Package org.opencastproject.security.aai

Class ConfigurableLoginHandler

java.lang.Object
org.opencastproject.security.aai.ConfigurableLoginHandler
All Implemented Interfaces:
RoleProvider, ShibbolethLoginHandler, org.osgi.service.cm.ManagedService
public class ConfigurableLoginHandler extends Object implements ShibbolethLoginHandler, RoleProvider, org.osgi.service.cm.ManagedService
This configurable implementation of the ShibbolethLoginHandler uses the UserReferenceProvider interface to create and update Opencast reference users provided and authenticated by an external identity provider. Note that this configurable implementation aims at requiring the minimum number of Shibboleth attributes to make Opencast work with most Shibboleth-based Authentication and Authorization Infrastractures (AAI).

  • Constructor Details

    • ConfigurableLoginHandler

      public ConfigurableLoginHandler()

    • ConfigurableLoginHandler

      protected ConfigurableLoginHandler(org.osgi.framework.BundleContext bundleContext)

  • Method Details

    • updated

      public void updated(Dictionary properties) throws org.osgi.service.cm.ConfigurationException
      Specified by:
      updated in interface org.osgi.service.cm.ManagedService
      Throws:
      org.osgi.service.cm.ConfigurationException

    • newUserLogin

      public void newUserLogin(String id, javax.servlet.http.HttpServletRequest request)
      Handle a new user login.
      Specified by:
      newUserLogin in interface ShibbolethLoginHandler
      Parameters:
      id - The identity of the user, ideally the Shibboleth persistent unique identifier
      request - The request, for accessing any other Shibboleth variables

    • existingUserLogin

      public void existingUserLogin(String id, javax.servlet.http.HttpServletRequest request)
      Handle an existing user login.
      Specified by:
      existingUserLogin in interface ShibbolethLoginHandler
      Parameters:
      id - The identity of the user, ideally the Shibboleth persistent unique identifier
      request - The request, for accessing any other Shibboleth variables

    • setSecurityService

      public void setSecurityService(SecurityService securityService)
      Sets the security service.
      Parameters:
      securityService - the security service

    • setUserReferenceProvider

      public void setUserReferenceProvider(UserReferenceProvider userReferenceProvider)
      Sets the user reference provider.
      Parameters:
      userReferenceProvider - the user reference provider

    • getRolesForUser

      public List<Role> getRolesForUser(String userName)
      Description copied from interface: RoleProvider
      Returns the roles for this user or an empty array if no roles are applicable.
      Specified by:
      getRolesForUser in interface RoleProvider
      Parameters:
      userName - the user id
      Returns:
      the set of roles
      See Also:

    • getOrganization

      public String getOrganization()
      Description copied from interface: RoleProvider
      Returns the identifier for the organization that is defining this set of roles.
      Specified by:
      getOrganization in interface RoleProvider
      Returns:
      the defining organization
      See Also:

    • findRoles

      public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit)
      Description copied from interface: RoleProvider
      Return the found roles as an iterator.
      Specified by:
      findRoles in interface RoleProvider
      Parameters:
      query - the query. Use the wildcards "_" to match any single character and "%" to match an arbitrary number of characters (including zero characters).
      offset - the offset
      limit - the limit. 0 means no limit
      Returns:
      an iterator of role's
      See Also: