public class KerberosAuthenticationHandler extends Object implements AuthenticationHandler
KerberosAuthenticationHandler
implements the Kerberos SPNEGO authentication mechanism for HTTP.
The supported configuration properties are:
HTTP/${HOSTNAME}@{REALM}
. The realm can be omitted from the
principal as the JDK GSS libraries will use the realm name of the configured default realm.
It does not have a default value.限定符和类型 | 字段和说明 |
---|---|
static String |
KEYTAB
Constant for the configuration property that indicates the keytab file path.
|
static String |
NAME_RULES
Constant for the configuration property that indicates the Kerberos name
rules for the Kerberos principals.
|
static String |
PRINCIPAL
Constant for the configuration property that indicates the kerberos principal.
|
static String |
TYPE
Constant that identifies the authentication mechanism.
|
构造器和说明 |
---|
KerberosAuthenticationHandler() |
限定符和类型 | 方法和说明 |
---|---|
AuthenticationToken |
authenticate(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
It enforces the the Kerberos SPNEGO authentication sequence returning an
AuthenticationToken only
after the Kerberos SPNEGO sequence has completed successfully. |
void |
destroy()
Releases any resources initialized by the authentication handler.
|
protected String |
getKeytab()
Returns the keytab used by the authentication handler.
|
protected String |
getPrincipal()
Returns the Kerberos principal used by the authentication handler.
|
String |
getType()
Returns the authentication type of the authentication handler, 'kerberos'.
|
void |
init(Properties config)
Initializes the authentication handler instance.
|
public static final String TYPE
public static final String PRINCIPAL
public static final String KEYTAB
public void init(Properties config) throws javax.servlet.ServletException
AuthenticationFilter.init(javax.servlet.FilterConfig)
method.init
在接口中 AuthenticationHandler
config
- configuration properties to initialize the handler.javax.servlet.ServletException
- thrown if the handler could not be initialized.public void destroy()
destroy
在接口中 AuthenticationHandler
public String getType()
getType
在接口中 AuthenticationHandler
protected String getPrincipal()
protected String getKeytab()
public AuthenticationToken authenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, AuthenticationException
AuthenticationToken
only
after the Kerberos SPNEGO sequence has completed successfully.
authenticate
在接口中 AuthenticationHandler
request
- the HTTP client request.response
- the HTTP client response.null
if it is in progress (in this case the handler handles the response to the client).IOException
- thrown if an IO error occurred.AuthenticationException
- thrown if Kerberos SPNEGO sequence failed.Copyright © 2009 The Apache Software Foundation