|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.ibm.websphere.security.SSOAuthenticator
SSOAuthenticator
is a helper class that helps users to exploit WebSphere's
Single Sign-On (SSO) feature. This class can be used by servlet developers to write
servlets to perform custom login. For example, a login.html page might contain a set of
textfields (e.g., userid, password) and a submit button. Action associated with the submit
action can invoke a servlet e.g, CustomLoginServlet.
The servlet can pull the userid and password information out of the form. It can use
the SSOAuthenticator to login the user. It can call the
login(userid, password, req, res) method by passing in the userid, password
and the HttpServletRequest and HttpServletResponse objects. The method will perform
authentication and set up a single sign on cookie. This requires that security is enabled,
LTPA is the selected authentication mechanism and the Single Sign-On feature is also enabled.
Without any of these pre-reqs, the construction of the SSOAuthentication will throw
a IllegalStateException.
Constructor Summary | |
---|---|
SSOAuthenticator()
Deprecated. As of WAS 4.0, replaced by JAAS programming model in WAS 5.0. |
Method Summary | |
---|---|
java.lang.String |
getLTPACookieValue(org.omg.SecurityLevel2.Credentials credentials)
Deprecated. Replaced by servlet filter. |
java.lang.String |
getRefererURL(javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Deprecated. |
java.lang.String |
getSSOCookieName()
Deprecated. This method returns the SSO cookie name. |
org.omg.SecurityLevel2.Credentials |
login(java.lang.String userid,
java.lang.String password,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Deprecated. Replaced by JAAS programming model LoginContext login. |
org.omg.SecurityLevel2.Credentials |
login(java.lang.String userid,
java.lang.String password,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res,
boolean force_auth)
Deprecated. Replaced by JAAS programming model LoginContext login. |
void |
logout(javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse res)
Deprecated. Replaced by JAAS programming model LoginContext logout. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public SSOAuthenticator() throws java.lang.IllegalStateException
java.lang.IllegalStateException
- Method Detail |
public org.omg.SecurityLevel2.Credentials login(java.lang.String userid, java.lang.String password, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res) throws org.omg.SecurityLevel2.LoginFailed
userid
- userid of the userpassword
- password of the userreq
- HttpServletRequest object passed into the servlet's doPost method callres
- HttpServletResponse object passed into the servlet's doPost method callreturn
- CORBA credentials of the user based on successful loginLoginFailed
- exceptionpublic org.omg.SecurityLevel2.Credentials login(java.lang.String userid, java.lang.String password, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, boolean force_auth) throws org.omg.SecurityLevel2.LoginFailed
userid
- userid of the userpassword
- password of the userreq
- HttpServletRequest object passed into the servlet's doPost method callres
- HttpServletResponse object passed into the servlet's doPost method callforce_auth
- If authentication is required, this value should be true. If it is set
to false, this method will not perform authentication.return
- CORBA credentials of the user based on successful loginLoginFailed
- exceptionpublic void logout(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
req
- HttpServletRequest object passed into the servlet's doPost method callres
- HttpServletResponse object passed into the servlet's doPost method callpublic java.lang.String getRefererURL(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
public java.lang.String getSSOCookieName()
public java.lang.String getLTPACookieValue(org.omg.SecurityLevel2.Credentials credentials)
userid
- useridpassword
- user's password
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |