Overview  Package   Class  Tree  Serialized  Deprecated  Index  Help 

com.ibm.wps.portletservice.credentialvault.credentials
Class HttpFormBasedAuthCredential

java.lang.Object
  extended bycom.ibm.wps.portletservice.credentialvault.credentials.Credential
      extended bycom.ibm.wps.portletservice.credentialvault.credentials.ActiveCredential
          extended bycom.ibm.wps.portletservice.credentialvault.credentials.UserPasswordCredential
              extended bycom.ibm.wps.portletservice.credentialvault.credentials.HttpFormBasedAuthCredential
All Implemented Interfaces:
ActiveCredential, Credential, HttpFormBasedAuthCredential, java.io.Serializable, UserPasswordCredential

Deprecated. since 5.1.0.1, use the Java Portlet API and corresponding IBM portlet services instead

public class HttpFormBasedAuthCredential
extends UserPasswordCredential
implements HttpFormBasedAuthCredential

Credential for authenticating at the back-end via Http Form Based authentication. To be used in following way:

  1. Construct (initialize) the credential
  2. Call login method to authenticate at the back-end system
  3. Get an authenticated Http URL connection from the Credential
  4. Do business calls over the authenticated connection
  5. Finally call logout method to logout at the back-end system
Preconditions:
  • the configuration data passed to the constructor must define following values: KEY_USER_ID_ATTRIBUTE, KEY_PASSWORD_ATTRIBUTE, KEY_LOGIN_POST_URL, KEY_LOGOUT_GET_URL, KEY_FORM_DATA and KEY_USE_AUTH_COOKIES (in addition to the ones required by UserPasswordCredential)
  • loginPostUrl and logoutGetUrl must use HTTP
Assumptions:
  • The logout is performed through a HTTP GET request to the logout url
  • If the Url uses SSL (https://) the JSSE has already been registered
  • If the security information being returned on successful login is not a cookie but url parameters (i.e. URL rewriting is used), then it is assumed that the response to a successful login is an http redirect (the redirect URL can be found in the header field 'Location').

Since:
WP 5.1.0.1
See Also:
Serialized Form

Field Summary
static java.lang.String KEY_FORM_DATA
          Deprecated.  
static java.lang.String KEY_LOGIN_URL
          Deprecated.  
static java.lang.String KEY_LOGOUT_URL
          Deprecated.  
static java.lang.String KEY_PASSWORD_ATTRIBUTE_NAME
          Deprecated.  
static java.lang.String KEY_USE_AUTH_COOKIES
          Deprecated.  
static java.lang.String KEY_USERID_ATTRIBUTE_NAME
          Deprecated.  
 

Fields inherited from class com.ibm.wps.portletservice.credentialvault.credentials.UserPasswordCredential
secret
 

Fields inherited from class com.ibm.wps.portletservice.credentialvault.credentials.Credential
LOGGER_NAME
 

Fields inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.Credential
KEY_CREDENTIAL_SECRET
 

Constructor Summary
HttpFormBasedAuthCredential()
          Deprecated.  
 

Method Summary
 java.net.HttpURLConnection getAuthenticatedConnection(java.lang.String url)
          Deprecated. Returns a new Http URL connection with added authentication data.
 java.net.HttpURLConnection getAuthenticatedConnection(java.net.URL url)
          Deprecated. Returns a new Http URL connection with added authentication data.
 void java.util.Map)">init(java.util.Map config)
          Deprecated. Creates a new HttpFormBasedAuth credential.
 java.net.HttpURLConnection login()
          Deprecated. Performs the HTTP form based login.
 java.net.HttpURLConnection logout()
          Deprecated. Performs the logout through an HTTP GET request to the logoutUrl.
 

Methods inherited from class com.ibm.wps.portletservice.credentialvault.credentials.UserPasswordCredential
getSecretType
 

Methods inherited from class com.ibm.wps.portletservice.credentialvault.credentials.ActiveCredential
isActive
 

Methods inherited from class com.ibm.wps.portletservice.credentialvault.credentials.Credential
checkInitialized
 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Methods inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.UserPasswordCredential
getSecretType
 

Methods inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.ActiveCredential
isActive
 

Field Detail

KEY_USERID_ATTRIBUTE_NAME

public static final java.lang.String KEY_USERID_ATTRIBUTE_NAME
Deprecated. 
See Also:
Constant Field Values

KEY_PASSWORD_ATTRIBUTE_NAME

public static final java.lang.String KEY_PASSWORD_ATTRIBUTE_NAME
Deprecated. 
See Also:
Constant Field Values

KEY_LOGIN_URL

public static final java.lang.String KEY_LOGIN_URL
Deprecated. 
See Also:
Constant Field Values

KEY_LOGOUT_URL

public static final java.lang.String KEY_LOGOUT_URL
Deprecated. 
See Also:
Constant Field Values

KEY_FORM_DATA

public static final java.lang.String KEY_FORM_DATA
Deprecated. 
See Also:
Constant Field Values

KEY_USE_AUTH_COOKIES

public static final java.lang.String KEY_USE_AUTH_COOKIES
Deprecated. 
See Also:
Constant Field Values

Constructor Detail

HttpFormBasedAuthCredential

public HttpFormBasedAuthCredential()
Deprecated. 

Method Detail
java.util.Map)">

init

public void init(java.util.Map config)
          throws CredentialVaultException
Deprecated. 
Creates a new HttpFormBasedAuth credential.

Specified by:
java.util.Map)">init in interface HttpFormBasedAuthCredential
Overrides:
init in class UserPasswordCredential
Parameters:
config - The configuration that is needed to initialize this credential:
  • KEY_CREDENTIAL_SECRET UserPasswordCredentialSecret - the credential's secret (mandatory)
  • KEY_USERID_ATTRIBUTE_NAME String - the name under which the user id is posted (mandatory)
  • KEY_PASSWORD_ATTRIBUTE_NAME String - the name under which the user password is posted (mandatory)
  • KEY_LOGIN_URL String - the url to which the login data is posted (mandatory)
  • KEY_LOGOUT_URL String - the url to which an HTTP GET request is send in order to log out the user (mandatory)
  • KEY_USE_AUTH_COOKIES Boolean - specifies whether the authentication data are cookies [true] or URL rewriting [false] (mandatory)
  • KEY_FORM_DATA List - any additional name=value pairs that need to be posted with the login POST (optional)
Throws:
CredentialVaultException - If any mandatory parameter is missing or has a wrong object type as value.

login

public java.net.HttpURLConnection login()
                                 throws java.io.IOException
Deprecated. 
Performs the HTTP form based login.

Specified by:
login in interface HttpFormBasedAuthCredential
Returns:
HttpURLConnection The connection that was used for the login POST request.
Throws:
java.io.IOException - if the login failed or no cookie has been returned.

logout

public java.net.HttpURLConnection logout()
                                  throws java.io.IOException
Deprecated. 
Performs the logout through an HTTP GET request to the logoutUrl.

Specified by:
logout in interface HttpFormBasedAuthCredential
Returns:
HttpURLConnection The connection that was used for the logout GET request.
Throws:
java.io.IOException - if the logout failed or credential status is not 'logged in'.

getAuthenticatedConnection

public java.net.HttpURLConnection getAuthenticatedConnection(java.lang.String url)
                                                      throws java.io.IOException
Deprecated. 
Returns a new Http URL connection with added authentication data.

Specified by:
getAuthenticatedConnection in interface HttpFormBasedAuthCredential
Parameters:
url - The traget URL for the connection.
Returns:
HttpURLConnection A new authenticated (and yet uncommitted) connection.
Throws:
java.io.IOException - thrown if anything unexpected happens.

getAuthenticatedConnection

public java.net.HttpURLConnection getAuthenticatedConnection(java.net.URL url)
                                                      throws java.io.IOException
Deprecated. 
Returns a new Http URL connection with added authentication data.

Specified by:
getAuthenticatedConnection in interface HttpFormBasedAuthCredential
Parameters:
url - The traget URL for the connection. Note that it need not be opened yet. Note also that this method may only be called if cookies are used for authentication.
Returns:
HttpURLConnection A new authenticated (and yet uncommitted) connection.
Throws:
java.io.IOException - thrown if anything unexpected happens.

Overview  Package   Class  Tree  Serialized  Deprecated  Index  Help 

 

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.

 

IBM is a trademark of the IBM Corporation in the United States, other countries, or both.