public class WsGrouperLdapAuthentication extends java.lang.Object implements WsCustomAuthentication
ldap bind authentication for grouper, settings are specified in grouper-ws.properties, and the grouper-loader.properties note: this can be used for rest and soap, though it is not a bastion of security: 1. for soap, ws-security would be better since a ticket is passed instead of user/pass 2. for rest, Im not sure there is another option 3. the user/pass is transmitted in basic auth, so make sure SSL is on 4. if using proxied web services, the password goes to the middle component
| Constructor and Description |
|---|
WsGrouperLdapAuthentication() |
| Modifier and Type | Method and Description |
|---|---|
static boolean |
authenticateLdap(java.lang.String principal,
java.lang.String password)
see if a user and pass are correct with ldap
|
static void |
main(java.lang.String[] args) |
java.lang.String |
retrieveLoggedInSubjectId(javax.servlet.http.HttpServletRequest httpServletRequest)
retrieve the current username (subjectId) from the request object.
|
public static void main(java.lang.String[] args)
throws java.lang.Exception
args - java.lang.Exceptionpublic java.lang.String retrieveLoggedInSubjectId(javax.servlet.http.HttpServletRequest httpServletRequest)
throws java.lang.RuntimeException
WsCustomAuthenticationretrieveLoggedInSubjectId in interface WsCustomAuthenticationWsInvalidQueryException - if there is a problemjava.lang.RuntimeExceptionWsCustomAuthentication.retrieveLoggedInSubjectId(javax.servlet.http.HttpServletRequest)public static boolean authenticateLdap(java.lang.String principal,
java.lang.String password)
principal - password -