|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface LtpaTokenCredential
Credential for authenticating at a back-end system that is within the same WebSphere SSO-Domain as the portal. This Credential can be used to establish an authenticated outbound URL connection by associating the users existing Ltpa cookie to that connection.
The Ltpa token credential can be retrieved via the vault service through
Alternative the Ltpa token credential can be created by:CredentialVaultService.getLTPATokenCredential(String slotId, Map config, javax.portlet.PortletRequest request)
whereslotId = com.ibm.portal.portlet.service.credentialvault.CredentialVaultService.PREDEFINED_SLOT_USER_JAAS_SUBJECT;
CredentialFactory.createCredential(CredentialTypes.LTPA_TOKEN)
;CredentialFactory
init(Map config)
methodgetAuthenticatedConnection()
in order to get an URLConnection with the current Ltpa token(s) associatedWarning 2:
This code does not respect the Secure
attribute (as defiend by RFC 2109) of the Ltpa cookie(s). Therefore, the code
that uses the Ltpa token credential is responsible for deciding whether it is okay to send the token over unencrypted HTTP connections.
Preconditions:
See init(Map config)
Field Summary | |
---|---|
static java.lang.String |
HTTP_SERVLET_REQUEST
Deprecated. The incomming HTTP request. |
static java.lang.String |
LTPA_TOKEN_TYPE
Deprecated. The name of the parameter in the VaultService.properties file to get the Ltpa Token configuration. |
static java.lang.String |
LTPA_TOKEN_TYPE_VALUE_BOTH
Deprecated. Constant indicating that both the old style Ltpa token and the Ltpa2 token are available. |
static java.lang.String |
LTPA_TOKEN_TYPE_VALUE_DEFAULT
Deprecated. Constant indicating that default configuration is used, which means that exaclty those Ltpa tokens available on the incomming request are forwarded. |
static java.lang.String |
LTPA_TOKEN_TYPE_VALUE_LTPA_ONLY
Deprecated. Constant indicating that only the old style Ltpa token is configured. |
static java.lang.String |
LTPA_TOKEN_TYPE_VALUE_LTPA2_ONLY
Deprecated. Constant indicating that only the Ltpa2 token is configured. |
Fields inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.Credential |
---|
KEY_CREDENTIAL_SECRET |
Method Summary | |
---|---|
java.net.HttpURLConnection |
getAuthenticatedConnection(java.lang.String url)
Deprecated. Returns a new HttpURLConnection with added authentication data. |
java.net.HttpURLConnection |
getAuthenticatedConnection(java.net.URL url)
Deprecated. Returns a new Http Url connection with added authentication data. |
void |
init(java.util.Map<java.lang.String,java.lang.Object> config)
Deprecated. Initializes a new LtpaToken credential. |
Methods inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.JaasSubjectCredential |
---|
getSecretType |
Methods inherited from interface com.ibm.portal.portlet.service.credentialvault.credentials.ActiveCredential |
---|
isActive |
Field Detail |
---|
static final java.lang.String LTPA_TOKEN_TYPE
static final java.lang.String LTPA_TOKEN_TYPE_VALUE_LTPA_ONLY
static final java.lang.String LTPA_TOKEN_TYPE_VALUE_LTPA2_ONLY
static final java.lang.String LTPA_TOKEN_TYPE_VALUE_DEFAULT
static final java.lang.String LTPA_TOKEN_TYPE_VALUE_BOTH
static final java.lang.String HTTP_SERVLET_REQUEST
Method Detail |
---|
void init(java.util.Map<java.lang.String,java.lang.Object> config) throws CredentialVaultException
init
in interface Credential
init
in interface JaasSubjectCredential
config
- The configuration needed to initialize this credential:
CredentialSecretFactory
LTPA_TOKEN_TYPE_VALUE_DEFAULT
here, which means forward exaclty those Ltpa tokens available
on the incomming request. It is also possible to propagate only the Ltpa or only the Ltpa2 token or both tokens. The corresponding values
are represented by the constants: LTPA_TOKEN_TYPE_VALUE_LTPA_ONLY
,
LTPA_TOKEN_TYPE_VALUE_LTPA2_ONLY
, and LTPA_TOKEN_TYPE_VALUE_BOTH
(mandatory)
CredentialVaultException
- If any mandatory parameter is missing or has a wrong object type as value.java.net.HttpURLConnection getAuthenticatedConnection(java.net.URL url) throws java.io.IOException
getAuthenticatedConnection
in interface JaasSubjectCredential
url
- The target URL for the connection. Note that it need not be opened yet.
java.io.IOException
- thrown if anything unexpected happenedjava.net.HttpURLConnection getAuthenticatedConnection(java.lang.String url) throws java.io.IOException
getAuthenticatedConnection
in interface JaasSubjectCredential
url
- The target URL for the connection
java.io.IOException
- thrown if anything unexpected happened.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |