org.apache.oodt.security.sso

Class OpenSSOImpl

java.lang.Object

org.apache.oodt.security.sso.AbstractWebBasedSingleSignOn

org.apache.oodt.security.sso.OpenSSOImpl

All Implemented Interfaces:

SSOMetKeys, SingleSignOn

public class OpenSSOImpl
extends AbstractWebBasedSingleSignOn
implements SSOMetKeys

Connects to OpenSSO's authorization endpoint and authenticates a user, implementing the CAS AbstractWebBasedSingleSignOn interface. This class can be used in e.g., CAS curator to link into Open SSO.

Field Summary

Fields inherited from class org.apache.oodt.security.sso.AbstractWebBasedSingleSignOn

req, res

Fields inherited from interface org.apache.oodt.security.sso.opensso.SSOMetKeys

ATTRIBUTES_COMMAND, AUTH_COMMAND, AUTHENTICATE_ENDPOINT, IDENTITY_ATTRIBUTES_ENDPOINT, IDENTITY_COMMAND, IDENTITY_DETAILS_ATTR_NAME, IDENTITY_DETAILS_ATTR_SKIP_LINE, IDENTITY_DETAILS_ATTR_VALUE, IDENTITY_DETAILS_GROUP, IDENTITY_DETAILS_NAME, IDENTITY_DETAILS_REALM, IDENTITY_DETAILS_TYPE, IDENTITY_READ_ENDPOINT, LOGOUT_COMMAND, LOGOUT_ENDPOINT, SSO_COOKIE_KEY, UID_ATTRIBUTE_NAME, UNKNOWN_USER, USER_COOKIE_KEY, USER_DETAILS_ATTR_NAME, USER_DETAILS_ATTR_VALUE, USER_DETAILS_ROLE, USER_DETAILS_TOKEN

Constructor Summary

Constructors

Constructor and Description
OpenSSOImpl() Default constructor.

Method Summary

Modifier and Type	Method and Description
String	getCurrentUsername() Should return the current logged in Single Sign On username returned from the implementation-specific authentication API.
List<String>	getGroupsForUser() Gets the SSO groups for the LMMP user, identified by her ssoAuth, where her User ID is provided by getCurrentUsername() and her Token is provided by getSSOToken().
boolean	getLastConnectionStatus() Should provide information (true or false) as to whether the last connection to the SSO authentication service was successful.
protected String	getSSOToken()
boolean	isLoggedIn() Returns true when the user is logged in, or false otherwise.
boolean	login(String username, String password) Logs the user with the provided username and password in to the SSO authentication mechanism.
void	logout() Logs the current SSO user out of her session.
List<String>	retrieveGroupsForUser(String username) Obtains a user's groups from the security principal that this SSO object talks to.

Methods inherited from class org.apache.oodt.security.sso.AbstractWebBasedSingleSignOn

getReq, getRes, setReq, setRes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OpenSSOImpl

public OpenSSOImpl()

Default constructor.

Method Detail

getCurrentUsername

public String getCurrentUsername()

Description copied from interface: SingleSignOn

Should return the current logged in Single Sign On username returned from the implementation-specific authentication API.

Specified by:

getCurrentUsername in interface SingleSignOn

Returns:

A string representation of the current SSO username.

getLastConnectionStatus

public boolean getLastConnectionStatus()

Description copied from interface: SingleSignOn

Should provide information (true or false) as to whether the last connection to the SSO authentication service was successful.

Specified by:

getLastConnectionStatus in interface SingleSignOn

Returns:

True if the last authentication was successful, false otherwise.

isLoggedIn

public boolean isLoggedIn()

Description copied from interface: SingleSignOn

Returns true when the user is logged in, or false otherwise.

Specified by:

isLoggedIn in interface SingleSignOn

Returns:

True if the user is logged in, false otherwise.

login

public boolean login(String username,
                     String password)

Description copied from interface: SingleSignOn

Logs the user with the provided username and password in to the SSO authentication mechanism.

Specified by:

login in interface SingleSignOn

Parameters:

username - The username credentials.

password - The password credentials.

Returns:

True if the login was successful, false otherwise.

logout

public void logout()

Description copied from interface: SingleSignOn

Logs the current SSO user out of her session.

Specified by:

logout in interface SingleSignOn

getGroupsForUser

public List<String> getGroupsForUser()
                              throws IOException,
                                     SingleSignOnException

Gets the SSO groups for the LMMP user, identified by her ssoAuth, where her User ID is provided by getCurrentUsername() and her Token is provided by getSSOToken().

Returns:

A List of String LMMP groups for the User.

Throws:

SingleSignOnException - If any error (e.g., HTTP REST error) occurs.

IOException - If the SSO token cannot be read.

retrieveGroupsForUser

public List<String> retrieveGroupsForUser(String username)

Description copied from interface: SingleSignOn

Obtains a user's groups from the security principal that this SSO object talks to.

Specified by:

retrieveGroupsForUser in interface SingleSignOn

Parameters:

username - The username to obtain the groups for.

Returns:

A List of string group names obtained from the security principal.

getSSOToken

protected String getSSOToken()