You can implement the WsCustomAuthentication interface.If you want custom authentication (e.g. pass in a token, and decode it), then implement the interface edu.internet2.middleware.grouper.ws.security.WsCustomAuthentication and configure your fully qualified classname in the grouper-ws.properties. The default is an implementation of this interface as an example: edu.internet2.middleware.grouper.ws.security.WsGrouperDefaultAuthentication, which just gets the user from the container: httpServletRequest.getUserPrincipal().getName()
Code Block |
---|
/** * <pre> * implement this interface and provide the class to the classpath and grouper-ws.properties * to override the default of httpServletRequest.getUserPrincipal(); * for non-Rampart authentication * * if user is not found, throw a runtime exception. Could be WsInvalidQueryException * which is a type of runtime exception (experiment and see what you want the response to * look like) * * </pre> */ public interface WsCustomAuthentication { /** * retrieve the current username (subjectId) from the request object. * @param httpServletRequest * @return the logged in username (subjectId) * @throws WsInvalidQueryException if there is a problem */ public String retrieveLoggedInSubjectId(HttpServletRequest httpServletRequest) throws WsInvalidQueryException; } |
Manage users
Manage users in the implemented system
Configure
Note the file locations in the container are listed in the v2.5 container documentation
...