HTTP Authentication

It is possible to set security in Danube using JAAS technology. It is done through JAASAuthenticator connection handler. This handler performs basic http authentication and uses supplied user name and password supplied with preconfigured login context. Login context is supplied through loginContextName attribute. If authentication passed then forward connection handler (possible http context) is called.

Here are all attributes of authentication class:

  • loginContextName - name of login context to be used
  • handler - reference to handler which is going to be invoked in case of successful authentication
  • sessionManager - reference to session manager for subject to be placed under "org.abstracthorizon.danube.http.auth.Subject" attribute.
  • realm - realm as in http basic authentication
  • loginContext - reference to the login context to be used. It is automatically set if login context name is supplied.
  • cacheTimeout - timeout for local authorisation string cache. Cache contains subjects mapped to authorisation strings.
  • minimumScanPeriod - minimal allowed period for cache to be scanned for timed out subjects

For authentication using JAAS to work appropriate LoginContext must be defined. Login modules must use username/password authentication for it to work.

New types of authentications are planned for the future implementations such as public/private SSL key, Acegi, etc...