edu.internet2.middleware.shibboleth.idp.authn.provider
Class UsernamePasswordLoginServlet

java.lang.Object
  extended by javax.servlet.GenericServlet
      extended by javax.servlet.http.HttpServlet
          extended by edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet
All Implemented Interfaces:
Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig

public class UsernamePasswordLoginServlet
extends javax.servlet.http.HttpServlet

This Servlet authenticates a user via JAAS. The user's credential is always added to the returned Subject as a UsernamePasswordCredential within the subject's private credentials.

See Also:
Serialized Form

Nested Class Summary
protected  class UsernamePasswordLoginServlet.SimpleCallbackHandler
          A callback handler that provides static name and password data to a JAAS loging process.
 
Constructor Summary
UsernamePasswordLoginServlet()
           
 
Method Summary
protected  boolean authenticateUser(javax.servlet.http.HttpServletRequest request, String username, String password)
          Authenticate a username and password against JAAS.
 void init(javax.servlet.ServletConfig config)
          
protected  void redirectToLoginPage(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, List<org.opensaml.xml.util.Pair<String,String>> queryParams)
          Sends the user to the login page.
protected  void service(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          
 
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service
 
Methods inherited from class javax.servlet.GenericServlet
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

UsernamePasswordLoginServlet

public UsernamePasswordLoginServlet()
Method Detail

init

public void init(javax.servlet.ServletConfig config)
          throws javax.servlet.ServletException

Specified by:
init in interface javax.servlet.Servlet
Overrides:
init in class javax.servlet.GenericServlet
Throws:
javax.servlet.ServletException

service

protected void service(javax.servlet.http.HttpServletRequest request,
                       javax.servlet.http.HttpServletResponse response)
                throws javax.servlet.ServletException,
                       IOException

Overrides:
service in class javax.servlet.http.HttpServlet
Throws:
javax.servlet.ServletException
IOException

redirectToLoginPage

protected void redirectToLoginPage(javax.servlet.http.HttpServletRequest request,
                                   javax.servlet.http.HttpServletResponse response,
                                   List<org.opensaml.xml.util.Pair<String,String>> queryParams)
Sends the user to the login page.

Parameters:
request - current request
response - current response
queryParams - query parameters to pass to the login page

authenticateUser

protected boolean authenticateUser(javax.servlet.http.HttpServletRequest request,
                                   String username,
                                   String password)
Authenticate a username and password against JAAS. If authentication succeeds the name of the first principal, or the username if that is empty, and the subject are placed into the request in their respective attributes.

Parameters:
request - current authentication request
username - the principal name of the user to be authenticated
password - the password of the user to be authenticated
Returns:
true of authentication succeeds, false if not


Copyright © 2006-2009 Internet2. All Rights Reserved.