org.clazzes.login.adapter.http
HTTP Login Adapter
The login-service-adapter org.clazzes.login.adapter.http
listens for providers of the DomainPasswordLoginService
interface and exports them adapted as a HttpLoginService
(see https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java).
It is provided as an OSGi bundle, which may be activated by
obr:addurl http://maven.clazzes.org/repository.xml
obr:deploy http-login-adapter
The maven artifact is:
<groupId>org.clazzes.login</groupId>
<artifactId>http-login-adapter</artifactId>
URL of exported DomainPasswordLoginService
: /http-login/<login.mechanism>/login
<login.mechanism>
beeing i.e. org.clazzes.login.jaas
for org.clazzes.login.jaas, o
from org.clazzes.login.ldap, rg.clazzes.login.l
dapo
from org.clazzes.login.http.rg.clazzes.login.h
ttp
Older implementations may have not used the org.clazzes.login.
part, i.e. jaas
instead of org.clazzes.login.jaas
and so on.
Starting with version 1.2.0 of http-login-adapter, the timezone of the user logging in is determined via javascript and propagated to the server as the login time zone, when the configuration parameter doTimeZoneDetection=true
is set. The login timezone may be queried using HttpLoginServer.getTimeZone() or ThreadLocalManager.getLoginTimeZone() when using HttpCheckLoginInterceptor of http-aop-util-1.2.0 or later
URL scheme and parameters
The login time zone and/or login local may be overwritten using URL parameters to the login service like in the following examples:
login URL | remarks |
---|---|
/http-login/<login.mechanism>/login?tz=America/Los_Angeles | login with the browser's default locale and Los Angeles time zone |
/http-login/<login.mechanism>/login?tz=GMT+01:00&locale=fr | login with a timezone with fixed offset and a french locale. |
/http-login/<login.mechanism>/login?locale=fr-CA | login with a french canadian locale. |
Testpad
There is a small testpad application to play with this adapter.
It is provided as an OSGi bundle, which may be activated by
obr:addurl http://maven.clazzes.org/repository.xml
obr:deploy http-login-testpad
The maven artifact is:
<groupId>org.clazzes.login</groupId>
<artifactId>http-login-testpad</artifactId>
Configuration
The following configuration overview is valid as of version 1.3.0, which will be released around 2013-10-28.
Name | Description |
---|---|
doTimeZoneDetection | Set to true for multi-time-zone applications. Defaults to false . |
failureTimeout | Delay penalty after bad login attempts, in ms . Default to 500. |
secureCookie | Wether to flag the session cookie as secure. Defaults to false .Set to true for https -only operations, which is highly recommended. |
sessionCookie | Name of session cookie. Defaults to LOGIN_SESSION_ID . |
sessionTimeout | Session timeout in minutes. Defaults to 180 (=3 hours). |
mailSender | Mail address of the sender of mails for two-factor authentication containing an ephemeral token. |
smsSender | SMS sender number of SMSes for two-factor authentication containing an ephemeral token. |
ephemeralOtpSeconds | The lifetime of ephemeral tokens in seconds. |