Class CurrentWindowsIdentityAuthenticator

    • Field Detail

      • CURRENT_WINDOWS_IDENTITY_AUTH_SCHEME

        protected static final String CURRENT_WINDOWS_IDENTITY_AUTH_SCHEME
        See Also:
        Constant Field Values
      • logger

        protected final Log logger
      • KRB5_MECHANISM

        protected static final Oid KRB5_MECHANISM
      • SPNEGO_MECHANISM

        protected static final Oid SPNEGO_MECHANISM
    • Constructor Detail

      • CurrentWindowsIdentityAuthenticator

        public CurrentWindowsIdentityAuthenticator()
    • Method Detail

      • setLoginEntryName

        public void setLoginEntryName​(String loginEntryName)
        Sets the login entry name which establishes the security context.
        Parameters:
        loginEntryName - the login entry name
      • getLoginEntryName

        public String getLoginEntryName()
        Returns the configured login entry name.
        Returns:
        the login entry name
      • isOmitErrorMessages

        public boolean isOmitErrorMessages()
        Indicates whether error messages are responded to the client.
        Returns:
        indicator for error message omission
      • setOmitErrorMessages

        public void setOmitErrorMessages​(boolean omitErrorMessages)
        Sets whether error messages are responded to the client.
        Parameters:
        omitErrorMessages - indicator to error omit messages
      • isErrorMessagesAsHeaders

        public boolean isErrorMessagesAsHeaders()
        Indicates whether error messages will be responded as headers.
        Returns:
        indicates whether error messages will be responded as headers
      • setErrorMessagesAsHeaders

        public void setErrorMessagesAsHeaders​(boolean errorMessagesAsHeaders)
        Sets whether error messages will be returned as headers.

        It is not always desired or necessary to produce an error page, e.g., non-interactive clients do not analyze it anyway, but have to consume the response (wasted time and resources). When a client issues a request, the server will write the error messages to either one header: Auth-Error or Server-Error.

        Technically speaking, HttpServletResponse.setStatus(int) will be called instead of HttpServletResponse.sendError(int, String).

        Parameters:
        errorMessagesAsHeaders - indicates whether error messages will be responded as headers
      • isStoreDelegatedCredential

        public boolean isStoreDelegatedCredential()
        Indicates whether client's (initiator's) delegated credential is stored in the user principal.
        Returns:
        indicates whether client's (initiator's) delegated credential is stored in the user principal.
      • setStoreDelegatedCredential

        public void setStoreDelegatedCredential​(boolean storeDelegatedCredential)
        Sets whether client's (initiator's) delegated credential is stored in the user principal.
        Parameters:
        storeDelegatedCredential - the store delegated credential indication