Class JAASAuthenticationComponent
java.lang.Object
org.alfresco.repo.security.authentication.AbstractAuthenticationComponent
org.alfresco.repo.security.authentication.jaas.JAASAuthenticationComponent
- All Implemented Interfaces:
AuthenticationComponent,AuthenticationContext
JAAS based authentication
The user name and password are picked up from login.
The other configurable parameters are: realm - the authentication realm if required, and the entry name to use from the login context.
You will need to be familiar with the JAAS authentication process to set this up.
In summary you will need to configure java.security (in the lib/security directory of the jre you are using) to find a jaas configuration.
This entry could be used if you want to put the login configuration in the same place (in the lib/security directory of the jre you are using)
login.config.url.1=file:${java.home}/lib/security/java.login.config
Example configuration entries for Kerberos would be:
Alfresco {
com.sun.security.auth.module.Krb5LoginModule sufficient;
};
com.sun.net.ssl.client {
com.sun.security.auth.module.Krb5LoginModule sufficient;
};
other {
com.sun.security.auth.module.Krb5LoginModule sufficient;
};
This sets up authentication using Kerberos for Alfresco and some defaults that would use the same mechanism if sasl failed for example.
You could use kerberos and LDAP combined against an Active Directory server.- Author:
- Andy Hind
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.alfresco.repo.security.authentication.AuthenticationComponent
AuthenticationComponent.UserNameValidationMode -
Field Summary
Fields inherited from class org.alfresco.repo.security.authentication.AbstractAuthenticationComponent
logger -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voidauthenticateImpl(String userName, char[] password) Implement Authenticationprotected booleanJaas does not support guest loginvoidsetJaasConfigEntryName(String jaasConfigEntryName) voidMethods inherited from class org.alfresco.repo.security.authentication.AbstractAuthenticationComponent
authenticate, clearCurrentSecurityContext, getAllowGuestLogin, getCurrentAuthentication, getCurrentUserName, getDefaultAdministratorUserNames, getDefaultGuestUserNames, getGuestUserName, getGuestUserName, getNodeService, getNumberFailedAuthentications, getNumberSuccessfulAuthentications, getPersonService, getSystemUserName, getSystemUserName, getTransactionService, getUserDetails, getUserDomain, guestUserAuthenticationAllowed, isCurrentUserTheSystemUser, isGuestUserName, isSystemUserName, onAuthenticate, onFail, setAllowGuestLogin, setAuthenticationContext, setCurrentAuthentication, setCurrentUser, setCurrentUser, setDefaultAdministratorUserNameList, setDefaultAdministratorUserNames, setDefaultGuestUserNameList, setDefaultGuestUserNames, setGuestUserAsCurrentUser, setNodeService, setPersonService, setSystemUserAsCurrentUser, setSystemUserAsCurrentUser, setTransactionService, setUserDetails, setUserRegistrySynchronizer
-
Constructor Details
-
JAASAuthenticationComponent
public JAASAuthenticationComponent()
-
-
Method Details
-
setJaasConfigEntryName
-
setRealm
-
implementationAllowsGuestLogin
protected boolean implementationAllowsGuestLogin()Jaas does not support guest login- Specified by:
implementationAllowsGuestLoginin classAbstractAuthenticationComponent
-
authenticateImpl
Implement Authentication- Overrides:
authenticateImplin classAbstractAuthenticationComponent- Parameters:
userName- Stringpassword- char[]- Throws:
AuthenticationException
-