Package ch.tocco.nice2.sso.impl

Class OpenIdAuthenticationHandler

java.lang.Object

ch.tocco.nice2.sso.impl.OpenIdAuthenticationHandler

All Implemented Interfaces:

AuthenticationHandler

@Component
@Order(200)
public class OpenIdAuthenticationHandler
extends Object
implements AuthenticationHandler

Field Summary

Fields

Modifier and Type	Field	Description
static final int	ORDER

Fields inherited from interface ch.tocco.nice2.security.spi.auth.AuthenticationHandler

ANONYMOUS_HANDLER_ORDER, API_KEY_PK_ATTRIBUTE, PRINCIPAL_PK_ATTRIBUTE, SESSION_HASH_HANDLER_ORDER, SESSION_ID_ATTRIBUTE

Constructor Summary

Constructors

Constructor	Description
OpenIdAuthenticationHandler(Context context, EntityDefaultValueService entityDefaultValueService, QueryBuilderFactory queryBuilderFactory, SecurityManager securityManager, ScriptListenerService scriptListenerService, OpenIdHelperService openIdHelperService)

Method Summary

Modifier and Type	Method	Description
void	authenticate(Challenge challenge, Credentials credentials)	Authenticates the given challenge by voting for or against it.
String	getName()	Return a name of this handler, used for logging.
void	postAuthenticate(Challenge challenge)	After authentication has been successful for all registered AuthenticationHandlers, the post-authentication step is invoked to add more authorization information to the principal which is sure to be not null and authenticated when this method is invoked.
void	setSupportLoginsEnabled(boolean supportLoginsEnabled)
boolean	updateCredentials(Credentials oldCredentials, Credentials newCredentials)	Updates the credentials for this handler.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface ch.tocco.nice2.security.spi.auth.AuthenticationHandler

postEventListeners

Field Details

ORDER

public static final int ORDER

See Also:

• Constant Field Values

Constructor Details

OpenIdAuthenticationHandler

public OpenIdAuthenticationHandler(Context context,
 EntityDefaultValueService entityDefaultValueService,
 QueryBuilderFactory queryBuilderFactory,
 SecurityManager securityManager,
 ScriptListenerService scriptListenerService,
 OpenIdHelperService openIdHelperService)

Method Details

getName

public String getName()

Description copied from interface: AuthenticationHandler

Return a name of this handler, used for logging.

Specified by:

getName in interface AuthenticationHandler

authenticate

public void authenticate(Challenge challenge,
 Credentials credentials)

Description copied from interface: AuthenticationHandler

Authenticates the given challenge by voting for or against it.

If the supplied credentials are unknown to this handler, it may not vote at all, indicating no meaningful knowledge about the challenge.

Specified by:

authenticate in interface AuthenticationHandler

Parameters:

challenge - the authentication challenge

credentials - the credentials supplied by client in case of non-recoverable error. An exception will immediately stop authentication process to failed state.

postAuthenticate

public void postAuthenticate(Challenge challenge)

Description copied from interface: AuthenticationHandler

After authentication has been successful for all registered AuthenticationHandlers, the post-authentication step is invoked to add more authorization information to the principal which is sure to be not null and authenticated when this method is invoked.

This handler may also decide in this step to give a new vote for this challenge which overrides the previously given vote.

If this throws any exception, authentication process is immediately stopped to failed state.

Specified by:

postAuthenticate in interface AuthenticationHandler

Parameters:

challenge - the challenge to authenticate

updateCredentials

public boolean updateCredentials(Credentials oldCredentials,
 Credentials newCredentials)

Description copied from interface: AuthenticationHandler

Updates the credentials for this handler.

If this handler is not supporting this, return false

.

In case of an exception, the whole process is stopped immediately.

Specified by:

updateCredentials in interface AuthenticationHandler

Parameters:

oldCredentials - the old credentials are used to get the principal

newCredentials - the new credentials to set. authentication handlers should only support their sepcific type of credentials

Returns:

true if credentials were updated successfully, false if skipped

setSupportLoginsEnabled

@Value("${nice2.userbase.supportLoginsEnabled}")
public void setSupportLoginsEnabled(boolean supportLoginsEnabled)