|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectedu.internet2.middleware.shibboleth.idp.authn.provider.AbstractLoginHandler
edu.internet2.middleware.shibboleth.idp.authn.provider.IPAddressLoginHandler
public class IPAddressLoginHandler
IP Address authentication handler. This "authenticates" a user based on their IP address. It operates in either default deny or default allow mode, and evaluates a given request against a list of blocked or permitted IPs. It supports both IPv4 and IPv6. If an Authentication Context Class or DeclRef URI is not specified, it will default to "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol".
Nested Class Summary | |
---|---|
protected class |
IPAddressLoginHandler.IPEntry
Encapsulates a network address and a netmask on ipList. |
Field Summary |
---|
Fields inherited from interface edu.internet2.middleware.shibboleth.idp.authn.LoginHandler |
---|
AUTHENTICATION_ERROR_KEY, AUTHENTICATION_METHOD_KEY, PRINCIPAL_KEY, PRINCIPAL_NAME_KEY, SUBJECT_KEY |
Constructor Summary | |
---|---|
IPAddressLoginHandler()
|
Method Summary | |
---|---|
protected BitSet |
byteArrayToBitSet(byte[] bytes)
Converts a byte array to a BitSet. |
String |
getUsername()
Get the username for all IP-address authenticated users. |
protected void |
handleDefaultAllow(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
|
protected void |
handleDefaultDeny(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
|
void |
login(javax.servlet.http.HttpServletRequest httpRequest,
javax.servlet.http.HttpServletResponse httpResponse)
Authenticate the user making the request. |
void |
setEntries(List<String> entries,
boolean defaultDeny)
Set the permitted IP addresses. |
void |
setUsername(String name)
Set the username to use for all IP-address authenticated users. |
boolean |
supportsForceAuthentication()
Returns if this handler supports the ability to force a user to (re-)authenticate. |
boolean |
supportsPassive()
Gets whether this handler supports passive authentication. |
Methods inherited from class edu.internet2.middleware.shibboleth.idp.authn.provider.AbstractLoginHandler |
---|
getAuthenticationDuration, getSupportedAuthenticationMethods, setAuthenticationDuration, setAuthenticationDurection, setSupportsForceAuthentication, setSupportsPassive |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public IPAddressLoginHandler()
Method Detail |
---|
public void setEntries(List<String> entries, boolean defaultDeny)
defaultDeny
is true
then only the IP addresses in ipList
will be
"authenticated." If defaultDeny
is false
, then all IP addresses except those in
ipList
will be authenticated.
entries
- A list of IP addresses (with CIDR masks).defaultDeny
- Does ipList
contain a deny or permit list.public boolean supportsPassive()
supportsPassive
in interface LoginHandler
supportsPassive
in class AbstractLoginHandler
public boolean supportsForceAuthentication()
supportsForceAuthentication
in interface LoginHandler
supportsForceAuthentication
in class AbstractLoginHandler
public String getUsername()
public void setUsername(String name)
name
- The username for IP-address authenticated users.public void login(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)
httpRequest
- user requesthttpResponse
- response to userprotected void handleDefaultDeny(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected void handleDefaultAllow(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected BitSet byteArrayToBitSet(byte[] bytes)
bytes
- the byte array with most signifigant bit in element 0.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |