Package org.opencastproject.security.aai

Class ConfigurableLoginHandler

java.lang.Object
org.opencastproject.security.aai.ConfigurableLoginHandler
All Implemented Interfaces:
org.opencastproject.security.api.RoleProvider, org.opencastproject.security.shibboleth.ShibbolethLoginHandler, org.osgi.service.cm.ManagedService
public class ConfigurableLoginHandler extends Object implements org.opencastproject.security.shibboleth.ShibbolethLoginHandler, org.opencastproject.security.api.RoleProvider, org.osgi.service.cm.ManagedService
This configurable implementation of the ShibbolethLoginHandler uses the UserReferenceProvider interface to create and update Opencast reference users provided and authenticated by an external identity provider. Note that this configurable implementation aims at requiring the minimum number of Shibboleth attributes to make Opencast work with most Shibboleth-based Authentication and Authorization Infrastractures (AAI).

  • Constructor Details

    • ConfigurableLoginHandler

      public ConfigurableLoginHandler()

    • ConfigurableLoginHandler

      protected ConfigurableLoginHandler(org.osgi.framework.BundleContext bundleContext)

  • Method Details

    • updated

      public void updated(Dictionary properties) throws org.osgi.service.cm.ConfigurationException
      Specified by:
      updated in interface org.osgi.service.cm.ManagedService
      Throws:
      org.osgi.service.cm.ConfigurationException

    • newUserLogin

      public void newUserLogin(String id, javax.servlet.http.HttpServletRequest request)
      Handle a new user login.
      Specified by:
      newUserLogin in interface org.opencastproject.security.shibboleth.ShibbolethLoginHandler
      Parameters:
      id - The identity of the user, ideally the Shibboleth persistent unique identifier
      request - The request, for accessing any other Shibboleth variables

    • existingUserLogin

      public void existingUserLogin(String id, javax.servlet.http.HttpServletRequest request)
      Handle an existing user login.
      Specified by:
      existingUserLogin in interface org.opencastproject.security.shibboleth.ShibbolethLoginHandler
      Parameters:
      id - The identity of the user, ideally the Shibboleth persistent unique identifier
      request - The request, for accessing any other Shibboleth variables

    • setSecurityService

      public void setSecurityService(org.opencastproject.security.api.SecurityService securityService)
      Sets the security service.
      Parameters:
      securityService - the security service

    • setUserReferenceProvider

      public void setUserReferenceProvider(org.opencastproject.userdirectory.api.UserReferenceProvider userReferenceProvider)
      Sets the user reference provider.
      Parameters:
      userReferenceProvider - the user reference provider

    • getRolesForUser

      public List<org.opencastproject.security.api.Role> getRolesForUser(String userName)
      Specified by:
      getRolesForUser in interface org.opencastproject.security.api.RoleProvider
      See Also:
      • RoleProvider.getRolesForUser(String)

    • getOrganization

      public String getOrganization()
      Specified by:
      getOrganization in interface org.opencastproject.security.api.RoleProvider
      See Also:
      • RoleProvider.getOrganization()

    • findRoles

      public Iterator<org.opencastproject.security.api.Role> findRoles(String query, org.opencastproject.security.api.Role.Target target, int offset, int limit)
      Specified by:
      findRoles in interface org.opencastproject.security.api.RoleProvider
      See Also:
      • RoleProvider.findRoles(String, Role.Target, int, int)