Changes for page org.clazzes.login.adapter.http
Last modified by Christoph Lechleitner on 2026-03-26 06.53:36
From version 10.1
edited by wolfgang_glas@iteg_at
on 2013-07-23 09.35:53
on 2013-07-23 09.35:53
Change comment:
There is no comment for this version
To version 15.1
edited by christoph_lechleitner@iteg_at
on 2022-06-10 04.18:33
on 2022-06-10 04.18:33
Change comment:
Clarification on login.mechanism
Summary
-
Page properties (2 modified, 0 added, 0 removed)
-
Objects (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. wolfgang_glas@iteg_at1 +XWiki.christoph_lechleitner@iteg_at - Content
-
... ... @@ -1,4 +1,4 @@ 1 -=== {{id name="org.clazzes.login.adapter.http-LoginAdapter"/}}Login Adapter === 1 +=== {{id name="org.clazzes.login.adapter.http-HTTPLoginAdapter"/}}HTTP Login Adapter === 2 2 3 3 The login-service-adapter {{code language="none"}}org.clazzes.login.adapter.http{{/code}} listens for providers of the ##[[DomainPasswordLoginService>>doc:LOGIN.DomainPasswordLoginService implementations and backends.WebHome]]## interface and exports them adapted as a ##[[HttpLoginService>>doc:GWTBASICS.GWT implementations of http-util HttpLoginService.HTTP login service.WebHome]]## (see [[https:~~/~~/svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java>>url:https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java||shape="rect"]]). 4 4 ... ... @@ -19,12 +19,16 @@ 19 19 ))) 20 20 21 21 URL of exported {{code language="none"}}DomainPasswordLoginService{{/code}}: {{code language="none"}}/http-login/<login.mechanism>/login{{/code}} 22 -<login.mechanism> beeing i.e. {{code language="none"}}jaas{{/code}} from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.jaas.WebHome]], {{code language="none"}}ldap{{/code}} from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.ldap.WebHome]], {{code language="none"}}http{{/code}} from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.http.WebHome]]. 22 +{{code language="none"}}<login.mechanism>{{/code}} beeing i.e. {{code language="none"}}org.clazzes.login.jaas{{/code}} for [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.jaas.WebHome]], ##o{{code language="none"}}rg.clazzes.login.l{{/code}}dap## from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.ldap.WebHome]], ##o{{code language="none"}}rg.clazzes.login.h{{/code}}ttp## from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.http.WebHome]]. 23 +Older implementations may have not used the {{code language="none"}}org.clazzes.login.{{/code}} part, i.e. {{code language="none"}}jaas{{/code}} instead of {{code language="none"}}org.clazzes.login.jaas{{/code}} and so on. 23 23 24 -Starting with version 1. 1.0 of http-login-adapter, the timezone of the user logging in is determined via javascript and propagated to the server as the login time zone, when the configuration parameter {{code language="none"}}doTimeZoneDetection=true{{/code}} is set. The login timezone may be queried using HttpLoginServer.getTimeZone() or ThreadLocalManager.getLoginTimeZone() when using HttpCheckLoginInterceptor of http-aop-util-1.2.0 or later25 +Starting with version 1.2.0 of http-login-adapter, the timezone of the user logging in is determined via javascript and propagated to the server as the login time zone, when the configuration parameter {{code language="none"}}doTimeZoneDetection=true{{/code}} is set. The login timezone may be queried using HttpLoginServer.getTimeZone() or ThreadLocalManager.getLoginTimeZone() when using HttpCheckLoginInterceptor of http-aop-util-1.2.0 or later 25 25 27 +=== {{id name="org.clazzes.login.adapter.http-URLschemeandparameters"/}}URL scheme and parameters === 28 + 26 26 The login time zone and/or login local may be overwritten using URL parameters to the login service like in the following examples: 27 27 31 +(% class="wrapped" %) 28 28 |=((( 29 29 login URL 30 30 )))|=((( ... ... @@ -36,27 +36,27 @@ 36 36 /http-login/<login.mechanism>/login?tz=America/Los_Angeles 37 37 ))) 38 38 )))|((( 39 - 43 +login with the browser's default locale and Los Angeles time zone 40 40 ))) 41 41 |((( 42 - 46 +(% class="code" %) 47 +((( 48 +/http-login/<login.mechanism>/login?tz=GMT+01:00&locale=fr 49 +))) 43 43 )))|((( 44 - 51 +login with a timezone with fixed offset and a french locale. 45 45 ))) 46 46 |((( 47 - 54 +(% class="code" %) 55 +((( 56 +/http-login/<login.mechanism>/login?locale=fr-CA 57 +))) 48 48 )))|((( 49 - 59 +login with a french canadian locale. 50 50 ))) 51 51 52 - \\62 +=== {{id name="org.clazzes.login.adapter.http-Testpad"/}}(% style="color: rgb(0,0,0);font-size: 16.0px;line-height: 1.5625;" %)Testpad(%%) === 53 53 54 -\\ 55 - 56 - 57 - 58 -=== {{id name="org.clazzes.login.adapter.http-Testpad"/}}Testpad === 59 - 60 60 There is a small testpad application to play with this adapter. 61 61 62 62 It is provided as an OSGi bundle, which may be activated by ... ... @@ -75,4 +75,57 @@ 75 75 <artifactId>http-login-testpad</artifactId> 76 76 ))) 77 77 78 - 82 +=== {{id name="org.clazzes.login.adapter.http-Configuration"/}}Configuration === 83 + 84 +The following configuration overview is valid as of version 1.3.0, which will be released around 2013-10-28. 85 + 86 +(% class="wrapped" %) 87 +|=((( 88 +Name 89 +)))|=((( 90 +Description 91 +))) 92 +|((( 93 +doTimeZoneDetection 94 +)))|((( 95 +Set to {{code language="none"}}true{{/code}} for multi-time-zone applications. Defaults to {{code language="none"}}false{{/code}}. 96 +))) 97 +|((( 98 +failureTimeout 99 +)))|((( 100 +Delay penalty after bad login attempts, in {{code language="none"}}ms{{/code}}. Default to 500. 101 +))) 102 +|((( 103 +secureCookie 104 +)))|((( 105 +Wether to flag the session cookie as secure. Defaults to {{code language="none"}}false{{/code}}. 106 +Set to {{code language="none"}}true{{/code}} for {{code language="none"}}https{{/code}}-only operations, which is highly recommended. 107 +))) 108 +|((( 109 +sessionCookie 110 +)))|((( 111 +Name of session cookie. Defaults to {{code language="none"}}LOGIN_SESSION_ID{{/code}}. 112 +))) 113 +|((( 114 +sessionTimeout 115 +)))|((( 116 +Session timeout in minutes. Defaults to {{code language="none"}}180{{/code}} (=3 hours). 117 +))) 118 +|((( 119 +(% class="p1" %) 120 +(% class="s1" %)mailSender 121 +)))|((( 122 +Mail address of the sender of mails for two-factor authentication containing an ephemeral token. 123 +))) 124 +|((( 125 +(% class="p1" %) 126 +(% class="s1" %)smsSender 127 +)))|((( 128 +SMS sender number of SMSes for two-factor authentication containing an ephemeral token. 129 +))) 130 +|((( 131 +(% class="p1" %) 132 +(% class="s1" %)ephemeralOtpSeconds 133 +)))|((( 134 +The lifetime of ephemeral tokens in seconds. 135 +)))
- Confluence.Code.ConfluencePageClass[0]
-
- Id
-
... ... @@ -1,1 +1,1 @@ 1 -688 9331 +688650 - URL
-
... ... @@ -1,1 +1,1 @@ 1 -https://clazzes.atlassian.net/wiki/spaces/LOGIN/pages/688 933/org.clazzes.login.adapter.http1 +https://clazzes.atlassian.net/wiki/spaces/LOGIN/pages/688650/org.clazzes.login.adapter.http