com.ibm.wps.portletservice.credentialvault.credentials
Class HttpFormBasedAuthCredential
java.lang.Object
com.ibm.wps.portletservice.credentialvault.credentials.Credential
com.ibm.wps.portletservice.credentialvault.credentials.ActiveCredential
com.ibm.wps.portletservice.credentialvault.credentials.UserPasswordCredential
com.ibm.wps.portletservice.credentialvault.credentials.HttpFormBasedAuthCredential
- All Implemented Interfaces:
- ActiveCredential, Credential, HttpFormBasedAuthCredential, java.io.Serializable, UserPasswordCredential
Deprecated. since 5.1.0.1, use the Java Portlet API and corresponding IBM portlet services instead
- public class HttpFormBasedAuthCredential
- extends UserPasswordCredential
- implements HttpFormBasedAuthCredential
Credential for authenticating at the back-end via Http Form Based authentication.
To be used in following way:
- Construct (initialize) the credential
- Call login method to authenticate at the back-end system
- Get an authenticated Http URL connection from the Credential
- Do business calls over the authenticated connection
- Finally call logout method to logout at the back-end system
Preconditions:
- the configuration data passed to the constructor must define following values:
KEY_USER_ID_ATTRIBUTE, KEY_PASSWORD_ATTRIBUTE, KEY_LOGIN_POST_URL, KEY_LOGOUT_GET_URL, KEY_FORM_DATA and KEY_USE_AUTH_COOKIES
(in addition to the ones required by UserPasswordCredential)
- loginPostUrl and logoutGetUrl must use HTTP
Assumptions:
- The logout is performed through a HTTP GET request to the logout url
- If the Url uses SSL (https://) the JSSE has already been registered
- If the security information being returned on successful login is not a cookie but url parameters (i.e. URL rewriting is used),
then it is assumed that the response to a successful login is an http redirect (the redirect URL can be found in the header field 'Location').
- Since:
- WP 5.1.0.1
- See Also:
- Serialized Form
Fields inherited from class com.ibm.wps.portletservice.credentialvault.credentials.Credential
LOGGER_NAME
| |
Method Summary
java.net.HttpURLConnection
| getAuthenticatedConnection(java.lang.String url)
Deprecated. Returns a new Http URL connection with added authentication data.
java.net.HttpURLConnection
| getAuthenticatedConnection(java.net.URL url)
Deprecated. Returns a new Http URL connection with added authentication data.
void
| java.util.Map)">init(java.util.Map config)
Deprecated. Creates a new HttpFormBasedAuth credential.
java.net.HttpURLConnection
| login()
Deprecated. Performs the HTTP form based login.
java.net.HttpURLConnection
| logout()
Deprecated. Performs the logout through an HTTP GET request to the logoutUrl.
| | | | | |
Methods inherited from class java.lang.Object
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
|
KEY_USERID_ATTRIBUTE_NAME
public static final java.lang.String KEY_USERID_ATTRIBUTE_NAME
- Deprecated.
- See Also:
- Constant Field Values
KEY_PASSWORD_ATTRIBUTE_NAME
public static final java.lang.String KEY_PASSWORD_ATTRIBUTE_NAME
- Deprecated.
- See Also:
- Constant Field Values
KEY_LOGIN_URL
public static final java.lang.String KEY_LOGIN_URL
- Deprecated.
- See Also:
- Constant Field Values
KEY_LOGOUT_URL
public static final java.lang.String KEY_LOGOUT_URL
- Deprecated.
- See Also:
- Constant Field Values
KEY_FORM_DATA
public static final java.lang.String KEY_FORM_DATA
- Deprecated.
- See Also:
- Constant Field Values
KEY_USE_AUTH_COOKIES
public static final java.lang.String KEY_USE_AUTH_COOKIES
- Deprecated.
- See Also:
- Constant Field Values
HttpFormBasedAuthCredential
public HttpFormBasedAuthCredential()
- Deprecated.
java.util.Map)">
init
public void init(java.util.Map config)
throws CredentialVaultException
- Deprecated.
- Creates a new HttpFormBasedAuth credential.
- Specified by:
- java.util.Map)">init in interface HttpFormBasedAuthCredential
- Overrides:
- init in class UserPasswordCredential
- Parameters:
- config - The configuration that is needed to initialize this credential:
- KEY_CREDENTIAL_SECRET UserPasswordCredentialSecret - the credential's secret (mandatory)
- KEY_USERID_ATTRIBUTE_NAME String - the name under which the user id is posted (mandatory)
- KEY_PASSWORD_ATTRIBUTE_NAME String - the name under which the user password is posted (mandatory)
- KEY_LOGIN_URL String - the url to which the login data is posted (mandatory)
- KEY_LOGOUT_URL String - the url to which an HTTP GET request is send in order to log out the user (mandatory)
- KEY_USE_AUTH_COOKIES Boolean - specifies whether the authentication data are cookies [true] or URL rewriting [false] (mandatory)
- KEY_FORM_DATA List - any additional
name=value pairs that need to be posted with the login POST (optional)
- Throws:
- CredentialVaultException - If any mandatory parameter is missing or has a wrong object type as value.
login
public java.net.HttpURLConnection login()
throws java.io.IOException
- Deprecated.
- Performs the HTTP form based login.
- Specified by:
- login in interface HttpFormBasedAuthCredential
- Returns:
- HttpURLConnection
The connection that was used for the login POST request.
- Throws:
- java.io.IOException - if the login failed or no cookie has been returned.
logout
public java.net.HttpURLConnection logout()
throws java.io.IOException
- Deprecated.
- Performs the logout through an HTTP GET request to the logoutUrl.
- Specified by:
- logout in interface HttpFormBasedAuthCredential
- Returns:
- HttpURLConnection
The connection that was used for the logout GET request.
- Throws:
- java.io.IOException - if the logout failed or credential status is not 'logged in'.
getAuthenticatedConnection
public java.net.HttpURLConnection getAuthenticatedConnection(java.lang.String url)
throws java.io.IOException
- Deprecated.
- Returns a new Http URL connection with added authentication data.
- Specified by:
- getAuthenticatedConnection in interface HttpFormBasedAuthCredential
- Parameters:
- url - The traget URL for the connection.
- Returns:
- HttpURLConnection
A new authenticated (and yet uncommitted) connection.
- Throws:
- java.io.IOException - thrown if anything unexpected happens.
getAuthenticatedConnection
public java.net.HttpURLConnection getAuthenticatedConnection(java.net.URL url)
throws java.io.IOException
- Deprecated.
- Returns a new Http URL connection with added authentication data.
- Specified by:
- getAuthenticatedConnection in interface HttpFormBasedAuthCredential
- Parameters:
- url - The traget URL for the connection. Note that it need not be opened yet.
Note also that this method may only be called if cookies are used for authentication.
- Returns:
- HttpURLConnection
A new authenticated (and yet uncommitted) connection.
- Throws:
- java.io.IOException - thrown if anything unexpected happens.
WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.