Changes for page org.clazzes.login.adapter.http
Last modified by Christoph Lechleitner on 2026-03-26 06.53:36
From version 15.1
edited by christoph_lechleitner@iteg_at
on 2022-06-10 04.18:33
on 2022-06-10 04.18:33
Change comment:
Clarification on login.mechanism
To version 15.2
edited by Christoph Lechleitner
on 2026-03-26 06.50:15
on 2026-03-26 06.50:15
Change comment:
Auto-saved during real-time collaboration
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki.c hristoph_lechleitner@iteg_at1 +XWiki.cl - Content
-
... ... @@ -1,6 +1,6 @@ 1 1 === {{id name="org.clazzes.login.adapter.http-HTTPLoginAdapter"/}}HTTP Login Adapter === 2 2 3 -The login-service-adapter {{code language="none"}}org.clazzes.login.adapter.http{{/code}} 3 +The login-service-adapter {{code language="none"}}org.clazzes.login.adapter.http{{/code}} listens for providers of the ##[[DomainPasswordLoginService>>doc:LOGIN.DomainPasswordLoginService implementations and backends.WebHome]]## interface and exports them adapted as a ##[[HttpLoginService>>doc:GWTBASICS.GWT implementations of http-util HttpLoginService.HTTP login service.WebHome]]## (see [[https:~~/~~/svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java>>url:https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java||shape="rect"]]). 4 4 5 5 It is provided as an OSGi bundle, which may be activated by 6 6 ... ... @@ -19,7 +19,7 @@ 19 19 ))) 20 20 21 21 URL of exported {{code language="none"}}DomainPasswordLoginService{{/code}}: {{code language="none"}}/http-login/<login.mechanism>/login{{/code}} 22 -{{code language="none"}}<login.mechanism>{{/code}} beeing i.e. {{code language="none"}}org.clazzes.login.jaas{{/code}} 22 +{{code language="none"}}<login.mechanism>{{/code}} beeing i.e. {{code language="none"}}org.clazzes.login.jaas{{/code}} for [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.jaas.WebHome]], ##o{{code language="none"}}rg.clazzes.login.l{{/code}}dap## from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.ldap.WebHome]], ##o{{code language="none"}}rg.clazzes.login.h{{/code}}ttp## from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.http.WebHome]]. 23 23 Older implementations may have not used the {{code language="none"}}org.clazzes.login.{{/code}} part, i.e. {{code language="none"}}jaas{{/code}} instead of {{code language="none"}}org.clazzes.login.jaas{{/code}} and so on. 24 24 25 25 Starting with version 1.2.0 of http-login-adapter, the timezone of the user logging in is determined via javascript and propagated to the server as the login time zone, when the configuration parameter {{code language="none"}}doTimeZoneDetection=true{{/code}} is set. The login timezone may be queried using HttpLoginServer.getTimeZone() or ThreadLocalManager.getLoginTimeZone() when using HttpCheckLoginInterceptor of http-aop-util-1.2.0 or later ... ... @@ -59,7 +59,7 @@ 59 59 login with a french canadian locale. 60 60 ))) 61 61 62 -=== {{id name="org.clazzes.login.adapter.http-Testpad"/}}(% style="color: rgb(0,0,0);font-size:;" %)Testpad(%%) ===62 +=== {{id name="org.clazzes.login.adapter.http-Testpad"/}}(% style="color:#000000; font-size:16.0px; line-height:1.5625" %)Testpad(%%) === 63 63 64 64 There is a small testpad application to play with this adapter. 65 65 ... ... @@ -90,46 +90,49 @@ 90 90 Description 91 91 ))) 92 92 |((( 93 -doTimeZoneDetection 93 +{{{doTimeZoneDetection}}} 94 94 )))|((( 95 95 Set to {{code language="none"}}true{{/code}} for multi-time-zone applications. Defaults to {{code language="none"}}false{{/code}}. 96 96 ))) 97 97 |((( 98 -failureTimeout 98 +(% class="p1" %) 99 +{{{ephemeralOtpSeconds}}} 99 99 )))|((( 101 +The lifetime of ephemeral tokens in seconds. 102 +))) 103 +|((( 104 +{{{failureTimeout}}} 105 +)))|((( 100 100 Delay penalty after bad login attempts, in {{code language="none"}}ms{{/code}}. Default to 500. 101 101 ))) 102 102 |((( 103 -secureCookie 109 +(% class="p1" %) 110 +{{{mailSender}}} 104 104 )))|((( 112 +Mail address of the sender of mails for two-factor authentication containing an ephemeral token. 113 +))) 114 +| | 115 +|((( 116 +{{{secureCookie}}} 117 +)))|((( 105 105 Wether to flag the session cookie as secure. Defaults to {{code language="none"}}false{{/code}}. 106 106 Set to {{code language="none"}}true{{/code}} for {{code language="none"}}https{{/code}}-only operations, which is highly recommended. 107 107 ))) 108 108 |((( 109 -sessionCookie 122 +{{{sessionCookie}}} 110 110 )))|((( 111 111 Name of session cookie. Defaults to {{code language="none"}}LOGIN_SESSION_ID{{/code}}. 112 112 ))) 113 113 |((( 114 -sessionTimeout 127 +{{{sessionTimeout}}} 115 115 )))|((( 116 116 Session timeout in minutes. Defaults to {{code language="none"}}180{{/code}} (=3 hours). 117 117 ))) 131 +| | 118 118 |((( 119 119 (% class="p1" %) 120 - (% class="s1" %)mailSender134 +{{{smsSender}}} 121 121 )))|((( 122 -Mail address of the sender of mails for two-factor authentication containing an ephemeral token. 123 -))) 124 -|((( 125 -(% class="p1" %) 126 -(% class="s1" %)smsSender 127 -)))|((( 128 128 SMS sender number of SMSes for two-factor authentication containing an ephemeral token. 129 129 ))) 130 -|((( 131 -(% class="p1" %) 132 -(% class="s1" %)ephemeralOtpSeconds 133 -)))|((( 134 -The lifetime of ephemeral tokens in seconds. 135 -))) 138 +| |