org.sourceid.saml20.adapter.sp.authn
Class LocalIdPasswordLookup

java.lang.Object
  extended by org.sourceid.saml20.adapter.sp.authn.LocalIdPasswordLookup

public abstract class LocalIdPasswordLookup
extends java.lang.Object

An abstract class that provides much of the needed implementation for form user-based authentication. Implementers need only extend and implement the lookupViaPassword(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, String, String) method. An implementation of SpAuthenticationAdapter might have an instance of this class and delegate calls to SpAuthenticationAdapter.lookupLocalUserId(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, String, String).


Constructor Summary
LocalIdPasswordLookup()
           
 
Method Summary
abstract  java.lang.String getLocalIdentifier(java.lang.String username, java.lang.String password)
          Takes a username/password and translates into a local identifer.
 int getMaxUserChallengeRetries()
          This method dictates the number of unsuccessful login attempts a user can make before the login is considered to have failed.
 java.lang.String lookupViaPassword(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, java.lang.String entityId, java.lang.String resumePath)
          Lookup the local user identifier via form based username/password authentication and delegate validation of the username/password to the getLocalIdentifier(String username, String password).
 void setMaxUserChallengeRetries(int maxUserChallengeRetries)
          Sets the number of unsuccessful login attempts a user can make before the login is considered to have failed.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

LocalIdPasswordLookup

public LocalIdPasswordLookup()
Method Detail

getLocalIdentifier

public abstract java.lang.String getLocalIdentifier(java.lang.String username,
                                                    java.lang.String password)
Takes a username/password and translates into a local identifer. An implementation might validate the credentials against a DB or LDAP server, for example, and return the appropriate local identifier - often just the username itself.

Parameters:
username - the username obtained from the user via the HTML form.
password - the password obtained from the user via the HTML form.
Returns:
the local user identifier, or null if authentication fails.

lookupViaPassword

public java.lang.String lookupViaPassword(javax.servlet.http.HttpServletRequest req,
                                          javax.servlet.http.HttpServletResponse resp,
                                          java.lang.String entityId,
                                          java.lang.String resumePath)
                                   throws java.io.IOException
Lookup the local user identifier via form based username/password authentication and delegate validation of the username/password to the getLocalIdentifier(String username, String password).

Parameters:
req - the HttpServletRequest
resp - the HttpServletResponse
entityId - the entityId of the IdP.
resumePath - the relative URL that the user agent needs to return to, when it needs to operate asynchronously. This value can usually just be passed though directly from an implementation of SpAuthenticationAdapter.lookupLocalUserId(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, String, String).
Returns:
a String that uniquely identifies the user to the local system. PingFederate will 'link' this value with the external identifier provided by the IdP.
Throws:
java.io.IOException - if an IOException occurs when writing the HTTP response.

getMaxUserChallengeRetries

public int getMaxUserChallengeRetries()
This method dictates the number of unsuccessful login attempts a user can make before the login is considered to have failed. The default is 3.

Returns:
the number unsuccessful login attempts a user can make before the login is considered to have failed.

setMaxUserChallengeRetries

public void setMaxUserChallengeRetries(int maxUserChallengeRetries)
Sets the number of unsuccessful login attempts a user can make before the login is considered to have failed.



Copyright 2007 Ping Identity Corp. All rights reserved.