Class WsGrouperLdapAuthentication
java.lang.Object
edu.internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication
- All Implemented Interfaces:
WsCustomAuthentication
ldap bind authentication for grouper, settings are specified in grouper-ws.properties, and the grouper-loader.properties note: this can be used for rest and soap, though it is not a bastion of security: 1. for soap, ws-security would be better since a ticket is passed instead of user/pass 2. for rest, Im not sure there is another option 3. the user/pass is transmitted in basic auth, so make sure SSL is on 4. if using proxied web services, the password goes to the middle component
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic boolean
authenticateLdap
(String principal, String password) see if a user and pass are correct with ldapstatic void
retrieveLoggedInSubjectId
(javax.servlet.http.HttpServletRequest httpServletRequest) retrieve the current username (subjectId) from the request object.
-
Constructor Details
-
WsGrouperLdapAuthentication
public WsGrouperLdapAuthentication()
-
-
Method Details
-
main
- Parameters:
args
-- Throws:
Exception
-
retrieveLoggedInSubjectId
public String retrieveLoggedInSubjectId(javax.servlet.http.HttpServletRequest httpServletRequest) throws RuntimeException Description copied from interface:WsCustomAuthentication
retrieve the current username (subjectId) from the request object.- Specified by:
retrieveLoggedInSubjectId
in interfaceWsCustomAuthentication
- Returns:
- the logged in username (subjectId)
- Throws:
WsInvalidQueryException
- if there is a problemRuntimeException
- See Also:
-
authenticateLdap
see if a user and pass are correct with ldap- Parameters:
principal
-password
-- Returns:
- true for ok, false for not
-