| <!DOCTYPE html> |
| <!-- |
| | Generated by Apache Maven Doxia Site Renderer 1.8.1 |
| | Rendered using Apache Maven Fluido Skin 1.6 |
| --> |
| <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
| <head> |
| <meta charset="UTF-8" /> |
| <meta name="viewport" content="width=device-width, initial-scale=1.0" /> |
| <meta name="Date-Creation-yyyymmdd" content="20080930" /> |
| <meta http-equiv="Content-Language" content="en" /> |
| <title>Apache Redback – Development</title> |
| <link rel="stylesheet" href="../css/apache-maven-fluido-1.6.min.css" /> |
| <link rel="stylesheet" href="../css/site.css" /> |
| <link rel="stylesheet" href="../css/print.css" media="print" /> |
| <script type="text/javascript" src="../js/apache-maven-fluido-1.6.min.js"></script> |
| <!-- Google Analytics --> |
| <script type="text/javascript"> |
| var _gaq = _gaq || []; |
| _gaq.push(['_setAccount', 'UA-140879-5']); |
| _gaq.push(['_trackPageview']); |
| (function() { |
| var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; |
| ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; |
| var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); |
| })(); |
| </script> |
| </head> |
| <body class="topBarEnabled"> |
| <a href="https://github.com/apache/archiva-redback-core"> |
| <img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;" |
| src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png" |
| alt="Fork me on GitHub"> |
| </a> |
| <div id="topbar" class="navbar navbar-fixed-top "> |
| <div class="navbar-inner"> |
| <div class="container"><div class="nav-collapse"> |
| <ul class="nav"> |
| <li class="dropdown"> |
| <a href="#" class="dropdown-toggle" data-toggle="dropdown">Overview <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li><a href="../index.html" title="Introduction">Introduction</a></li> |
| <li><a href="../authentication.html" title="Authentication">Authentication</a></li> |
| <li><a href="../authorization.html" title="Authorization">Authorization</a></li> |
| <li><a href="../user-management.html" title="User Management">User Management</a></li> |
| <li><a href="../key-store.html" title="Key Stores">Key Stores</a></li> |
| <li><a href="../configuration.html" title="Configuration">Configuration</a></li> |
| <li class="dropdown-submenu"> |
| <a href="../rbac/introduction.html" title="Role Based Access Control">Role Based Access Control</a> |
| <ul class="dropdown-menu"> |
| <li><a href="../rbac/role-management.html" title="Role Management">Role Management</a></li> |
| </ul> |
| </li> |
| <li><a href="../integration/ldap.html" title="Ldap">Ldap</a></li> |
| <li><a href="../integration/rest.html" title="Rest">Rest</a></li> |
| <li class="dropdown-submenu"> |
| <a href="../" title="Module Documentation">Module Documentation</a> |
| <ul class="dropdown-menu"> |
| <li><a href="../core/" title="Release 2.6">Release 2.6</a></li> |
| <li><a href="../core/3.0.0-SNAPSHOT/" title="Dev 3.0.0-SNAPSHOT">Dev 3.0.0-SNAPSHOT</a></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| <li class="dropdown"> |
| <a href="#" class="dropdown-toggle" data-toggle="dropdown">Development <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li><a href="../development/extending-authn.html" title="Extending Redback Authentication">Extending Redback Authentication</a></li> |
| <li><a href="http://archiva.apache.org/redback/core" title="Redback Core">Redback Core</a></li> |
| </ul> |
| </li> |
| <li class="dropdown"> |
| <a href="#" class="dropdown-toggle" data-toggle="dropdown">ASF <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li><a href="http://www.apache.org/foundation/how-it-works.html" title="How Apache Works">How Apache Works</a></li> |
| <li><a href="http://www.apache.org/foundation/" title="Foundation">Foundation</a></li> |
| <li><a href="http://www.apache.org/foundation/sponsorship.html" title="Sponsoring Apache">Sponsoring Apache</a></li> |
| <li><a href="http://www.apache.org/foundation/thanks.html" title="Thanks">Thanks</a></li> |
| </ul> |
| </li> |
| <li class="dropdown"> |
| <a href="#" class="dropdown-toggle" data-toggle="dropdown">Project Documentation <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li class="dropdown-submenu"> |
| <a href="../project-info.html" title="Project Information">Project Information</a> |
| <ul class="dropdown-menu"> |
| <li><a href="../ci-management.html" title="CI Management">CI Management</a></li> |
| <li><a href="../mailing-lists.html" title="Mailing Lists">Mailing Lists</a></li> |
| <li><a href="../issue-management.html" title="Issue Management">Issue Management</a></li> |
| <li><a href="../licenses.html" title="Licenses">Licenses</a></li> |
| <li><a href="../team.html" title="Team">Team</a></li> |
| <li><a href="../scm.html" title="Source Code Management">Source Code Management</a></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| <form id="search-form" action="https://www.google.com/search" method="get" class="navbar-search pull-right" > |
| <input value="http://archiva.apache.org/redback" name="sitesearch" type="hidden"/> |
| <input class="search-query" name="q" id="query" type="text" /> |
| </form> |
| <script type="text/javascript">asyncJs( 'https://cse.google.com/brand?form=search-form' )</script> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="container"> |
| <div id="banner"> |
| <div class="pull-left"><a href="http://archiva.apache.org/redback" id="bannerLeft"><img src="../images/redback.jpg" alt="Redback"/></a></div> |
| <div class="pull-right"><a href="http://www.apache.org/" id="bannerRight"><img src="https://www.apache.org/images/asf_logo_wide_2016.png" alt="Apache Software Foundation"/></a></div> |
| <div class="clear"><hr/></div> |
| </div> |
| |
| <div id="breadcrumbs"> |
| <ul class="breadcrumb"> |
| <li class=""><a href="https://www.apache.org" class="externalLink" title="Apache">Apache</a><span class="divider">/</span></li> |
| <li class=""><a href="../../" title="Archiva">Archiva</a><span class="divider">/</span></li> |
| <li class=""><a href="../" title="Redback">Redback</a><span class="divider">/</span></li> |
| <li class="active ">Development</li> |
| <li id="publishDate" class="pull-right">Last Published: 2019-11-29</li> |
| </ul> |
| </div> |
| <div id="bodyColumn" > |
| <div class="section"> |
| <h2><a name="Extending_Redback_Authentication"></a>Extending Redback Authentication</h2> |
| <p>In order to accomodate the many authentication security services used in various applications, it is possible to to implement pluggable authentication providers in the Redback security system.</p> |
| <div class="section"> |
| <h3><a name="Requirements"></a>Requirements</h3> |
| <ul> |
| <li><tt>redback-authentication-api</tt> must be implemented |
| <ul> |
| <li>create an authentication implementation project under <tt>redback-authentication-providers</tt></li> |
| <li><tt>org.apache.archiva.redback.authentication.Authenticator</tt> must be implemented</li></ul></li> |
| <li><tt>redback-users-api</tt> must be implemented |
| <ul> |
| <li>create a user provider implementation project under <tt>redback-users-providers</tt></li> |
| <li><tt>org.apache.archiva.redback.users.User</tt> must be implemented</li> |
| <li><tt>org.apache.archiva.redback.users.UserManager</tt> must be implemented</li></ul></li> |
| <li>utility and wrapper classes can be implemented under <tt>redback-common</tt> |
| <ul> |
| <li>e.g. <tt>$redback/redback-common/redback-common-ldap</tt> contains the utility class <tt>org.apache.archiva.redback.common.ldap.LdapUtils</tt>, and the wrapper class <tt>org.apache.archiva.redback.common.ldap.user.LdapUser</tt></li> |
| <li>other essential classes may be placed here as well, such as the <tt>org.apache.archiva.redback.common.ldap.connection.LdapConnectionFactory</tt></li></ul></li></ul></div> |
| <div class="section"> |
| <h3><a name="Examples"></a>Examples</h3> |
| <div class="section"> |
| <h4><a name="Implementing_OpenId_.28OpenId_Homepage.29"></a>Implementing OpenId (<a class="externalLink" href="http://wiki.openid.net/">OpenId Homepage</a>)</h4> |
| <p>While OpenId may be directly integrated to the authentication point of the web application, another option is to implement the redback api.</p> |
| <p>Here is something to get started:</p> |
| <ul> |
| <li>create the provider project <tt>redback-authentication-openid</tt> |
| <ul> |
| <li>create the authenticator class, something like <tt>OpenIdAuthenticator</tt> that implements <tt>org.apache.archiva.redback.authentication.Authenticator</tt></li></ul></li> |
| <li>create the provider project <tt>redback-users-openid</tt> |
| <ul> |
| <li>implement <tt>org.apache.archiva.redback.users.User</tt>, something like <tt>OpenIdUser</tt> |
| <ul> |
| <li>OpenId supports only the principal/username and password fields, so use dummy/default values for the unsupported fields (email, fullname) in this case.</li></ul></li> |
| <li>implement <tt>org.apache.archiva.redback.users.UserManager</tt>, something like <tt>OpenIdUserManager</tt> |
| <ul> |
| <li>OpenId is a read-only authentication service, <tt>createUser()</tt>, <tt>updateUser()</tt>, <tt>deleteUser()</tt> may not be used</li></ul></li> |
| <li>various utility classes may be implemented in <tt>redback-common-openid</tt> |
| <ul> |
| <li><tt>OpenIdConfiguration</tt> may be used to encapsulate the following configuration properties (properties that may be specified in the <tt>security.properties</tt> file): |
| <ul> |
| <li><tt>openid.config.provider.url</tt>, where this is a url to one openid provider (support to many providers may come later, specified or via discovery, depending on the organization's security policy)</li></ul></li> |
| <li><tt>OpenIdUtils</tt> class, may be implemented to normalize the User-Supplied Identifier to an Identifier that the OpenId Provider understands, e.g. redback username ('<tt>johndoe</tt>') to OpenId url-like identifier ('<tt>http://johndoe.openidprovider.com</tt>')</li> |
| <li><tt>OpenIdAuthenticationException</tt> that implements <tt>org.apache.archiva.redback.authentication.AuthenticationException</tt></li> |
| <li><tt>OpenIdProviderFactory</tt> that takes the configuration from <tt>OpenIdConfiguration</tt></li> |
| <li><tt>OpenIdProvider</tt> is where the <tt>OpenIdUserManager</tt> can verify a user</li></ul></li></ul></li></ul></div></div></div> |
| </div> |
| </div> |
| <hr/> |
| <footer> |
| <div class="container"> |
| <div class="row"> |
| <div class="row span12">Apache Redback, Redback, Apache, the Apache feather logo, and the Apache Archiva project logos are trademarks of The Apache Software Foundation.</div> |
| <div class="row span12"> |
| <a href="https://archiva.apache.org/redback-site/privacy-policy.html">Privacy Policy</a> |
| </div> |
| </div> |
| <p id="poweredBy" class="pull-right"> <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"><img class="builtBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /></a> |
| </p> |
| <div id="ohloh" class="pull-right"> |
| <script type="text/javascript" src="https://www.ohloh.net/p/8659/widgets/project_thin_badge.js"></script> |
| </div> |
| </div> |
| </footer> |
| </body> |
| </html> |