Class CertUserDBAuthentication
java.lang.Object
org.dogtagpki.server.authentication.AuthManager
com.netscape.cmscore.authentication.CertUserDBAuthentication
Certificate server agent authentication.
Maps a SSL client authenticate certificate to a user (agent) entry in the
internal database.
- Version:
- $Revision$, $Date$
- Author:
- lhsiao, cfu
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic org.slf4j.Logger
protected String[]
static final String
static final String
static final String
Fields inherited from class org.dogtagpki.server.authentication.AuthManager
AUTHENTICATED_NAME, authenticationConfig, CRED_CERT_SERIAL_TO_REVOKE, CRED_CMC_SELF_SIGNED, CRED_CMC_SIGNING_CERT, CRED_HOST_NAME, CRED_SESSION_ID, CRED_SSL_CLIENT_CERT, engine, mConfig, mConfigParams, mImplName, mName
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionauthenticate
(AuthCredentials authCred) authenticates user(agent) by certificateString[]
get the list of authentication credential attribute names required by this authentication manager.Retrieves the localizable description of this policy.getValueDescriptor
(Locale locale, String name) Retrieves the descriptor of the given value property by name.Retrieves a list of names of the property.void
init
(ConfigStore config) Initializes this default policy.void
init
(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) initializes the CertUserDBAuthentication auth managerboolean
Checks if this authenticator requires SSL client authentication.boolean
isValueWriteable
(String name) Checks if the value of the given property should be serializable into the request.void
Populates authentication specific information into the request for auditing purposes.void
shutdown()
prepare this authentication manager for shutdown.Methods inherited from class org.dogtagpki.server.authentication.AuthManager
getAuthenticationConfig, getCMSEngine, getConfigParams, getConfigStore, getImplName, getName, getName, setAuthenticationConfig, setCMSEngine
-
Field Details
-
logger
public static org.slf4j.Logger logger -
TOKEN_USERDN
- See Also:
-
TOKEN_USER_DN
- See Also:
-
TOKEN_UID
- See Also:
-
mRequiredCreds
-
-
Constructor Details
-
CertUserDBAuthentication
public CertUserDBAuthentication()
-
-
Method Details
-
init
public void init(AuthenticationConfig authenticationConfig, String name, String implName, AuthManagerConfig config) throws EBaseException initializes the CertUserDBAuthentication auth managercalled by AuthSubsystem init() method, when initializing all available authentication managers.
- Specified by:
init
in classAuthManager
- Parameters:
name
- The name of this authentication manager instance.implName
- - The authentication subsystem that hosts this auth managerconfig
- - The configuration store used by the authentication subsystem- Throws:
EBaseException
- If an initialization error occurred.
-
init
Description copied from class:AuthManager
Initializes this default policy.- Specified by:
init
in classAuthManager
- Parameters:
config
- configuration store- Throws:
EProfileException
- failed to initialize
-
getText
Description copied from class:AuthManager
Retrieves the localizable description of this policy.- Specified by:
getText
in classAuthManager
- Parameters:
locale
- end user locale- Returns:
- localized authenticator description
-
getValueNames
Description copied from class:AuthManager
Retrieves a list of names of the property.- Specified by:
getValueNames
in classAuthManager
- Returns:
- a list of property names
-
getValueDescriptor
Description copied from class:AuthManager
Retrieves the descriptor of the given value property by name.- Specified by:
getValueDescriptor
in classAuthManager
- Parameters:
locale
- user localename
- property name- Returns:
- descriptor of the requested property
-
isValueWriteable
Description copied from class:AuthManager
Checks if the value of the given property should be serializable into the request. Passsword or other security-related value may not be desirable for storage.- Specified by:
isValueWriteable
in classAuthManager
- Parameters:
name
- property name- Returns:
- true if the property is not security related
-
isSSLClientRequired
public boolean isSSLClientRequired()Description copied from class:AuthManager
Checks if this authenticator requires SSL client authentication.- Specified by:
isSSLClientRequired
in classAuthManager
- Returns:
- client authentication required or not
-
authenticate
public AuthToken authenticate(AuthCredentials authCred) throws EMissingCredential, EInvalidCredentials, EBaseException authenticates user(agent) by certificatecalled by other subsystems or their servlets to authenticate users (agents)
- Specified by:
authenticate
in classAuthManager
- Parameters:
authCred
- - authentication credential that contains an usrgrp.Certificates of the user (agent)- Returns:
- the authentication token that contains the following
- See Also:
-
populate
Description copied from class:AuthManager
Populates authentication specific information into the request for auditing purposes.- Specified by:
populate
in classAuthManager
- Parameters:
token
- authentication tokenrequest
- request- Throws:
EProfileException
- failed to populate
-
getRequiredCreds
get the list of authentication credential attribute names required by this authentication manager. Generally used by the servlets that handle agent operations to authenticate its users. It calls this method to know which are the required credentials from the user (e.g. Javascript form data)- Specified by:
getRequiredCreds
in classAuthManager
- Returns:
- attribute names in Vector
-
shutdown
public void shutdown()prepare this authentication manager for shutdown.- Specified by:
shutdown
in classAuthManager
-