|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.lucene.gdata.server.authentication.BlowfishAuthenticationController
public class BlowfishAuthenticationController
A
AuthenticationController
implmentation using a Blowfish algorithmn to en/decrpyt the
authentification token. The Blowfish algorithmn enables a stateless
authetication of the client. The token contains all information to
authenticate the client on possible other hosts.
The token contains the first 32 bit of the client ip (e.g. 192.168.0),
account name, GDataAccount.AccountRole
and the cration time as a timestamp. The timestamp will be checked on every
subsequent request. If the timestamp plus the configured timeout is less
than the current time the client has to reauthenticate again.
The auth token returned by the
authenticatAccount(GDataAccount, String)
method is a BASE64 encoded string.
Cipher
,
BASE64Encoder
,
BASE64Decoder
Field Summary |
---|
Fields inherited from interface org.apache.lucene.gdata.server.authentication.AuthenticationController |
---|
ACCOUNT_PARAMETER, APPLICATION_PARAMETER, AUTHORIZATION_HEADER, PASSWORD_PARAMETER, SERVICE_PARAMETER, TOKEN_KEY |
Constructor Summary | |
---|---|
BlowfishAuthenticationController()
|
Method Summary | |
---|---|
String |
authenticatAccount(GDataAccount account,
String requestIp)
Creates a authentication token for the given account. |
boolean |
authenticateToken(String token,
String requestIp,
GDataAccount.AccountRole role,
String accountName)
Authenticates the given auth token and checks the given parameter for matching the information contained inside the token. |
protected String |
calculateAuthToken(String ipAddress,
String role,
String accountName)
|
protected String |
deCryptAuthToken(String authToken)
|
void |
destroy()
will be called when the registry is going down e.g. |
String |
getKey()
|
int |
getLoginTimeout()
|
void |
initialize()
will be call when the component is registered. |
void |
setKey(String key)
|
void |
setLoginTimeout(int minuteOffset)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public BlowfishAuthenticationController()
Method Detail |
---|
public void initialize()
ServerComponent
initialize
in interface ServerComponent
ServerComponent.initialize()
public String authenticatAccount(GDataAccount account, String requestIp)
AuthenticationController
authenticatAccount
in interface AuthenticationController
account
- -
the account to create the token forrequestIp
- -
the clients request ip address
AuthenticationController.authenticatAccount(org.apache.lucene.gdata.data.GDataAccount,
java.lang.String)
public boolean authenticateToken(String token, String requestIp, GDataAccount.AccountRole role, String accountName)
AuthenticationController
if the given account name is null
the authentication will
ignore the account name and the decision whether the token is valid or
not will be based on the given role compared to the role inside the token
authenticateToken
in interface AuthenticationController
token
- -
the token to authenticaterequestIp
- -
the client request IP addressrole
- -
the required roleaccountName
- -
the name of the account
true
if the given values match the values inside
the token and if the timestamp plus the configured timeout is
greater than the current time, if one of the values does not
match or the token has timed out it will return
false
AuthenticationController.authenticateToken(java.lang.String,
java.lang.String,
org.apache.lucene.gdata.data.GDataAccount.AccountRole,
java.lang.String)
protected String calculateAuthToken(String ipAddress, String role, String accountName) throws IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException
IllegalBlockSizeException
BadPaddingException
UnsupportedEncodingException
protected String deCryptAuthToken(String authToken) throws IOException, IllegalBlockSizeException, BadPaddingException
IOException
IllegalBlockSizeException
BadPaddingException
public int getLoginTimeout()
public void setLoginTimeout(int minuteOffset)
minuteOffset
- The minuteOffset to set.public String getKey()
public void setKey(String key)
key
- The key to set.public void destroy()
ServerComponent
GDataServerRegistry.destroy()
method is called.
destroy
in interface ServerComponent
ServerComponent.destroy()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |