A security source is a regular plugin with an associated configuration object.
Its design is quite similar to the Connector one. The security source class must implement the SecuritySource (com.exalead.security.sources.common.SecuritySource) interface, and must define a constructor taking a configuration class.
Implement the Security source part
@CVComponentConfigClass(configCheckClass = CVComponentConfigCheckNone.class, configClass =LocalSecuritySourceConfig.class) @CVComponentDescription("Local Security (generic)") public class LocalSecuritySource extends SecuritySource implements CVComponent { public LocalSecuritySource(LocalSecuritySourceConfig config) { ... } ... }
Implement the Associated config part
@CVComponentDescription("Local Security (generic)") @IsEmptyConfig(true) public class LocalSecuritySourceConfig implements CVComponentConfig { ... }
Implement the security source methods
The following methods must be implemented within the security source.
This method authenticates a user and returns authorizations, such as success status, security tokens and associated information, with:
• the login login name,
• and an optional credential password to check if needPassword is set to true
Otherwise, the function always returns a valid object which can be used to list the user security tokens.
public List<String> getUsers() throws Exception;
Lists all users contained in the security source.
It may return an empty list if such information is not available.
public List<String> getGroups() throws Exception;
Lists all groups contained in the security source.
It may return an empty list if such information is not available.
public SecurityToken getUserToken(String user);
Gets the security token list of a user.
public SecurityToken getGroupToken(String group);
Gets the security token list of a group.
Implement the AuthenticationResult class
The returned AuthenticationResult (com.exalead.security.sources.common.AuthenticationResult) object should be filled using the following methods.
Method
Description
public void setSuccess(Boolean value);
If authentication was requested, it sets the success result.
public void setCause(String value);
If authentication was requested and failed, it provides the error description.
public void setUserId(String value);
Sets the user identifier.
public void setUserDisplayName(String value);
Sets the user display name, usually its first and last names.
public void setSecurityTokens(List<SecurityToken> tokens);
If no authentication was requested, or if the authentication was successful, it provides the list of security tokens owned by the user.
Example:
List<SecurityToken> tokens = new ArrayList<SecurityToken>(); tokens.add(new SecurityToken("unix:user:10028")); tokens.add(new SecurityToken("unix:group:100")); AuthenticationResult results = new AuthenticationResult(); results.setSuccess(true); results.setUserId("10028"); results.setUserDisplayName("John Doe"); results.setSecurityTokens(tokens);
Implement the SecurityToken class
Each security token is returned inside a SecurityToken (com.exalead.security.sources.common.SecurityToken) object. Its constructor takes the security token string as sole argument.
Example:
SecurityToken st = new SecurityToken("unix:user:10028");