Last Published: 2007-11-02
Exisiting Login Modules
File Login Module
Parameters
| Parameter name | Description | Default value | |
| users.file.path | URL pointing to a user file that validates against users.xsd | WAS_INSTALL_DIR/WEB-INF/classes/conf/as/users.xml | |
| users.cache | Specifies if the the files defined by users.file.path is re-read with every authentication request | false | |
| credential.isBase64Encoded | Specifies whether username/password are Base64 encoded when they arrive at the WAS. As the WAS Specifications requires this, always set this to true | false | |
<AuthenticationMethod> element
<auth:AuthenticationMethod class="org.n52.security.extensions.service.common.loginmodule.FileLoginModule" id="DefaultFileModule">
<auth:URI>urn:opengeospatial:authNMethod:OWS:1.0:password</auth:URI>
<auth:ParameterList>
<auth:Parameter name="users.file.path">file:///c:/users.xml</auth:Parameter>
<auth:Parameter name="users.cache">false</auth:Parameter>
<auth:Parameter name="credential.isBase64Encoded">true</auth:Parameter>
</auth:ParameterList>
</auth:AuthenticationMethod>
Database Login Module
Parameters
<AuthenticationMethod> element
<auth:AuthenticationMethod class="org.n52.security.extensions.service.common.loginmodule.DataBaseLoginModule" id="DefaultDatabaseModule">
<auth:URI>urn:opengeospatial:authNMethod:OWS:1.0:password</auth:URI>
<auth:ParameterList>
<auth:Parameter name="db.driver.class">sun.jdbc.odbc.JdbcOdbcDriver</auth:Parameter>
<auth:Parameter name="db.url">jdbc:odbc:userDB</auth:Parameter>
<auth:Parameter name="db.user">authnService</auth:Parameter>
<auth:Parameter name="db.password">pzv3498n</auth:Parameter>
<auth:Parameter name="credential.isBase64Encoded">true</auth:Parameter>
</auth:ParameterList>
</auth:AuthenticationMethod>
SAML Ticket / WAS Login Module
Parameters
| Parameter name | Description | Default value | |
| was.url | URL of the WAS whose SAML tickets are accepted. This URL is published within the services capabilities | | |
| was.name | Name of the WAS for display purposes | | |
| was.version | Version whicch the specified WAS must support | 1.1 | |
| was.methods | Specifies the authentication method(s) that is(are) accepted to be used for SAML ticket retrieval at the WAS | | |
| was.cert.keystore.path | URL to the keystore that stores the certificate that can be used to verify the SAML ticket signature of the WAS | file:///[WAS|WSS]_INSTALL_DIR/WEB-INF/classes/conf/[as|pes]/.keystore | |
| was.cert.keystore.password | Specifies the needed to access the keystore containing the WAS certificate | 52nwas | |
| was.cert.keystore.alias | Specifies the alias that identifies the WAS certifcate inside the keystore | was | |
<AuthenticationMethod> element
<auth:AuthenticationMethod class="org.n52.security.extensions.service.common.loginmodule.SAMLTicketLoginModule" id="WASBernModule">
<auth:URI>urn:opengeospatial:authNMethod:OWS:1.0:wauthns</auth:URI>
<auth:ParameterList>
<auth:Parameter name="was.url">https://localhost:8443/was/WAS</auth:Parameter>
<auth:Parameter name="was.name">Local WAS</auth:Parameter>
<auth:Parameter name="was.version">1.1</auth:Parameter>
<auth:Parameter name="was.methods">urn:opengeospatial:authNMethod:OWS:1.0:password</auth:Parameter>
<auth:Parameter name="was.cert.keystore.path">file:///c:/Tomcat4.1/conf/.keystore</auth:Parameter>
<auth:Parameter name="was.cert.keystore.password">changeit</auth:Parameter>
<auth:Parameter name="was.cert.alias">tomcat</auth:Parameter>
</auth:ParameterList>
</auth:AuthenticationMethod>
Session Login Module
Parameters
<AuthenticationMethod> element
<auth:AuthenticationMethod class="org.n52.security.extensions.service.common.loginmodule.SessionLoginModule" id="SessionModule">
<auth:URI>urn:opengeospatial:authNMethod:OWS:1.0:session</auth:URI>
<auth:ParameterList>
<auth:Parameter name="session.timeout">6000</auth:Parameter>
</auth:ParameterList>
</auth:AuthenticationMethod>
