org.apache.catalina.authenticator
Class SpnegoAuthenticator

java.lang.Object
  org.apache.catalina.util.LifecycleBase
      org.apache.catalina.util.LifecycleMBeanBase
          org.apache.catalina.valves.ValveBase
              org.apache.catalina.authenticator.AuthenticatorBase
                  org.apache.catalina.authenticator.SpnegoAuthenticator

All Implemented Interfaces:

MBeanRegistration, Authenticator, Contained, Lifecycle, Valve

public class SpnegoAuthenticator
extends AuthenticatorBase

A SPNEGO authenticator that uses the SPENGO/Kerberos support built in to Java 6. Successful Kerberos authentication depends on the correct configuration of multiple components. If the configuration is invalid, the error messages are often cryptic although a Google search will usually point you in the right direction.

Field Summary

Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase

alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, info, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sessionIdGenerator, sm, sso

Fields inherited from class org.apache.catalina.valves.ValveBase

asyncSupported, container, containerLog, next

Fields inherited from class org.apache.catalina.util.LifecycleMBeanBase

mserver

Fields inherited from interface org.apache.catalina.Lifecycle

AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT

Constructor Summary

SpnegoAuthenticator()

Method Summary

boolean	authenticate(Request request, HttpServletResponse response, LoginConfig config) Authenticate the user making this request, based on the specified login configuration.
protected String	getAuthMethod()
String	getInfo() Return descriptive information about this Valve implementation.
String	getLoginConfigName()
String	getNoKeepAliveUserAgents()
protected void	initInternal() Sub-classes wishing to perform additional initialization should override this method, ensuring that super.initInternal() is the first call in the overriding method.
boolean	isStoreDelegatedCredential()
void	setLoginConfigName(String loginConfigName)
void	setNoKeepAliveUserAgents(String noKeepAliveUserAgents)
void	setStoreDelegatedCredential(boolean storeDelegatedCredential)

Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase

associate, authenticate, doLogin, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, login, logout, reauthenticateFromSSO, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, startInternal, stopInternal

Methods inherited from class org.apache.catalina.valves.ValveBase

backgroundProcess, event, getDomainInternal, getNext, getObjectNameKeyProperties, isAsyncSupported, setAsyncSupported, setNext, toString

Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase

destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister

Methods inherited from class org.apache.catalina.util.LifecycleBase

addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

SpnegoAuthenticator

public SpnegoAuthenticator()

Method Detail

getLoginConfigName

public String getLoginConfigName()

setLoginConfigName

public void setLoginConfigName(String loginConfigName)

isStoreDelegatedCredential

public boolean isStoreDelegatedCredential()

setStoreDelegatedCredential

public void setStoreDelegatedCredential(boolean storeDelegatedCredential)

getNoKeepAliveUserAgents

public String getNoKeepAliveUserAgents()

setNoKeepAliveUserAgents

public void setNoKeepAliveUserAgents(String noKeepAliveUserAgents)

getAuthMethod

protected String getAuthMethod()

Specified by:

getAuthMethod in class AuthenticatorBase

getInfo

public String getInfo()

Description copied from class: AuthenticatorBase

Return descriptive information about this Valve implementation.

Specified by:

getInfo in interface Valve

Overrides:

getInfo in class AuthenticatorBase

initInternal

protected void initInternal()
                     throws LifecycleException

Description copied from class: LifecycleMBeanBase

Sub-classes wishing to perform additional initialization should override this method, ensuring that super.initInternal() is the first call in the overriding method.

Overrides:

initInternal in class ValveBase

Throws:

LifecycleException

authenticate

public boolean authenticate(Request request,
                            HttpServletResponse response,
                            LoginConfig config)
                     throws IOException

Description copied from class: AuthenticatorBase

Authenticate the user making this request, based on the specified login configuration. Return true if any specified constraint has been satisfied, or false if we have created a response challenge already.

Specified by:

authenticate in interface Authenticator

Specified by:

authenticate in class AuthenticatorBase

Parameters:

request - Request we are processing

response - Response we are populating

config - Login configuration describing how authentication should be performed

Throws:

IOException - if an input/output error occurs