redback/development/extending-authn.html

<!DOCTYPE html>
<!--
 | Generated by Apache Maven Doxia Site Renderer 1.8.1 
 | Rendered using Apache Maven Fluido Skin 1.6
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
  <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <meta name="Date-Creation-yyyymmdd" content="20080930" />
    <meta http-equiv="Content-Language" content="en" />
    <title>Apache Redback &#x2013; Development</title>
    <link rel="stylesheet" href="../css/apache-maven-fluido-1.6.min.css" />
    <link rel="stylesheet" href="../css/site.css" />
    <link rel="stylesheet" href="../css/print.css" media="print" />
      <script type="text/javascript" src="../js/apache-maven-fluido-1.6.min.js"></script>
      <!-- Google Analytics -->
    <script type="text/javascript">
      var _gaq = _gaq || [];
      _gaq.push(['_setAccount', 'UA-140879-5']);
      _gaq.push(['_trackPageview']);
      (function() {
        var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
        ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
        var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
      })();
    </script>
      </head>
    <body class="topBarEnabled">
                      <a href="https://github.com/apache/archiva-redback-core">
      <img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
        src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
        alt="Fork me on GitHub">
    </a>
      <div id="topbar" class="navbar navbar-fixed-top ">
      <div class="navbar-inner">
            <div class="container"><div class="nav-collapse">
            <ul class="nav">
        <li class="dropdown">
        <a href="#" class="dropdown-toggle" data-toggle="dropdown">Overview <b class="caret"></b></a>
        <ul class="dropdown-menu">
            <li><a href="../index.html" title="Introduction">Introduction</a></li>
            <li><a href="../authentication.html" title="Authentication">Authentication</a></li>
            <li><a href="../authorization.html" title="Authorization">Authorization</a></li>
            <li><a href="../user-management.html" title="User Management">User Management</a></li>
            <li><a href="../key-store.html" title="Key Stores">Key Stores</a></li>
            <li><a href="../configuration.html" title="Configuration">Configuration</a></li>
            <li class="dropdown-submenu">
<a href="../rbac/introduction.html" title="Role Based Access Control">Role Based Access Control</a>
              <ul class="dropdown-menu">
                  <li><a href="../rbac/role-management.html" title="Role Management">Role Management</a></li>
              </ul>
            </li>
            <li><a href="../integration/ldap.html" title="Ldap">Ldap</a></li>
            <li><a href="../integration/rest.html" title="Rest">Rest</a></li>
            <li class="dropdown-submenu">
<a href="../" title="Module Documentation">Module Documentation</a>
              <ul class="dropdown-menu">
                  <li><a href="../core/${archivaReleaseVersion}/" title="Release 2.6">Release 2.6</a></li>
                  <li><a href="../core/${archivaCurrentDevVersion}/" title="Dev 3.0.0-SNAPSHOT">Dev 3.0.0-SNAPSHOT</a></li>
              </ul>
            </li>
        </ul>
      </li>
        <li class="dropdown">
        <a href="#" class="dropdown-toggle" data-toggle="dropdown">Development <b class="caret"></b></a>
        <ul class="dropdown-menu">
            <li><a href="../development/extending-authn.html" title="Extending Redback Authentication">Extending Redback Authentication</a></li>
            <li><a href="http://archiva.apache.org/redback/core" title="Redback Core">Redback Core</a></li>
        </ul>
      </li>
          <li class="dropdown">
        <a href="#" class="dropdown-toggle" data-toggle="dropdown">ASF <b class="caret"></b></a>
        <ul class="dropdown-menu">
            <li><a href="http://www.apache.org/foundation/how-it-works.html" title="How Apache Works">How Apache Works</a></li>
            <li><a href="http://www.apache.org/foundation/" title="Foundation">Foundation</a></li>
            <li><a href="http://www.apache.org/foundation/sponsorship.html" title="Sponsoring Apache">Sponsoring Apache</a></li>
            <li><a href="http://www.apache.org/foundation/thanks.html" title="Thanks">Thanks</a></li>
        </ul>
      </li>
        <li class="dropdown">
        <a href="#" class="dropdown-toggle" data-toggle="dropdown">Project Documentation <b class="caret"></b></a>
        <ul class="dropdown-menu">
            <li class="dropdown-submenu">
<a href="../project-info.html" title="Project Information">Project Information</a>
              <ul class="dropdown-menu">
                  <li><a href="../ci-management.html" title="CI Management">CI Management</a></li>
                  <li><a href="../mailing-lists.html" title="Mailing Lists">Mailing Lists</a></li>
                  <li><a href="../issue-management.html" title="Issue Management">Issue Management</a></li>
                  <li><a href="../licenses.html" title="Licenses">Licenses</a></li>
                  <li><a href="../team.html" title="Team">Team</a></li>
                  <li><a href="../scm.html" title="Source Code Management">Source Code Management</a></li>
              </ul>
            </li>
        </ul>
      </li>
              </ul>
<form id="search-form" action="https://www.google.com/search" method="get"  class="navbar-search pull-right" >
      <input value="http://archiva.apache.org/redback" name="sitesearch" type="hidden"/>
  <input class="search-query" name="q" id="query" type="text" />
</form>
<script type="text/javascript">asyncJs( 'https://cse.google.com/brand?form=search-form' )</script>
                    </div>
        </div>
      </div>
    </div>
    <div class="container">
      <div id="banner">
        <div class="pull-left"><a href="http://archiva.apache.org/redback" id="bannerLeft"><img src="../images/redback.jpg"  alt="Redback"/></a></div>
        <div class="pull-right"><a href="http://www.apache.org/" id="bannerRight"><img src="https://www.apache.org/images/asf_logo_wide_2016.png"  alt="Apache Software Foundation"/></a></div>
        <div class="clear"><hr/></div>
      </div>

      <div id="breadcrumbs">
        <ul class="breadcrumb">
        <li class=""><a href="https://www.apache.org" class="externalLink" title="Apache">Apache</a><span class="divider">/</span></li>
      <li class=""><a href="../../" title="Archiva">Archiva</a><span class="divider">/</span></li>
      <li class=""><a href="../" title="Redback">Redback</a><span class="divider">/</span></li>
    <li class="active ">Development</li>
        <li id="publishDate" class="pull-right">Last Published: 2019-11-29</li>
        </ul>
      </div>
        <div id="bodyColumn" >
<div class="section">
<h2><a name="Extending_Redback_Authentication"></a>Extending Redback Authentication</h2>
<p>In order to accomodate the many authentication security services used in various applications, it is possible to to implement pluggable authentication providers in the Redback security system.</p>
<div class="section">
<h3><a name="Requirements"></a>Requirements</h3>
<ul>
<li><tt>redback-authentication-api</tt> must be implemented
<ul>
<li>create an authentication implementation project under <tt>redback-authentication-providers</tt></li>
<li><tt>org.apache.archiva.redback.authentication.Authenticator</tt> must be implemented</li></ul></li>
<li><tt>redback-users-api</tt> must be implemented
<ul>
<li>create a user provider implementation project under <tt>redback-users-providers</tt></li>
<li><tt>org.apache.archiva.redback.users.User</tt> must be implemented</li>
<li><tt>org.apache.archiva.redback.users.UserManager</tt> must be implemented</li></ul></li>
<li>utility and wrapper classes can be implemented under <tt>redback-common</tt>
<ul>
<li>e.g. <tt>$redback/redback-common/redback-common-ldap</tt> contains the utility class <tt>org.apache.archiva.redback.common.ldap.LdapUtils</tt>, and the wrapper class <tt>org.apache.archiva.redback.common.ldap.user.LdapUser</tt></li>
<li>other essential classes may be placed here as well, such as the <tt>org.apache.archiva.redback.common.ldap.connection.LdapConnectionFactory</tt></li></ul></li></ul></div>
<div class="section">
<h3><a name="Examples"></a>Examples</h3>
<div class="section">
<h4><a name="Implementing_OpenId_.28OpenId_Homepage.29"></a>Implementing OpenId (<a class="externalLink" href="http://wiki.openid.net/">OpenId Homepage</a>)</h4>
<p>While OpenId may be directly integrated to the authentication point of the web application, another option is to implement the redback api.</p>
<p>Here is something to get started:</p>
<ul>
<li>create the provider project <tt>redback-authentication-openid</tt>
<ul>
<li>create the authenticator class, something like <tt>OpenIdAuthenticator</tt> that implements <tt>org.apache.archiva.redback.authentication.Authenticator</tt></li></ul></li>
<li>create the provider project <tt>redback-users-openid</tt>
<ul>
<li>implement <tt>org.apache.archiva.redback.users.User</tt>, something like <tt>OpenIdUser</tt>
<ul>
<li>OpenId supports only the principal/username and password fields, so use dummy/default values for the unsupported fields (email, fullname) in this case.</li></ul></li>
<li>implement <tt>org.apache.archiva.redback.users.UserManager</tt>, something like <tt>OpenIdUserManager</tt>
<ul>
<li>OpenId is a read-only authentication service, <tt>createUser()</tt>, <tt>updateUser()</tt>, <tt>deleteUser()</tt> may not be used</li></ul></li>
<li>various utility classes may be implemented in <tt>redback-common-openid</tt>
<ul>
<li><tt>OpenIdConfiguration</tt> may be used to encapsulate the following configuration properties (properties that may be specified in the <tt>security.properties</tt> file):
<ul>
<li><tt>openid.config.provider.url</tt>, where this is a url to one openid provider (support to many providers may come later, specified or via discovery, depending on the organization's security policy)</li></ul></li>
<li><tt>OpenIdUtils</tt> class, may be implemented to normalize the User-Supplied Identifier to an Identifier that the OpenId Provider understands, e.g. redback username ('<tt>johndoe</tt>') to OpenId url-like identifier ('<tt>http://johndoe.openidprovider.com</tt>')</li>
<li><tt>OpenIdAuthenticationException</tt> that implements <tt>org.apache.archiva.redback.authentication.AuthenticationException</tt></li>
<li><tt>OpenIdProviderFactory</tt> that takes the configuration from <tt>OpenIdConfiguration</tt></li>
<li><tt>OpenIdProvider</tt> is where the <tt>OpenIdUserManager</tt> can verify a user</li></ul></li></ul></li></ul></div></div></div>
        </div>
    </div>
    <hr/>
    <footer>
      <div class="container">
        <div class="row">
<div class="row span12">Apache Redback, Redback, Apache, the Apache feather logo, and the Apache Archiva project logos are trademarks of The Apache Software Foundation.</div>
      <div class="row span12">
        <a href="https://archiva.apache.org/redback-site/privacy-policy.html">Privacy Policy</a>
      </div>
        </div>
        <p id="poweredBy" class="pull-right">  <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"><img class="builtBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /></a>
  </p>
                          <div id="ohloh" class="pull-right">
      <script type="text/javascript" src="https://www.ohloh.net/p/8659/widgets/project_thin_badge.js"></script>
    </div>
        </div>
    </footer>
    </body>
</html>