public class SamlSecurityRealm extends SecurityRealm
SecurityRealm
Modifier and Type | Class and Description |
---|---|
static class |
SamlSecurityRealm.DescriptorImpl |
SecurityRealm.SecurityComponents
ExtensionPoint.LegacyInstancesAreScopedToHudson
AUTHENTICATED_AUTHORITY, AUTHENTICATED_AUTHORITY2, LIST, NO_AUTHENTICATION
Constructor and Description |
---|
SamlSecurityRealm(IdpMetadataConfiguration idpMetadataConfiguration,
String displayNameAttributeName,
String groupsAttributeName,
Integer maximumAuthenticationLifetime,
String usernameAttributeName,
String emailAttributeName,
String logoutUrl,
SamlAdvancedConfiguration advancedConfiguration,
SamlEncryptionData encryptionData,
String usernameCaseConversion,
String binding,
List<AttributeEntry> samlCustomAttributes)
Jenkins passes these parameters in when you update the settings.
|
Modifier and Type | Method and Description |
---|---|
boolean |
allowsSignup() |
SecurityRealm.SecurityComponents |
createSecurityComponents() |
org.kohsuke.stapler.HttpResponse |
doCommenceLogin(org.kohsuke.stapler.StaplerRequest request,
org.kohsuke.stapler.StaplerResponse response,
String from,
String referer)
/securityRealm/commenceLogin
|
org.kohsuke.stapler.HttpResponse |
doFinishLogin(org.kohsuke.stapler.StaplerRequest request,
org.kohsuke.stapler.StaplerResponse response)
/securityRealm/finishLogin
|
void |
doLogout(org.kohsuke.stapler.StaplerRequest req,
org.kohsuke.stapler.StaplerResponse rsp) |
org.kohsuke.stapler.HttpResponse |
doMetadata(org.kohsuke.stapler.StaplerRequest request,
org.kohsuke.stapler.StaplerResponse response)
/securityRealm/metadata
|
SamlAdvancedConfiguration |
getAdvancedConfiguration() |
String |
getBinding() |
String |
getDisplayNameAttributeName() |
String |
getEmailAttributeName() |
SamlEncryptionData |
getEncryptionData() |
String |
getGroupsAttributeName() |
IdpMetadataConfiguration |
getIdpMetadataConfiguration() |
String |
getLoginUrl() |
String |
getLogoutUrl() |
Integer |
getMaximumAuthenticationLifetime() |
protected String |
getPostLogOutUrl(org.kohsuke.stapler.StaplerRequest req,
Authentication auth) |
List<AttributeEntry> |
getSamlCustomAttributes() |
SamlPluginConfig |
getSamlPluginConfig() |
String |
getUsernameAttributeName() |
String |
getUsernameCaseConversion() |
GroupDetails |
loadGroupByGroupname(String groupname) |
GroupDetails |
loadGroupByGroupname(String groupname,
boolean fetchMembers) |
Object |
readResolve() |
void |
setSamlCustomAttribute(List<AttributeEntry> samlCustomAttributes) |
String |
toString() |
all, canLogOut, commenceSignup, commonFilters, createCliAuthenticator, createFilter, doCaptcha, getAuthenticationGatewayUrl, getCaptchaSupport, getCaptchaSupportDescriptors, getDescriptor, getFrom, getGroupIdStrategy, getPostLogOutUrl2, getSecurityComponents, getUserIdStrategy, loadGroupByGroupname2, loadUserByUsername, loadUserByUsername2, setCaptchaSupport, validateCaptcha
public static final String DEFAULT_DISPLAY_NAME_ATTRIBUTE_NAME
public static final String DEFAULT_GROUPS_ATTRIBUTE_NAME
public static final int DEFAULT_MAXIMUM_AUTHENTICATION_LIFETIME
public static final String DEFAULT_USERNAME_CASE_CONVERSION
public static final String SP_METADATA_FILE_NAME
public static final String IDP_METADATA_FILE_NAME
public static final String ERROR_ONLY_SPACES_FIELD_VALUE
public static final String ERROR_NOT_VALID_NUMBER
public static final String ERROR_MALFORMED_URL
public static final String ERROR_IDP_METADATA_EMPTY
public static final String WARN_RECOMMENDED_TO_SET_THE_GROUPS_ATTRIBUTE
public static final String WARN_RECOMMENDED_TO_SET_THE_USERNAME_ATTRIBUTE
public static final String WARN_RECOMMENDED_TO_SET_THE_EMAIL_ATTRIBUTE
public static final String ERROR_NOT_POSSIBLE_TO_READ_KS_FILE
public static final String ERROR_CERTIFICATES_COULD_NOT_BE_LOADED
public static final String ERROR_ALGORITHM_CANNOT_BE_FOUND
public static final String ERROR_NO_PROVIDER_SUPPORTS_A_KS_SPI_IMPL
public static final String ERROR_WRONG_INFO_OR_PASSWORD
public static final String ERROR_INSUFFICIENT_OR_INVALID_INFO
public static final String CONSUMER_SERVICE_URL_PATH
public static final String WARN_THERE_IS_NOT_KEY_STORE
public static final String ERROR_NOT_KEY_FOUND
public static final String SUCCESS
public static final String NOT_POSSIBLE_TO_GET_THE_METADATA
public static final String CHECK_TROUBLESHOOTING_GUIDE
public static final String CHECK_MAX_AUTH_LIFETIME
public static final String WARN_KEYSTORE_NOT_SET
public static final String WARN_PRIVATE_KEY_ALIAS_NOT_SET
public static final String WARN_PRIVATE_KEYSTORE_PASS_NOT_SET
public static final String WARN_PRIVATE_KEY_PASS_NOT_SET
@DataBoundConstructor public SamlSecurityRealm(IdpMetadataConfiguration idpMetadataConfiguration, String displayNameAttributeName, String groupsAttributeName, Integer maximumAuthenticationLifetime, String usernameAttributeName, String emailAttributeName, String logoutUrl, SamlAdvancedConfiguration advancedConfiguration, SamlEncryptionData encryptionData, String usernameCaseConversion, String binding, List<AttributeEntry> samlCustomAttributes) throws IOException
idpMetadataConfiguration
- How to obtains the IdP Metadata configuration.displayNameAttributeName
- attribute that has the displaynamegroupsAttributeName
- attribute that has the groupsmaximumAuthenticationLifetime
- maximum time that an identification it is validusernameAttributeName
- attribute that has the usernameemailAttributeName
- attribute that has the emaillogoutUrl
- optional URL to redirect on logoutadvancedConfiguration
- advanced configuration settingsencryptionData
- encryption configuration settingsusernameCaseConversion
- username case sensitive settingsbinding
- SAML binding method.samlCustomAttributes
- Custom Attributes to read from the SAML Responsse.IOException
- if it is not possible to write the IdP metadata file.public Object readResolve()
public boolean allowsSignup()
allowsSignup
in class SecurityRealm
public SecurityRealm.SecurityComponents createSecurityComponents()
createSecurityComponents
in class SecurityRealm
public String getLoginUrl()
getLoginUrl
in class SecurityRealm
public org.kohsuke.stapler.HttpResponse doCommenceLogin(org.kohsuke.stapler.StaplerRequest request, org.kohsuke.stapler.StaplerResponse response, @QueryParameter String from, @Header(value="Referer") String referer)
request
- http request.response
- http response.referer
- referer.from
- http request "from" parameter.public org.kohsuke.stapler.HttpResponse doFinishLogin(org.kohsuke.stapler.StaplerRequest request, org.kohsuke.stapler.StaplerResponse response)
request
- http request.response
- http response.public org.kohsuke.stapler.HttpResponse doMetadata(org.kohsuke.stapler.StaplerRequest request, org.kohsuke.stapler.StaplerResponse response)
URL request service method to expose the SP metadata to the user so that they can configure their IdP.
request
- http request.response
- http response.protected String getPostLogOutUrl(org.kohsuke.stapler.StaplerRequest req, @Nonnull Authentication auth)
public void doLogout(org.kohsuke.stapler.StaplerRequest req, org.kohsuke.stapler.StaplerResponse rsp) throws IOException, javax.servlet.ServletException
doLogout
in class SecurityRealm
IOException
javax.servlet.ServletException
public GroupDetails loadGroupByGroupname(String groupname) throws UsernameNotFoundException, DataAccessException
loadGroupByGroupname
in class SecurityRealm
UsernameNotFoundException
DataAccessException
public GroupDetails loadGroupByGroupname(String groupname, boolean fetchMembers) throws UsernameNotFoundException, DataAccessException
loadGroupByGroupname
in class SecurityRealm
UsernameNotFoundException
DataAccessException
public SamlPluginConfig getSamlPluginConfig()
public String getUsernameAttributeName()
public String getDisplayNameAttributeName()
public String getGroupsAttributeName()
public Integer getMaximumAuthenticationLifetime()
public SamlAdvancedConfiguration getAdvancedConfiguration()
public String getBinding()
public SamlEncryptionData getEncryptionData()
public String getUsernameCaseConversion()
public String getEmailAttributeName()
public String getLogoutUrl()
public IdpMetadataConfiguration getIdpMetadataConfiguration()
@NonNull public List<AttributeEntry> getSamlCustomAttributes()
public void setSamlCustomAttribute(List<AttributeEntry> samlCustomAttributes)
Copyright © 2016–2021. All rights reserved.