cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache CXF > Fediz Extensions
Date Wed, 24 Oct 2012 20:06:00 GMT
<html>
<head>
    <base href="https://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/2042/9/15/_/styles/combined.css?spaceKey=CXF&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="https://cwiki.apache.org/confluence/display/CXF/Fediz+Extensions">Fediz
Extensions</a></h2>
    <h4>Page <b>edited</b> by             <a href="https://cwiki.apache.org/confluence/display/~owulff@apache.org">Oliver
Wulff</a>
    </h4>
        <br/>
                         <h4>Changes (2)</h4>
                                 
    
<div id="page-diffs">
                    <table class="diff" cellpadding="0" cellspacing="0">
    
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >h3. Callback Handler <br> <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">The
redirect URL to the IDP can contain several query parameters to customize the sign in process.
Some parameters are configured statically in the [Fediz configuration file|Fediz Configuration]
some others can be resolved at runtime when the initial request is received by the Fediz plugin.
<br> <br>The following table gives an overview of the XML element name in the
Fediz configuration file, the query parameter name of the sign-in request to the IDP as well
as the Callback class. <br> <br>||XML element ||Query parameter ||Callback class
||Since version|| <br>| authenticationType | wauth | WAuthCallback | 1.0.0 | <br>|
homeRealm | whr | HomeRealmCallback | 1.0.0 | <br>| issuer | N.A. | IDPCallback | 1.0.0
| <br>| freshness | wfresh | FreshnessCallback | 1.0.2 |  <br> <br>If you
configure a class which implements the interface {{javax.security.auth.callback.CallbackHandler}}
you get the corresponding Callback object where you must set the value which is then added
to the query parameter. The Callback object provides the {{HttpServletRequest}} object which
might give you the required information to resolve the value. <br> <br>Here is
a snippet of the configuration to configure a CallbackHandler: <br> <br>{code}
<br>... <br>        &lt;protocol xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot;
xsi:type=&quot;federationProtocolType&quot; version=&quot;1.2&quot;&gt;
<br>            ... <br>            &lt;homeRealm type=&quot;Class&quot;
value=&quot;MyCallbackHandler &quot; /&gt; <br>            ... <br>
       &lt;/protocol&gt; <br>... <br>{code} <br> <br>And a
sample implementation of the CallbackHandler: <br> <br>{code} <br>public
class MyCallbackHandler implements CallbackHandler { <br> <br>    public void
handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { <br>
       for (int i = 0; i &lt; callbacks.length; i++) { <br>            if (callbacks[i]
instanceof HomeRealmCallback) { <br>                HomeRealmCallback callback = (HomeRealmCallback)
callbacks[i]; <br>                HttpServletRequest request = callback.getRequest();
<br>                String homeRealm = ... <br>                callback.setHomeRealm(homeRealm);
<br>            } else { <br>                throw new UnsupportedCallbackException(callbacks[i],
&quot;Unrecognized Callback&quot;); <br>            } <br>        } <br>
   } <br>} <br>{code} <br> <br> <br></td></tr>
            <tr><td class="diff-unchanged" >h3. Custom Token Validator <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">
<br>todo <br></td></tr>
    
            </table>
    </div>                            <h4>Full Content</h4>
                    <div class="notificationGreySide">
        <h1><a name="FedizExtensions-FedizExtensions"></a>Fediz Extensions</h1>
<p>This page describes the extension points in Fediz to enrich its functionality further.</p>

<h3><a name="FedizExtensions-CallbackHandler"></a>Callback Handler</h3>

<p>The redirect URL to the IDP can contain several query parameters to customize the
sign in process. Some parameters are configured statically in the <a href="/confluence/display/CXF/Fediz+Configuration"
title="Fediz Configuration">Fediz configuration file</a> some others can be resolved
at runtime when the initial request is received by the Fediz plugin.</p>

<p>The following table gives an overview of the XML element name in the Fediz configuration
file, the query parameter name of the sign-in request to the IDP as well as the Callback class.</p>

<div class='table-wrap'>
<table class='confluenceTable'><tbody>
<tr>
<th class='confluenceTh'>XML element </th>
<th class='confluenceTh'>Query parameter </th>
<th class='confluenceTh'>Callback class </th>
<th class='confluenceTh'>Since version</th>
</tr>
<tr>
<td class='confluenceTd'> authenticationType </td>
<td class='confluenceTd'> wauth </td>
<td class='confluenceTd'> WAuthCallback </td>
<td class='confluenceTd'> 1.0.0 </td>
</tr>
<tr>
<td class='confluenceTd'> homeRealm </td>
<td class='confluenceTd'> whr </td>
<td class='confluenceTd'> HomeRealmCallback </td>
<td class='confluenceTd'> 1.0.0 </td>
</tr>
<tr>
<td class='confluenceTd'> issuer </td>
<td class='confluenceTd'> N.A. </td>
<td class='confluenceTd'> IDPCallback </td>
<td class='confluenceTd'> 1.0.0 </td>
</tr>
<tr>
<td class='confluenceTd'> freshness </td>
<td class='confluenceTd'> wfresh </td>
<td class='confluenceTd'> FreshnessCallback </td>
<td class='confluenceTd'> 1.0.2 </td>
</tr>
</tbody></table>
</div>


<p>If you configure a class which implements the interface <tt>javax.security.auth.callback.CallbackHandler</tt>
you get the corresponding Callback object where you must set the value which is then added
to the query parameter. The Callback object provides the <tt>HttpServletRequest</tt>
object which might give you the required information to resolve the value.</p>

<p>Here is a snippet of the configuration to configure a CallbackHandler:</p>

<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-java">
...
        &lt;protocol xmlns:xsi=<span class="code-quote">"http:<span class="code-comment">//www.w3.org/2001/XMLSchema-instance"</span>
xsi:type=<span class="code-quote">"federationProtocolType"</span> version=<span
class="code-quote">"1.2"</span>&gt;
</span>            ...
            &lt;homeRealm type=<span class="code-quote">"<span class="code-object">Class</span>"</span>
value=<span class="code-quote">"MyCallbackHandler "</span> /&gt;
            ...
        &lt;/protocol&gt;
...
</pre>
</div></div>

<p>And a sample implementation of the CallbackHandler:</p>

<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-java">
<span class="code-keyword">public</span> class MyCallbackHandler <span class="code-keyword">implements</span>
CallbackHandler {
    
    <span class="code-keyword">public</span> void handle(Callback[] callbacks)
<span class="code-keyword">throws</span> IOException, UnsupportedCallbackException
{
        <span class="code-keyword">for</span> (<span class="code-object">int</span>
i = 0; i &lt; callbacks.length; i++) {
            <span class="code-keyword">if</span> (callbacks[i] <span class="code-keyword">instanceof</span>
HomeRealmCallback) {
                HomeRealmCallback callback = (HomeRealmCallback) callbacks[i];
                HttpServletRequest request = callback.getRequest();
                <span class="code-object">String</span> homeRealm = ...
                callback.setHomeRealm(homeRealm);
            } <span class="code-keyword">else</span> {
                <span class="code-keyword">throw</span> <span class="code-keyword">new</span>
UnsupportedCallbackException(callbacks[i], <span class="code-quote">"Unrecognized Callback"</span>);
            }
        }
    }
}
</pre>
</div></div>


<h3><a name="FedizExtensions-CustomTokenValidator"></a>Custom Token Validator</h3>

<p>todo</p>

    </div>
        <div id="commentsSection" class="wiki-content pageSection">
        <div style="float: right;">
            <a href="https://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
        </div>
        <a href="https://cwiki.apache.org/confluence/display/CXF/Fediz+Extensions">View
Online</a>
        |
        <a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=27848884&revisedVersion=2&originalVersion=1">View
Changes</a>
                |
        <a href="https://cwiki.apache.org/confluence/display/CXF/Fediz+Extensions?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
            </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message