org.jasig.cas.authentication.handler.support

Class JaasAuthenticationHandler

java.lang.Object

org.jasig.cas.authentication.AbstractAuthenticationHandler

org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler

org.jasig.cas.authentication.handler.support.JaasAuthenticationHandler

All Implemented Interfaces:

AuthenticationHandler

public class JaasAuthenticationHandler
extends AbstractUsernamePasswordAuthenticationHandler

JAAS Authentication Handler for CAAS. This is a simple bridge from CAS' authentication to JAAS.

Using the JAAS Authentication Handler requires you to configure the appropriate JAAS modules. You can specify the location of a jass.conf file using the following VM parameter:

 -Djava.security.auth.login.config=$PATH_TO_JAAS_CONF/jaas.conf
 

This example jaas.conf would try Kerberos based authentication, then try LDAP authentication:

 CAS {
   com.sun.security.auth.module.Krb5LoginModule sufficient
     client=TRUE
     debug=FALSE
     useTicketCache=FALSE;
   edu.uconn.netid.jaas.LDAPLoginModule sufficient
     java.naming.provider.url="ldap://ldapserver.my.edu:389/dc=my,dc=edu"
     java.naming.security.principal="uid=jaasauth,dc=my,dc=edu"
     java.naming.security.credentials="password"
     Attribute="uid"
     startTLS="true";
 };
 

Since:

3.0.5

Author:

Matthew J. Smith, Marvin S. Addison

See Also:

CallbackHandler, PasswordCallback, NameCallback

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
protected static class	JaasAuthenticationHandler.UsernamePasswordCallbackHandler A simple JAAS CallbackHandler which accepts a Name String and Password String in the constructor.

Field Summary

Fields inherited from class org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

logger

Constructor Summary

Constructors

Constructor and Description
JaasAuthenticationHandler()

Method Summary

Methods

Modifier and Type	Method and Description
protected HandlerResult	authenticateUsernamePasswordInternal(UsernamePasswordCredential credential) Authenticates a username/password credential by an arbitrary strategy.
void	setRealm(String realm)

Methods inherited from class org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler

createHandlerResult, doAuthentication, getPasswordEncoder, getPasswordPolicyConfiguration, getPrincipalNameTransformer, setPasswordEncoder, setPasswordPolicyConfiguration, setPrincipalNameTransformer, supports

Methods inherited from class org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler

authenticate, postAuthenticate, preAuthenticate

Methods inherited from class org.jasig.cas.authentication.AbstractAuthenticationHandler

getName, setName

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JaasAuthenticationHandler

public JaasAuthenticationHandler()

Method Detail

authenticateUsernamePasswordInternal

protected final HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential credential)
                                                            throws GeneralSecurityException,
                                                                   PreventedException

Authenticates a username/password credential by an arbitrary strategy.

Specified by:

authenticateUsernamePasswordInternal in class AbstractUsernamePasswordAuthenticationHandler

Parameters:

credential - the credential object bearing the transformed username and password.

Returns:

HandlerResult resolved from credential on authentication success or null if no principal could be resolved from the credential.

Throws:

GeneralSecurityException - On authentication failure.

PreventedException - On the indeterminate case when authentication is prevented.

setRealm

public void setRealm(String realm)