Package io.goobi.viewer.model.security.authentication

Class LitteraProvider

java.lang.Object
io.goobi.viewer.model.security.authentication.HttpAuthenticationProvider
io.goobi.viewer.model.security.authentication.LitteraProvider
All Implemented Interfaces:
IAuthenticationProvider
public class LitteraProvider extends HttpAuthenticationProvider
External authentication provider for the LITTERA reader authentication api (www.littera.eu). This provider requests requests authentication from the configured url and an 'id' and 'pw' provided as query parameters. The response is a text/xml document containing a root element with an attribute "authenticationSuccessful" which is either true or false depending on the validity of the passed query params. If the authentication is successful, an existing viewer user is newly created is required with the nickname of the login id and an email of {id}@nomail.com. The user may still be suspended, given admin rights ect. as any other viewer user
Author:
Florian Alpers

  • Field Details

    • DEFAULT_EMAIL

      protected static final String DEFAULT_EMAIL
      Constant DEFAULT_EMAIL="{username}@nomail.com"
      See Also:

    • TYPE_USER_PASSWORD

      protected static final String TYPE_USER_PASSWORD
      Constant TYPE_USER_PASSWORD="userPassword"
      See Also:

  • Constructor Details

    • LitteraProvider

      public LitteraProvider(String name, String label, String url, String image, long timeoutMillis)

      Constructor for LitteraProvider.

      Parameters:
      name - a String object.
      label - a String object.
      url - a String object.
      image - a String object.
      timeoutMillis - a long.

  • Method Details

    • logout

      public void logout() throws AuthenticationProviderException
      Logs the user out
      Throws:
      AuthenticationProviderException - if any.

    • login

      public CompletableFuture<LoginResult> login(String loginName, String password) throws AuthenticationProviderException
      Returns a future containing the login result upon completion. The result optionally contains the logged in User as well as the HttpServletRequest and HttpServletResponse to be used to complete the login and possible request forwarding If an error occurs and the request can not be processed, an AuthenticationException must be thrown. If a login has been refused, the exact reasons can be determined using the methods isActive, isSuspended and isRefused
      Parameters:
      loginName - a String object.
      password - A string to be used as a password or similar for login. If the provider does not require such a string, this can be left empty or null
      Returns:
      A CompletableFuture which is resolved once login is completed and contains a LoginResult
      Throws:
      AuthenticationProviderException - if any.

    • get

      protected LitteraAuthenticationResponse get(URI url, String username, String password) throws IOException

      get.

      Parameters:
      url - a URI object.
      username - a String object.
      password - a String object.
      Returns:
      a LitteraAuthenticationResponse object.
      Throws:
      IOException - if any.

    • allowsPasswordChange

      public boolean allowsPasswordChange()
      Check whether this authentication service allows user to edit their password or to reset it
      Returns:
      true if the authentication service provides means to change or reset the user password

    • allowsNicknameChange

      public boolean allowsNicknameChange()

      allowsNicknameChange.

      Returns:
      true if the nickname may be changed and is not essential for user identification

    • allowsEmailChange

      public boolean allowsEmailChange()

      allowsEmailChange.

      Returns:
      true if the email may be changed and is not essential for user identification