Class: Crowd::HTTP::SSO
- Inherits:
-
Object
- Object
- Crowd::HTTP::SSO
- Defined in:
- lib/crowd/http/sso.rb
Overview
This class is used to manage HTTP authentication. It is the fundamental class for web/SSO authentication integration. For most applications, using the following methods will be sufficient to achieve SSO:
- authenticate
-
authenticate a user
is_authenticated?
-
determine if a request is authenticated
- principal
-
retrieve the principal for an authenticated request
- logoff
-
sign the user out
Constant Summary collapse
- @@request =
nil
- @@response =
nil
Instance Method Summary collapse
-
#authenticate(username, password) ⇒ Object
Authenticate a remote user using SSO.
-
#client_properties ⇒ Object
Retrieve the underlying client properties used to communicate with the Crowd Security Server.
-
#is_authenticated? ⇒ Boolean
Tests whether a request is authenticated via SSO.
-
#logoff ⇒ Object
Log off the SSO authenticated user.
-
#principal(request) ⇒ Object
Attempts to retrive the principal from the request.
-
#principal_authentication_context(username, password) ⇒ Object
Generate a PrincipalAuthenticationContext object containing the provided username and password, and validation factors from the the request.
-
#principal_token=(token) ⇒ Object
Sets the underlying principal token.
-
#security_server_client ⇒ Object
Retrieve the underlying SecurityServerClient used to communicate with the Crowd Security Server.
-
#token(request) ⇒ Object
Retrieve the Crowd authentication token from the request.
-
#validation_factors ⇒ Object
Retrieves validation factors from the request { ‘USER_AGENT’ => “the User-Agent HTTP header”, ‘REMOTE_ADDRESS’ => “the source IP address of the HTTP request”, ‘X_FORWARDED_FOR’ => Original Address, if present and distinct from the REMOTE_ADDRESS }.
-
#verify_authentication(username, password, validation_factors = {}) ⇒ Object
Verifies the authentication of a principal’s username/password,.
Instance Method Details
#authenticate(username, password) ⇒ Object
Authenticate a remote user using SSO
49 50 |
# File 'lib/crowd/http/sso.rb', line 49 def authenticate(username, password) end |
#client_properties ⇒ Object
Retrieve the underlying client properties used to communicate with the Crowd Security Server.
17 18 |
# File 'lib/crowd/http/sso.rb', line 17 def client_properties end |
#is_authenticated? ⇒ Boolean
Tests whether a request is authenticated via SSO
44 45 |
# File 'lib/crowd/http/sso.rb', line 44 def is_authenticated? end |
#logoff ⇒ Object
Log off the SSO authenticated user. This will also effectively log them off from all SSO applications.
This will sign out an authenticated user by invalidating their SSO token and removing it from their cookies.
If the request is not authenticated, this method will have no effect and will not throw an exception.
90 91 |
# File 'lib/crowd/http/sso.rb', line 90 def logoff end |
#principal(request) ⇒ Object
Attempts to retrive the principal from the request.
34 35 |
# File 'lib/crowd/http/sso.rb', line 34 def principal(request) end |
#principal_authentication_context(username, password) ⇒ Object
Generate a PrincipalAuthenticationContext object containing the provided username and password, and validation factors from the the request.
98 99 |
# File 'lib/crowd/http/sso.rb', line 98 def principal_authentication_context(username, password) end |
#principal_token=(token) ⇒ Object
Sets the underlying principal token
29 30 |
# File 'lib/crowd/http/sso.rb', line 29 def principal_token=(token) end |
#security_server_client ⇒ Object
Retrieve the underlying SecurityServerClient used to communicate with the Crowd Security Server.
23 24 |
# File 'lib/crowd/http/sso.rb', line 23 def security_server_client end |
#token(request) ⇒ Object
Retrieve the Crowd authentication token from the request
39 40 |
# File 'lib/crowd/http/sso.rb', line 39 def token(request) end |
#validation_factors ⇒ Object
Retrieves validation factors from the request
'USER_AGENT' => "the User-Agent HTTP header",
'REMOTE_ADDRESS' => "the source IP address of the HTTP request",
'X_FORWARDED_FOR' => Original Address, if present and distinct from the REMOTE_ADDRESS
77 78 |
# File 'lib/crowd/http/sso.rb', line 77 def validation_factors end |
#verify_authentication(username, password, validation_factors = {}) ⇒ Object
Verifies the authentication of a principal’s username/password,
Without validation_factors, This performs an instant verification of username/password with the centralised user repository (Crowd Server).
Given a set of validation factors. This will authenticate the principal using the username and password provided, and will use the validation factors to generate an SSO token. This token can then be used by 3rd party systems to implement SSO or can be ignored to only provide centralised authentication.
NOTE: This method will not provide SSO functionality directly - use the authenticate
method instead.
67 68 |
# File 'lib/crowd/http/sso.rb', line 67 def verify_authentication(username, password, validation_factors = {}) end |