Class OpenIdLoginService
- java.lang.Object
-
- org.eclipse.jetty.util.component.AbstractLifeCycle
-
- org.eclipse.jetty.util.component.ContainerLifeCycle
-
- org.eclipse.jetty.security.openid.OpenIdLoginService
-
- All Implemented Interfaces:
LoginService,Container,Destroyable,Dumpable,Dumpable.DumpableContainer,LifeCycle
public class OpenIdLoginService extends ContainerLifeCycle implements LoginService
The implementation ofLoginServicerequired to use OpenID Connect.Can contain an optional wrapped
LoginServicewhich is used to store role information about users.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
AbstractLifeCycle.AbstractLifeCycleListener
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container
Container.InheritedListener, Container.Listener
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable
Dumpable.DumpableContainer
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle
LifeCycle.Listener
-
-
Constructor Summary
Constructors Constructor Description OpenIdLoginService(OpenIdConfiguration configuration)OpenIdLoginService(OpenIdConfiguration configuration, LoginService loginService)Use a wrappedLoginServiceto store information about user roles.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description OpenIdConfigurationgetConfiguration()IdentityServicegetIdentityService()Get the IdentityService associated with this Login Service.java.lang.StringgetName()booleanisAuthenticateNewUsers()UserIdentitylogin(java.lang.String identifier, java.lang.Object credentials, javax.servlet.ServletRequest req)Login a user.voidlogout(UserIdentity user)voidsetAuthenticateNewUsers(boolean authenticateNewUsers)This setting is only meaningful if a wrappedLoginServicehas been set.voidsetIdentityService(IdentityService service)Set the IdentityService associated with this Login Service.booleanvalidate(UserIdentity user)Validate a user identity.-
Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle
addBean, addBean, addEventListener, addManaged, contains, destroy, doStart, doStop, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpObjects, dumpStdErr, dumpThis, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans
-
Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer
isDumpable
-
-
-
-
Constructor Detail
-
OpenIdLoginService
public OpenIdLoginService(OpenIdConfiguration configuration)
-
OpenIdLoginService
public OpenIdLoginService(OpenIdConfiguration configuration, LoginService loginService)
Use a wrappedLoginServiceto store information about user roles. Users in the wrapped loginService must be stored with their username as the value of the sub (subject) Claim, and a credentials value of the empty string.- Parameters:
configuration- the OpenID configuration to use.loginService- the wrapped LoginService to defer to for user roles.
-
-
Method Detail
-
getName
public java.lang.String getName()
- Specified by:
getNamein interfaceLoginService- Returns:
- Get the name of the login service (aka Realm name)
-
getConfiguration
public OpenIdConfiguration getConfiguration()
-
login
public UserIdentity login(java.lang.String identifier, java.lang.Object credentials, javax.servlet.ServletRequest req)
Description copied from interface:LoginServiceLogin a user.- Specified by:
loginin interfaceLoginService- Parameters:
identifier- The user namecredentials- The users credentialsreq- TODO- Returns:
- A UserIdentity if the credentials matched, otherwise null
-
isAuthenticateNewUsers
public boolean isAuthenticateNewUsers()
-
setAuthenticateNewUsers
public void setAuthenticateNewUsers(boolean authenticateNewUsers)
This setting is only meaningful if a wrappedLoginServicehas been set.If set to true, any users not found by the wrapped
LoginServicewill still be authenticated but with no roles, if set to false users will not be authenticated unless they are discovered by the wrappedLoginService.- Parameters:
authenticateNewUsers- whether to authenticate users not found by a wrapping LoginService
-
validate
public boolean validate(UserIdentity user)
Description copied from interface:LoginServiceValidate a user identity. Validate that a UserIdentity previously created by a call toLoginService.login(String, Object, ServletRequest)is still valid.- Specified by:
validatein interfaceLoginService- Parameters:
user- The user to validate- Returns:
- true if authentication has not been revoked for the user.
-
getIdentityService
public IdentityService getIdentityService()
Description copied from interface:LoginServiceGet the IdentityService associated with this Login Service.- Specified by:
getIdentityServicein interfaceLoginService- Returns:
- the IdentityService associated with this Login Service.
-
setIdentityService
public void setIdentityService(IdentityService service)
Description copied from interface:LoginServiceSet the IdentityService associated with this Login Service.- Specified by:
setIdentityServicein interfaceLoginService- Parameters:
service- the IdentityService associated with this Login Service.
-
logout
public void logout(UserIdentity user)
- Specified by:
logoutin interfaceLoginService
-
-