Tree PREV CLASS NEXT CLASS SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD com.ibm.portal.portlet.service.credentialvault.credentials
Interface HttpFormBasedAuthCredential
- All Superinterfaces:
- ActiveCredential, Credential, UserPasswordCredential
Deprecated. Since 8.5.
- All Known Implementing Classes:
- HttpFormBasedAuthCredential
public interface HttpFormBasedAuthCredential- extends UserPasswordCredential
Credential for authenticating at the back-end via Http form based authentication. To be used in following way:
Preconditions:
- Construct (initialize) the credential
- Call login method to authenticate at the back-end system
- Get an authenticated Http URL connection from the credential
- Do business calls over the authenticated connection
- Finally call logout method to logout at the back-end system
Assumptions:
- the configuration data passed to the init method must define following values: KEY_USER_ID_ATTRIBUTE, KEY_PASSWORD_ATTRIBUTE, KEY_LOGIN_POST_URL, KEY_LOGOUT_GET_URL, KEY_FORM_DATA and KEY_USE_AUTH_COOKIES (in addition to the ones required by UserPasswordCredential)
- loginPostUrl and logoutGetUrl must use HTTP
- The logout is performed through a Http GET request to the logout url
- If the Url uses SSL (https://) the JSSE has already been registered
- If the security information being returned on successful login is not a cookie but url parameters (i.e. URL rewriting is used), then it is assumed that the response to a successful login is an http redirect (the redirect URL can be found in the header field 'Location').
- Since:
- 5.1.0.1
Field Summary static java.lang.String KEY_FORM_DATA
Deprecated. Specifies whether the authentication data are cookies [true] or URL rewriting [false] (mandatory).static java.lang.String KEY_LOGIN_URL
Deprecated. The url to which the login data is posted (mandatory).static java.lang.String KEY_LOGOUT_URL
Deprecated. The url to which an HTTP GET request is send in order to log out the user (mandatory).static java.lang.String KEY_PASSWORD_ATTRIBUTE_NAME
Deprecated. The name under which the user password is posted (mandatory).static java.lang.String KEY_USE_AUTH_COOKIES
Deprecated. Any additional name=value.static java.lang.String KEY_USERID_ATTRIBUTE_NAME
Deprecated. The name under which the user id is posted (mandatory).
Fields inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.Credential KEY_CREDENTIAL_SECRET
Method Summary java.net.HttpURLConnection getAuthenticatedConnection(java.lang.String url)
Deprecated. Return a new HttpURLConnection with added authentication data.java.net.HttpURLConnection getAuthenticatedConnection(java.net.URL url)
Deprecated. Return a new HttpURLConnection with added authentication data.void init(java.util.Map<java.lang.String,java.lang.Object> config)
Deprecated. Initializes a new Http Form Based Authentication Credential.java.net.HttpURLConnection login()
Deprecated. Performs the HTTP form based login.java.net.HttpURLConnection logout()
Deprecated. Performs the logout through an HTTP GET request to the logout Url.
Methods inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.UserPasswordCredential getSecretType
Methods inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.ActiveCredential isActive
Field Detail KEY_USERID_ATTRIBUTE_NAME
static final java.lang.String KEY_USERID_ATTRIBUTE_NAME
- Deprecated.
- The name under which the user id is posted (mandatory).
- See Also:
- Constant Field Values
KEY_PASSWORD_ATTRIBUTE_NAME
static final java.lang.String KEY_PASSWORD_ATTRIBUTE_NAME
- Deprecated.
- The name under which the user password is posted (mandatory).
- See Also:
- Constant Field Values
KEY_LOGIN_URL
static final java.lang.String KEY_LOGIN_URL
- Deprecated.
- The url to which the login data is posted (mandatory).
- See Also:
- Constant Field Values
KEY_LOGOUT_URL
static final java.lang.String KEY_LOGOUT_URL
- Deprecated.
- The url to which an HTTP GET request is send in order to log out the user (mandatory).
- See Also:
- Constant Field Values
KEY_FORM_DATA
static final java.lang.String KEY_FORM_DATA
- Deprecated.
- Specifies whether the authentication data are cookies [true] or URL rewriting [false] (mandatory).
- See Also:
- Constant Field Values
KEY_USE_AUTH_COOKIES
static final java.lang.String KEY_USE_AUTH_COOKIES
- Deprecated.
- Any additional name=value.
- See Also:
- Constant Field Values
Method Detail init
void init(java.util.Map<java.lang.String,java.lang.Object> config) throws CredentialVaultException
- Deprecated.
- Initializes a new Http Form Based Authentication Credential.
- Specified by:
- init in interface Credential
- Specified by:
- init in interface UserPasswordCredential
- Parameters:
- config - The configuration that is needed to initialize this credential:
- KEY_CREDENTIAL_SECRET UserPasswordCredentialSecret - the credential's secret (mandatory)
- KEY_USERID_ATTRIBUTE_NAME String - the name under which the user id is posted (mandatory)
- KEY_PASSWORD_ATTRIBUTE_NAME String - the name under which the user password is posted (mandatory)
- KEY_LOGIN_URL String - the url to which the login data is posted (mandatory)
- KEY_LOGOUT_URL String - the url to which an HTTP GET request is send in order to log out the user (mandatory)
- KEY_USE_AUTH_COOKIES Boolean - specifies whether the authentication data are cookies [true] or URL rewriting [false] (mandatory)
- KEY_FORM_DATA List - any additional name=value pairs that need to be posted with the login POST (optional)
- Throws:
- CredentialVaultException - If any mandatory parameter is missing or has a wrong object type as value.
login
java.net.HttpURLConnection login() throws java.io.IOException
- Deprecated.
- Performs the HTTP form based login.
- Returns:
- HttpURLConnection The connection that was used for the login POST request.
- Throws:
- java.io.IOException - if the login failed or no cookie has been returned.
logout
java.net.HttpURLConnection logout() throws java.io.IOException
- Deprecated.
- Performs the logout through an HTTP GET request to the logout Url.
- Returns:
- HttpURLConnection The connection that was used for the logou GET request.
- Throws:
- java.io.IOException - if the logout failed or credential status is not 'logged in'.
getAuthenticatedConnection
java.net.HttpURLConnection getAuthenticatedConnection(java.lang.String url) throws java.io.IOException
- Deprecated.
- Returns a new HttpURLConnection with added authentication data.
- Parameters:
- url - the target URL for the connection.
- Returns:
- HttpURLConnection A new authenticated (and yet uncommitted) connection.
- Throws:
- java.io.IOException - thrown if anything unexpected happens.
getAuthenticatedConnection
java.net.HttpURLConnection getAuthenticatedConnection(java.net.URL url) throws java.io.IOException
- Deprecated.
- Returns a new HttpURLConnection with added authentication data.
- Parameters:
- url - the target URL for the connection. Note that it need not be opened yet. Note also that this method may only be called if cookies are used for authentication.
- Returns:
- HttpURLConnection A new authenticated (and yet uncommitted) connection.
- Throws:
- java.io.IOException - thrown if anything unexpected happens.
Tree PREV CLASS NEXT CLASS SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD