com.ibm.websphere.security
Class SSOAuthenticatorjava.lang.Objec | +--com.ibm.websphere.security.SSOAuthenticator
Deprecated.
As of WAS 4.0, replaced by FormBasedLogin. Custom Login implementation should be modified to use FormBasedLogin (in WAS 4.0), the Servlet filter (Servelt 2.3 Spec.in WAS 5.0), and JAAS Programming model (in WAS 5.0).
- public class
SSOAuthenticator
- extends java.lang.Object
SSOAuthenticator is a helper class that helps users to exploit WebSphere's Single Sign-On (SSO) feature. This class can be used by servlet developers to write servlets to perform custom login. For example, a login.html page might contain a set of textfields (e.g., userid, password) and a submit button. Action associated with the submi action can invoke a servlet e.g, CustomLoginServlet. The servlet can pull the userid and password information out of the form. It can use the SSOAuthenticator to login the user. It can call the login(userid, password, req, res) method by passing in the userid, password and the HttpServletRequest and HttpServletResponse objects. The method will perform authentication and set up a single sign on cookie. This requires that security is enabled, LTPA is the selected authentication mechanism and the Single Sign-On feature is also enabled. Without any of these pre-reqs, the construction of the SSOAuthentication will throw a IllegalStateException.
Constructor Summary
SSOAuthenticator()
Deprecated.
As of WAS 4.0, replaced by JAAS programming model in WAS 5.0.
Method Summary
java.lang.String getLTPACookieValue(org.omg.SecurityLevel2.Credentials credentials)
Deprecated.
Replaced by servlet filter.java.lang.String javax.servlet.http.HttpServletResponse)">getRefererURL(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
Deprecated.
java.lang.String getSSOCookieName()
Deprecated.
This method returns the SSO cookie name.org.omg.SecurityLevel2.Credentials java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)">login(java.lang.String userid, java.lang.String password, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
Deprecated.
Replaced by JAAS programming model LoginContext login.org.omg.SecurityLevel2.Credentials java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean)">login(java.lang.String userid, java.lang.String password, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, boolean force_auth)
Deprecated.
Replaced by JAAS programming model LoginContext login.void javax.servlet.http.HttpServletResponse)">logout(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
Deprecated.
Replaced by JAAS programming model LoginContext logout.
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Constructor Detail
SSOAuthenticator
publicSSOAuthenticator
() throws java.lang.IllegalStateException
Deprecated.
As of WAS 4.0, replaced by JAAS programming model in WAS 5.0.
- Constructing SSOAuthenticator will initialize its state based on the underlying WebSphere config. For a successful construction: WebSphere's security should be enabled, LTPA authentication mechanism should be the selected authentication mechanism, Single Sign-On should be enabled If any of the above conditions are not met, constructor will throw an IllegalStateException
Throws:
- java.lang.IllegalStateException -
java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)">
Method Detail
login
public org.omg.SecurityLevel2.Credentialslogin
(java.lang.String userid, java.lang.String password, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res) throws org.omg.SecurityLevel2.LoginFailed
Deprecated.
Replaced by JAAS programming model LoginContext login.
- The following login method will authenticate the user based on the userid and password values. If authentication is successful, it will create a SSO cookie based on the SSO config and will set the cookie on the response header. If authentication fails, it will throw a org.omg.SecurityLevel2.LoginFailed exception. This method returns the credentials based on successful login.
Parameters:
- userid - userid of the user
- password - password of the user
- req - HttpServletRequest object passed into the servlet's doPost method call
- res - HttpServletResponse object passed into the servlet's doPost method call
- return - CORBA credentials of the user based on successful login
- Throws:
- LoginFailed - exception
java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean)">
login
public org.omg.SecurityLevel2.Credentialslogin
(java.lang.String userid, java.lang.String password, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, boolean force_auth) throws org.omg.SecurityLevel2.LoginFailed
Deprecated.
Replaced by JAAS programming model LoginContext login.
- The following login method will authenticate the user based on the userid and password values if the value for force_auth parameters is set to true. If authentication is successful, it will create a SSO cookie based on the SSO config If the value for force_auth is set to false, then authentication will not be performed.The userid and password will be used to create a SSO cookie. This cookie will be set on the response header. In either case, if authentication is required and if it fails, the method will throw a org.omg.SecurityLevel2.LoginFailed exception
Parameters:
- userid - userid of the user
- password - password of the user
- req - HttpServletRequest object passed into the servlet's doPost method call
- res - HttpServletResponse object passed into the servlet's doPost method call
- force_auth - If authentication is required, this value should be true. If it is se to false, this method will not perform authentication.
- return - CORBA credentials of the user based on successful login
Throws:
- LoginFailed - exception
javax.servlet.http.HttpServletResponse)">
logout
public voidlogout
(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
Deprecated.
Replaced by JAAS programming model LoginContext logout.
- The logout method will log the user out by deleting the SSOCookie. Any subsequen request by the user will be performed only after being authenticated to the system.
Parameters:
- req - HttpServletRequest object passed into the servlet's doPost method call
- res - HttpServletResponse object passed into the servlet's doPost method call
javax.servlet.http.HttpServletResponse)">
getRefererURL
public java.lang.StringgetRefererURL
(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
Deprecated.
getSSOCookieName
public java.lang.StringgetSSOCookieName
()
Deprecated.
- This method returns the SSO cookie name.
Returns:
- SSO cookie name
getLTPACookieValue
public java.lang.StringgetLTPACookieValue
(org.omg.SecurityLevel2.Credentials credentials)
Deprecated.
Replaced by servlet filter.
- This method can be used to obtain a string token which can be used to maintain state management between clients. This state is maintained by default using the HTTP Cookie mechanism. If users want to achieve their own state management (e.g, pass it as parameters to applets), they can use this SSO cookie value.
Parameters:
- userid - userid
- password - user's password
WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.