Package org.eclipse.jetty.security.openid

Class OpenIdLoginService

java.lang.Object

org.eclipse.jetty.util.component.AbstractLifeCycle

org.eclipse.jetty.util.component.ContainerLifeCycle

org.eclipse.jetty.security.openid.OpenIdLoginService

All Implemented Interfaces:

LoginService, Container, Destroyable, Dumpable, Dumpable.DumpableContainer, LifeCycle

public class OpenIdLoginService
extends ContainerLifeCycle
implements LoginService

The implementation of LoginService required to use OpenID Connect.

Can contain an optional wrapped LoginService which is used to store role information about users.

Nested Class Summary

Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

AbstractLifeCycle.AbstractLifeCycleListener, AbstractLifeCycle.StopException

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

Container.InheritedListener, Container.Listener

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable

Dumpable.DumpableContainer

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

LifeCycle.Listener

Field Summary

Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

FAILED, STARTED, STARTING, STOPPED, STOPPING

Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

KEY

Constructor Summary

Constructors

Constructor	Description
OpenIdLoginService(OpenIdConfiguration configuration)
OpenIdLoginService(OpenIdConfiguration configuration, LoginService loginService)	Use a wrapped LoginService to store information about user roles.

Method Summary

Modifier and Type	Method	Description
OpenIdConfiguration	getConfiguration()
IdentityService	getIdentityService()	Get the IdentityService associated with this Login Service.
String	getName()
boolean	isAuthenticateNewUsers()
UserIdentity	login(String identifier, Object credentials, javax.servlet.ServletRequest req)	Login a user.
void	logout(UserIdentity user)
void	setAuthenticateNewUsers(boolean authenticateNewUsers)	This setting is only meaningful if a wrapped LoginService has been set.
void	setIdentityService(IdentityService service)	Set the IdentityService associated with this Login Service.
boolean	validate(UserIdentity user)	Validate a user identity.

Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

addBean, addBean, addEventListener, addManaged, contains, destroy, doStart, doStop, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeans

Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.eclipse.jetty.util.component.Container

getCachedBeans, getEventListeners

Methods inherited from interface org.eclipse.jetty.util.component.Dumpable

dumpSelf

Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer

isDumpable

Constructor Details

OpenIdLoginService

public OpenIdLoginService(OpenIdConfiguration configuration)

OpenIdLoginService

public OpenIdLoginService(OpenIdConfiguration configuration,
 LoginService loginService)

Use a wrapped LoginService to store information about user roles. Users in the wrapped loginService must be stored with their username as the value of the sub (subject) Claim, and a credentials value of the empty string.

Parameters:

configuration - the OpenID configuration to use.

loginService - the wrapped LoginService to defer to for user roles.

Method Details

getName

public String getName()

Specified by:

getName in interface LoginService

Returns:

Get the name of the login service (aka Realm name)

getConfiguration

public OpenIdConfiguration getConfiguration()

login

public UserIdentity login(String identifier,
 Object credentials,
 javax.servlet.ServletRequest req)

Description copied from interface: LoginService

Login a user.

Specified by:

login in interface LoginService

Parameters:

identifier - The user name

credentials - The users credentials

req - TODO

Returns:

A UserIdentity if the credentials matched, otherwise null

isAuthenticateNewUsers

public boolean isAuthenticateNewUsers()

setAuthenticateNewUsers

public void setAuthenticateNewUsers(boolean authenticateNewUsers)

This setting is only meaningful if a wrapped LoginService has been set.

If set to true, any users not found by the wrapped LoginService will still be authenticated but with no roles, if set to false users will not be authenticated unless they are discovered by the wrapped LoginService.

Parameters:

authenticateNewUsers - whether to authenticate users not found by a wrapping LoginService

validate

public boolean validate(UserIdentity user)

Description copied from interface: LoginService

Validate a user identity. Validate that a UserIdentity previously created by a call to LoginService.login(String, Object, ServletRequest) is still valid.

Specified by:

validate in interface LoginService

Parameters:

user - The user to validate

Returns:

true if authentication has not been revoked for the user.

getIdentityService

public IdentityService getIdentityService()

Description copied from interface: LoginService

Get the IdentityService associated with this Login Service.

Specified by:

getIdentityService in interface LoginService

Returns:

the IdentityService associated with this Login Service.

setIdentityService

public void setIdentityService(IdentityService service)

Description copied from interface: LoginService

Set the IdentityService associated with this Login Service.

Specified by:

setIdentityService in interface LoginService

Parameters:

service - the IdentityService associated with this Login Service.

logout

public void logout(UserIdentity user)

Specified by:

logout in interface LoginService