Skip to Content

Wiki source code of org.clazzes.login.adapter.http

Version 15.3 by Christoph Lechleitner on 2026-03-26 06.51:27
Show last authors
1 === {{id name="org.clazzes.login.adapter.http-HTTPLoginAdapter"/}}HTTP Login Adapter ===
2
3 The login-service-adapter {{code language="none"}}org.clazzes.login.adapter.http{{/code}} listens for providers of the ##[[DomainPasswordLoginService>>doc:LOGIN.DomainPasswordLoginService implementations and backends.WebHome]]## interface and exports them adapted as a ##[[HttpLoginService>>doc:GWTBASICS.GWT implementations of http-util HttpLoginService.HTTP login service.WebHome]]## (see [[https:~~/~~/svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java>>url:https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java||shape="rect"]]).
4
5 It is provided as an OSGi bundle, which may be activated by
6
7 (% class="code" %)
8 (((
9 obr:addurl http:~/~/maven.clazzes.org/repository.xml
10 obr:deploy http-login-adapter
11 )))
12
13 The maven artifact is:
14
15 (% class="code" %)
16 (((
17 <groupId>org.clazzes.login</groupId>
18 <artifactId>http-login-adapter</artifactId>
19 )))
20
21 URL of exported {{code language="none"}}DomainPasswordLoginService{{/code}}: {{code language="none"}}/http-login/<login.mechanism>/login{{/code}}
22 {{code language="none"}}<login.mechanism>{{/code}} beeing i.e. {{code language="none"}}org.clazzes.login.jaas{{/code}} for [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.jaas.WebHome]], ##o{{code language="none"}}rg.clazzes.login.l{{/code}}dap## from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.ldap.WebHome]], ##o{{code language="none"}}rg.clazzes.login.h{{/code}}ttp## from [[doc:LOGIN.DomainPasswordLoginService implementations and backends.org\.clazzes\.login\.http.WebHome]].
23 Older implementations may have not used the {{code language="none"}}org.clazzes.login.{{/code}} part, i.e. {{code language="none"}}jaas{{/code}} instead of {{code language="none"}}org.clazzes.login.jaas{{/code}} and so on.
24
25 Starting with version 1.2.0 of http-login-adapter, the timezone of the user logging in is determined via javascript and propagated to the server as the login time zone, when the configuration parameter {{code language="none"}}doTimeZoneDetection=true{{/code}} is set. The login timezone may be queried using HttpLoginServer.getTimeZone() or ThreadLocalManager.getLoginTimeZone() when using HttpCheckLoginInterceptor of http-aop-util-1.2.0 or later
26
27 === {{id name="org.clazzes.login.adapter.http-URLschemeandparameters"/}}URL scheme and parameters ===
28
29 The login time zone and/or login local may be overwritten using URL parameters to the login service like in the following examples:
30
31 (% class="wrapped" %)
32 |=(((
33 login URL
34 )))|=(((
35 remarks
36 )))
37 |(((
38 (% class="code" %)
39 (((
40 /http-login/<login.mechanism>/login?tz=America/Los_Angeles
41 )))
42 )))|(((
43 login with the browser's default locale and Los Angeles time zone
44 )))
45 |(((
46 (% class="code" %)
47 (((
48 /http-login/<login.mechanism>/login?tz=GMT+01:00&locale=fr
49 )))
50 )))|(((
51 login with a timezone with fixed offset and a french locale.
52 )))
53 |(((
54 (% class="code" %)
55 (((
56 /http-login/<login.mechanism>/login?locale=fr-CA
57 )))
58 )))|(((
59 login with a french canadian locale.
60 )))
61
62 === {{id name="org.clazzes.login.adapter.http-Testpad"/}}(% style="color:#000000; font-size:16.0px; line-height:1.5625" %)Testpad(%%) ===
63
64 There is a small testpad application to play with this adapter.
65
66 It is provided as an OSGi bundle, which may be activated by
67
68 (% class="code" %)
69 (((
70 obr:addurl http:~/~/maven.clazzes.org/repository.xml
71 obr:deploy http-login-testpad
72 )))
73
74 The maven artifact is:
75
76 (% class="code" %)
77 (((
78 <groupId>org.clazzes.login</groupId>
79 <artifactId>http-login-testpad</artifactId>
80 )))
81
82 === {{id name="org.clazzes.login.adapter.http-Configuration"/}}Configuration ===
83
84 The following configuration overview is valid as of version 1.3.0, which will be released around 2013-10-28.
85
86 (% class="wrapped" %)
87 |=(((
88 Name
89 )))|=(((
90 Description
91 )))
92 |(((
93 {{{doTimeZoneDetection}}}
94 )))|(((
95 Set to {{code language="none"}}true{{/code}} for multi-time-zone applications. Defaults to {{code language="none"}}false{{/code}}.
96 )))
97 |(((
98 (% class="p1" %)
99 {{{ephemeralOtpSeconds}}}
100 )))|(((
101 The lifetime of ephemeral tokens in seconds.
102 )))
103 |(((
104 {{{failureTimeout}}}
105 )))|(((
106 Delay penalty after bad login attempts, in {{code language="none"}}ms{{/code}}. Default to 500.
107 )))
108 |(((
109 (% class="p1" %)
110 {{{mailSender}}}
111 )))|(((
112 Mail address of the sender of mails for two-factor authentication containing an ephemeral token.
113 )))
114 |(((
115 {{{sameSitePolicy:}}}
116 )))|Set to Lax to lig
117 |(((
118 {{{secureCookie}}}
119 )))|(((
120 Wether to flag the session cookie as secure. Defaults to {{code language="none"}}false{{/code}}.
121 Set to {{code language="none"}}true{{/code}} for {{code language="none"}}https{{/code}}-only operations, which is highly recommended.
122 )))
123 |(((
124 {{{sessionCookie}}}
125 )))|(((
126 Name of session cookie. Defaults to {{code language="none"}}LOGIN_SESSION_ID{{/code}}.
127 )))
128 |(((
129 {{{sessionTimeout}}}
130 )))|(((
131 Session timeout in minutes. Defaults to {{code language="none"}}180{{/code}} (=3 hours).
132 )))
133 | |
134 |(((
135 (% class="p1" %)
136 {{{smsSender}}}
137 )))|(((
138 SMS sender number of SMSes for two-factor authentication containing an ephemeral token.
139 )))
140 | |