Skip to Content
Last modified by Christoph Lechleitner on 2026-03-26 06.53:36
From version 1.1
edited by christoph_lechleitner@iteg_at
on 2012-10-04 02.31:33
Change comment: There is no comment for this version
To version 15.1
edited by christoph_lechleitner@iteg_at
on 2022-06-10 04.18:33
Change comment: Clarification on login.mechanism

Summary

Details

Page properties
Content
... ... @@ -1,6 +1,6 @@
1 -=== {{id name="org.clazzes.login.adapter.http-LoginAdapter"/}}Login Adapter ===
1 +=== {{id name="org.clazzes.login.adapter.http-HTTPLoginAdapter"/}}HTTP Login Adapter ===
2 2  
3 -The login-service-adapter {{code language="none"}}org.clazzes.login.adapter.http{{/code}} listens for providers of the ##[[DomainPasswordLoginService>>confluencePage:page:LOGIN.(HTTP)Login Service NG: DomainPasswordLoginService]]## interface and exports them adapted as a ##[[HttpLoginService>>confluencePage:page:LOGIN.HTTP login service]]## (see [[https:~~/~~/svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java>>url:https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java||shape="rect"]]).
3 +The login-service-adapter {{code language="none"}}org.clazzes.login.adapter.http{{/code}} listens for providers of the ##[[DomainPasswordLoginService>>doc:LOGIN.DomainPasswordLoginService implementations and backends.WebHome]]## interface and exports them adapted as a ##[[HttpLoginService>>doc:GWTBASICS.GWT implementations of http-util HttpLoginService.HTTP login service.WebHome]]## (see [[https:~~/~~/svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java>>url:https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java||shape="rect"]]).
4 4  
5 5  It is provided as an OSGi bundle, which may be activated by
6 6  
... ... @@ -19,10 +19,48 @@
19 19  )))
20 20  
21 21  URL of exported {{code language="none"}}DomainPasswordLoginService{{/code}}: {{code language="none"}}/http-login/<login.mechanism>/login{{/code}}
22 -<login.mechanism> beeing i.e. {{code language="none"}}jaas{{/code}} from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.jaas.WebHome]], {{code language="none"}}ldap{{/code}} from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.ldap.WebHome]], {{code language="none"}}http{{/code}} from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.http.WebHome]].
22 +{{code language="none"}}<login.mechanism>{{/code}} beeing i.e. {{code language="none"}}org.clazzes.login.jaas{{/code}} for [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.jaas.WebHome]], ##o{{code language="none"}}rg.clazzes.login.l{{/code}}dap## from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.ldap.WebHome]], ##o{{code language="none"}}rg.clazzes.login.h{{/code}}ttp## from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.http.WebHome]].
23 +Older implementations may have not used the {{code language="none"}}org.clazzes.login.{{/code}} part, i.e. {{code language="none"}}jaas{{/code}} instead of {{code language="none"}}org.clazzes.login.jaas{{/code}} and so on.
23 23  
24 -=== {{id name="org.clazzes.login.adapter.http-Testpad"/}}Testpad ===
25 +Starting with version 1.2.0 of http-login-adapter, the timezone of the user logging in is determined via javascript and propagated to the server as the login time zone, when the configuration parameter {{code language="none"}}doTimeZoneDetection=true{{/code}} is set. The login timezone may be queried using HttpLoginServer.getTimeZone() or ThreadLocalManager.getLoginTimeZone() when using HttpCheckLoginInterceptor of http-aop-util-1.2.0 or later
25 25  
27 +=== {{id name="org.clazzes.login.adapter.http-URLschemeandparameters"/}}URL scheme and parameters ===
28 +
29 +The login time zone and/or login local may be overwritten using URL parameters to the login service like in the following examples:
30 +
31 +(% class="wrapped" %)
32 +|=(((
33 +login URL
34 +)))|=(((
35 +remarks
36 +)))
37 +|(((
38 +(% class="code" %)
39 +(((
40 +/http-login/<login.mechanism>/login?tz=America/Los_Angeles
41 +)))
42 +)))|(((
43 +login with the browser's default locale and Los Angeles time zone
44 +)))
45 +|(((
46 +(% class="code" %)
47 +(((
48 +/http-login/<login.mechanism>/login?tz=GMT+01:00&locale=fr
49 +)))
50 +)))|(((
51 +login with a timezone with fixed offset and a french locale.
52 +)))
53 +|(((
54 +(% class="code" %)
55 +(((
56 +/http-login/<login.mechanism>/login?locale=fr-CA
57 +)))
58 +)))|(((
59 +login with a french canadian locale.
60 +)))
61 +
62 +=== {{id name="org.clazzes.login.adapter.http-Testpad"/}}(% style="color: rgb(0,0,0);font-size: 16.0px;line-height: 1.5625;" %)Testpad(%%) ===
63 +
26 26  There is a small testpad application to play with this adapter.
27 27  
28 28  It is provided as an OSGi bundle, which may be activated by
... ... @@ -41,4 +41,57 @@
41 41  <artifactId>http-login-testpad</artifactId>
42 42  )))
43 43  
44 -
82 +=== {{id name="org.clazzes.login.adapter.http-Configuration"/}}Configuration ===
83 +
84 +The following configuration overview is valid as of version 1.3.0, which will be released around 2013-10-28.
85 +
86 +(% class="wrapped" %)
87 +|=(((
88 +Name
89 +)))|=(((
90 +Description
91 +)))
92 +|(((
93 +doTimeZoneDetection
94 +)))|(((
95 +Set to {{code language="none"}}true{{/code}} for multi-time-zone applications. Defaults to {{code language="none"}}false{{/code}}.
96 +)))
97 +|(((
98 +failureTimeout
99 +)))|(((
100 +Delay penalty after bad login attempts, in {{code language="none"}}ms{{/code}}. Default to 500.
101 +)))
102 +|(((
103 +secureCookie
104 +)))|(((
105 +Wether to flag the session cookie as secure. Defaults to {{code language="none"}}false{{/code}}.
106 +Set to {{code language="none"}}true{{/code}} for {{code language="none"}}https{{/code}}-only operations, which is highly recommended.
107 +)))
108 +|(((
109 +sessionCookie
110 +)))|(((
111 +Name of session cookie. Defaults to {{code language="none"}}LOGIN_SESSION_ID{{/code}}.
112 +)))
113 +|(((
114 +sessionTimeout
115 +)))|(((
116 +Session timeout in minutes. Defaults to {{code language="none"}}180{{/code}} (=3 hours).
117 +)))
118 +|(((
119 +(% class="p1" %)
120 +(% class="s1" %)mailSender
121 +)))|(((
122 +Mail address of the sender of mails for two-factor authentication containing an ephemeral token.
123 +)))
124 +|(((
125 +(% class="p1" %)
126 +(% class="s1" %)smsSender
127 +)))|(((
128 +SMS sender number of SMSes for two-factor authentication containing an ephemeral token.
129 +)))
130 +|(((
131 +(% class="p1" %)
132 +(% class="s1" %)ephemeralOtpSeconds
133 +)))|(((
134 +The lifetime of ephemeral tokens in seconds.
135 +)))
Confluence.Code.ConfluencePageClass[0]
Id
... ... @@ -1,1 +1,1 @@
1 -688876
1 +688650
URL
... ... @@ -1,1 +1,1 @@
1 -https://clazzes.atlassian.net/wiki/spaces/LOGIN/pages/688876/org.clazzes.login.adapter.http
1 +https://clazzes.atlassian.net/wiki/spaces/LOGIN/pages/688650/org.clazzes.login.adapter.http