It is possible to set security in Danube using JAAS technology. It is done through JAASAuthenticator
connection handler. This handler performes basic http authentication and uses supplied user name and password supplied with preconfigured login context.
Login context is supplied through
loginContextName attribute. If authentication passed then forward connection handler (possible http context) is called.
Here are all attributes of authentication class:
loginContextName- name of login context to be used
handler- reference to handler which is going to be invoked in case of successful authentication
sessionManager- reference to session manager for subject to be placed under "org.abstracthorizon.danube.http.auth.Subject" attribute.
realm- realm as in http basic authentication
loginContext- reference to the login context to be used. It is automatically set if login context name is supplied.
cacheTimeout- timeout for local authorisation string cache. Cache contains subjects mapped to authorisation strings.
minimumScanPeriod- minimal allowed period for cache to be scanned for timed out subjects
For authentication using JAAS to work appropriate LoginContext must be defined. Login modules must use username/password authentication for it to work.
New types of authentications are planned for the future implementations such as public/private SSL key, Acegi, etc...