Package hudson.plugins.openid
Class OpenIdSsoSecurityRealm
java.lang.Object
hudson.model.AbstractDescribableImpl<SecurityRealm>
hudson.security.SecurityRealm
hudson.plugins.openid.OpenIdSsoSecurityRealm
- All Implemented Interfaces:
ExtensionPoint,Describable<SecurityRealm>
SSO based on OpenID by fixing a provider.
- Author:
- Kohsuke Kawaguchi
-
Nested Class Summary
Nested ClassesNested classes/interfaces inherited from class hudson.security.SecurityRealm
SecurityRealm.SecurityComponentsNested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson -
Field Summary
FieldsFields inherited from class hudson.security.SecurityRealm
AUTHENTICATED_AUTHORITY, AUTHENTICATED_AUTHORITY2, LIST, NO_AUTHENTICATION -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voidprotected org.openid4java.consumer.ConsumerManagerAcegi has this notion that first anAuthenticationobject is created by collecting user information and then the act of authentication is done later (byAuthenticationManager) to verify it.org.kohsuke.stapler.HttpResponsedoCommenceLogin(String from) The login process starts from here.org.kohsuke.stapler.HttpResponsedoFinishLogin(org.kohsuke.stapler.StaplerRequest2 request) This is where the user comes back to at the end of the OpenID redirect ping-pong.Login begins with ourdoCommenceLogin(String)method.booleanisApplicable(OpenIdExtension openIdExtension) Allow OpenId SSO Security Realms to determine the extensions that are applicable.Methods inherited from class hudson.security.SecurityRealm
all, allowsSignup, canLogOut, commenceSignup, commonFilters, createCliAuthenticator, createFilter, createFilter, doCaptcha, doLogout, doLogout, getAuthenticationGatewayUrl, getCaptchaSupport, getCaptchaSupportDescriptors, getDescriptor, getFrom, getGroupIdStrategy, getPostLogOutUrl, getPostLogOutUrl2, getPostLogOutUrl2, getSecurityComponents, getUserIdStrategy, loadGroupByGroupname, loadGroupByGroupname, loadGroupByGroupname2, loadUserByUsername, loadUserByUsername2, setCaptchaSupport, validateCaptcha
-
Field Details
-
endpoint
-
-
Constructor Details
-
OpenIdSsoSecurityRealm
@DataBoundConstructor public OpenIdSsoSecurityRealm(String endpoint) throws IOException, org.openid4java.OpenIDException - Throws:
IOExceptionorg.openid4java.OpenIDException
-
-
Method Details
-
createManager
protected org.openid4java.consumer.ConsumerManager createManager() throws org.openid4java.consumer.ConsumerException- Throws:
org.openid4java.consumer.ConsumerException
-
addProxyPropertiesToHttpClient
protected void addProxyPropertiesToHttpClient() -
getLoginUrl
Login begins with ourdoCommenceLogin(String)method.- Overrides:
getLoginUrlin classSecurityRealm
-
createSecurityComponents
Acegi has this notion that first anAuthenticationobject is created by collecting user information and then the act of authentication is done later (byAuthenticationManager) to verify it. But in case of OpenID, we create anAuthenticationonly after we verified the user identity, soAuthenticationManagerbecomes no-op.- Specified by:
createSecurityComponentsin classSecurityRealm- Returns:
- Created
SecurityRealm.SecurityComponents
-
doCommenceLogin
public org.kohsuke.stapler.HttpResponse doCommenceLogin(@QueryParameter String from) throws IOException, org.openid4java.OpenIDException The login process starts from here.- Throws:
IOExceptionorg.openid4java.OpenIDException
-
doFinishLogin
public org.kohsuke.stapler.HttpResponse doFinishLogin(org.kohsuke.stapler.StaplerRequest2 request) throws IOException, org.openid4java.OpenIDException This is where the user comes back to at the end of the OpenID redirect ping-pong.- Throws:
IOExceptionorg.openid4java.OpenIDException
-
isApplicable
Allow OpenId SSO Security Realms to determine the extensions that are applicable.- Parameters:
openIdExtension- the extension.- Returns:
trueif this extension is appropriate.- Since:
- 2.2
-