at.gv.egiz.moodle.eidconnector.auth
Interface AuthenticationProvider

All Known Implementing Classes:
AustrianAuthProviderImpl, IcelandicAuthProvider, PEPSAuthenticationProvider, PEPSAuthenticationProviderImpl, TestAuthenticationProviderImpl, TestPEPSAuthenticationProviderImpl

public interface AuthenticationProvider

Member state specific evaluation of credentials. First the user has to be redirected to the memberstate specific authentication service. After successfully completing authentication the member state specific authentication service is in posession of the user's credentials. Now the authentication service has to invoke the moodle eId connector by redirecting the user to the endpoint http[s]://moodle-server.xyz/moodle-eid-connector/connector.do?action=authenticate. For security reasons the authentication framework should provide some kind of token that can be used by the respective authentication provider class to retrieve the credentials from the authentication service. Upon invokation, the Moodle eId connector automatically iterates over all registered classes (implementing this authentication provider interface). The isResponsible(...) method checks if the request (providing the token...) is suitable. If suitable the second method, authenticate(...) is automatically invoked. This method opens a communication channel to the respective authentication service, using the token (or another mechanism) to retrieve the credentials. The credentials have to be put in a SubjectAttributes object which is returned by the method. HttpServletRequest originating from the respective authentication service.

Author:
AT-TUG (Thomas Knall)

Method Summary
 SubjectAttributes authenticate(HttpServletRequest request)
          Uses the given request and retrieves/derives credentials from the respective authentication service.
 boolean isResponsible(HttpServletRequest request)
          Returns true if the underlying authentication implementation claims to be responsible for the given HttpServletRequest.
 

Method Detail

isResponsible

boolean isResponsible(HttpServletRequest request)
                      throws EIDConnectorException
Returns true if the underlying authentication implementation claims to be responsible for the given HttpServletRequest.

Parameters:
request - The HttpServletRequest.
Returns:
true if responsible, false if not.
Throws:
EIDConnectorException - Thrown in case of an error.

authenticate

SubjectAttributes authenticate(HttpServletRequest request)
                               throws EIDConnectorException
Uses the given request and retrieves/derives credentials from the respective authentication service.

Parameters:
request - The HttpServletRequest.
Returns:
Credentials as SubjectAttributes.
Throws:
EIDConnectorException - Thrown in case of an error.


Copyright 2009 EGIZ. All Rights Reserved.