Describes an error condition where authentication occurs from a location that is disallowed by security policy
applied to the underlying user account.
|
| InvalidLoginTimeException |
Describes an error condition where authentication occurs at a time that is disallowed by security policy
applied to the underlying user account.
|
| MixedPrincipalException |
Describes an error condition where non-identical principals have been resolved while authenticating
multiple credentials.
|
| PreventedException |
Describes an error condition where authentication was prevented for some reason, e.g. communication
error with back-end authentication store.
|
| PrincipalException |
Describes a principal resolution error, which is a subcategory of authentication error.
|
| RootCasException |
Generic CAS exception that sits at the top of the exception hierarchy.
|
| UnresolvedPrincipalException |
Describes an error condition where a principal could not be resolved.
|
Authentication validates the Credentials provided during a /login request. In this context, "Credentials" are an opaque object declared with the Credentials marker interface. The AuthenticationManager typically passes the Credentials to a sequence of plug-in elements to see if any of them can recognize and process the concrete implementing type.
Successful authentication generates a Principal object wrapped in an Authentication object. All these objects must be serializable, and the Authentication becomes part of the TGT in the ticket cache.
Unsucessful authentication must throw an AuthenticationException. The AuthenticationManager may not return null to signal a failure.
Copyright © 2004-2014 Jasig. All Rights Reserved.