org.aselect.server.authspprotocol.handler
Class PKI
java.lang.Object
org.aselect.server.authspprotocol.handler.PKI
- All Implemented Interfaces:
- IAuthSPProtocolHandler
public class PKI
- extends java.lang.Object
- implements IAuthSPProtocolHandler
The PKI AuthSP Handler.
Description:
The PKI AuthSP Handler communicates with the PKI AuthSP by redirecting
the client.
Concurrency issues:
None
Protocol Desciption
Outgoing request going to the PKI AuthSP:
| name |
value |
| rid | A-Select Server request id |
| as_url | A-Select Server url |
| user_attribute | ASelectPkiUserAttributes (dn or blob) |
| a-select-server | A-Select Server ID |
| tf_authsp* | Two factor AuthSP |
| tf_url* | url of the two factor AuthSP |
| tf_retries* | allowed retries for the two factor AuthSP |
| tf_uid* | userid for the two factor AuthSP |
| signature |
signature of all paramaters in the above sequence |
* Optional and only filled if two_factor_authentication
is configured.
Incoming response, which is returned by the Ldap AuthSP:
| name |
value |
| rid | A-Select Server request id |
| result_code | AuthSP result code |
| a-select-server | A-Select Server ID |
| signature |
Signature over the following data:
- rid
- The URL that was created in
computeAuthenticationRequest()
- result_code
- a-select-server
|
- Version:
- 1.0
- Author:
- Alfa & Ariss
|
Constructor Summary |
PKI()
|
|
Method Summary |
java.util.Hashtable |
computeAuthenticationRequest(java.lang.String sRid)
Computes the request which will be sent to the PKI AuthSP. |
void |
init(java.lang.Object oAuthSpConfig,
java.lang.Object oAuthSpResource)
Initialize the PKI AuthSP Handler. |
java.util.Hashtable |
verifyAuthenticationResponse(java.util.Hashtable htAuthspResponse)
Verifies the response comming from the PKI AuthSP
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PKI
public PKI()
init
public void init(java.lang.Object oAuthSpConfig,
java.lang.Object oAuthSpResource)
throws ASelectAuthSPException
- Initialize the
PKI AuthSP Handler.
Description:
Performs the following steps:
- Retrieve handles to required managers and loggers
- Retrieve AuthSP ID from configuration
- Retrieve AuthSP URL from configuration
- Retrieve optional Two-Factor Authentication configuration
- Specified by:
init in interface IAuthSPProtocolHandler
- Parameters:
oAuthSpConfig - Object containing the authsp specific configuration.oAuthSpResource - Object containing the authsp specific resource(s).
- Throws:
ASelectAuthSPException - If initialization fails.- See Also:
IAuthSPProtocolHandler.init(java.lang.Object, java.lang.Object)
computeAuthenticationRequest
public java.util.Hashtable computeAuthenticationRequest(java.lang.String sRid)
- Computes the request which will be sent to the PKI AuthSP.
- Specified by:
computeAuthenticationRequest in interface IAuthSPProtocolHandler
- Parameters:
sRid - Needed parameter in the redirect URL. Can also be used
to retrieve session information from the SessionManager.
- Returns:
Hashtable containing at least:
- See Also:
IAuthSPProtocolHandler.computeAuthenticationRequest(java.lang.String)
verifyAuthenticationResponse
public java.util.Hashtable verifyAuthenticationResponse(java.util.Hashtable htAuthspResponse)
- Verifies the response comming from the PKI AuthSP
- Specified by:
verifyAuthenticationResponse in interface IAuthSPProtocolHandler
- Parameters:
htAuthspResponse - Hashtable containing all parameters that were
received from the AuthSP. It should contain at least:
- Returns:
Hashtable containing at least:
- See Also:
IAuthSPProtocolHandler.verifyAuthenticationResponse(java.util.Hashtable)
Copyright © 2008 SURFnet BV. All Rights Reserved.