Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.caplin.keymaster.servlet
Class StandardKeyMaster

java.lang.Object
  extended by javax.servlet.GenericServlet
      extended by javax.servlet.http.HttpServlet
          extended by com.caplin.keymaster.servlet.StandardKeyMaster
All Implemented Interfaces:
Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig
public class StandardKeyMaster
extends javax.servlet.http.HttpServlet

This class is used as a basic servlet to show how KeyMaster is used to authenticate a user and return an appropriate response. This servlet should only be called after a set of keys have been generated. The servlet accesses the private key file and uses this to authenticate the user. This file is specified in the web.xml configuration file.

The servlet uses reflection to load in the different types of ResponseFormatter. Each type of formatter is specified in the web.xml.

The standard URL parameters are as follows. However it should be noted that some ResponseFormatter implementation classes may require additional parameters.

Parameter Required Default Description
username Yes None The name of the user that is requesting a KeyMaster token.
password No None The password, if any, that the user is using to request the KeyMaster token.
type No streamlink Client type, used to load the appropriate ResponseFormatter. Either “streamlink”, “javascript” or a custom value.
appid No Unknown An application id that identifies the application requesting a KeyMaster token.
sourceid No None An identifier indicating the source of data for which the token is required.

See Also:
Serialized Form

Field Summary
static String CONFIG_LOGGER_FILE
          The underlying file that the logging messages will be written out to.
static String CONFIG_LOGGER_LEVEL
          The logging level that is required.
static String DEFAULT_FORMATTER_TYPE
          Specify the default type of ResponseFormatter used by the servlet
static String DEFAULT_LOG_FILE
          Specify the default log file used by the servlet to keep track of all log messages.
static String DEFAULT_LOG_LEVEL
          Specify the default level of logging provided by the servlet in the event that a Level is not specified or an invalid one is specified.
static String EXTRA_DATA_PROVIDER
          Specify this attribute in the servlet configuration file to load a custom class which will add extra data to the signed token passed to Liberator.
static String FORMATTER_TYPE_PREFIX
          The pattern used at initialisation to identify all the valid types of ResponseFormatter that the servlet can deal with.
static String PROPS_ENABLE_VALUE
          Allow the HTTP remote user credentials to be used.
static String PROPS_ENCODE_EXTRA_DATA
          Allows the user to add optional data to the token being created.
static String PROPS_HARDWARE_KEYSTORE_KEY_PASSPHRASE
          Optional property that specifies the passphrase to use when retrieving the key from a hardware storage solution.
static String PROPS_HARDWARE_KEYSTORE_KEYFILE
          Optional property that specifies the location of a key file used to load the KeyStore when using a hardware storage solution.
static String PROPS_HARDWARE_KEYSTORE_PASSPHRASE
          Optional property that specifies the passphrase to use when loading the KeyStore when using a hardware storage solution.
static String PROPS_HARDWARE_KEYSTORE_PROVIDER
          Optional property that specifies the name of the KeyStore provider to retrieve keys from when using a hardware key storage solution.
static String PROPS_HARDWARE_KEYSTORE_TYPE
          Optional property that specifies the type of KeyStore to retrieve keys from when using a hardware key storage solution.
static String PROPS_HTTP_USER
          Determines if the username should be the username provided by one of the Caplin products or whether it should use the standard HTTP remote user that will be generated when the user logs in via a single sign on system.
static String PROPS_KEY_PRFILE
          The file name and location of the private key created by KeyGenerator.
static String PROPS_KEYSTORE_TYPE
          A switch that can be set to "standard" or "hardware" to indicate if KeyMaster should use a standard KeyStore file or a hardware key storage solution.
static String PROPS_SECURITY_CLASS
          The class name of the security provider used by this class.
static String PROPS_SECURITY_NAME
          A name to identify the security provider by.
static String PROPS_SERVER_NAME
          The identifier passed to KeyGenerator used when creating the set of keys.
static String PROPS_SIGNATURE_ALGORITHM
          Optional property that specifies which algorithm to use when generating tokens.
static String PROPS_VALUE_TO_ENABLE_ENCODE_EXTRA_DATA
          Allow the addition of extra information onto the token being sent to Liberator.
static String USER_PROVIDER_CLASS_CONFIG
          Specify this attribute in the servlet configuration file to load a custom user credentials class.
 
Constructor Summary
StandardKeyMaster()
           
 
Method Summary
 void destroy()
           Used to close the logger instance as the servlet is no longer going to be used.
 void init()
           Initialisation method to set up the servlet and prepare for HTTP Get and Post calls.
 void init(javax.servlet.ServletConfig config)
           Initialisation method to set up the servlet and prepare for HTTP Get and Post calls.
 
Methods inherited from class javax.servlet.http.HttpServlet
service
 
Methods inherited from class javax.servlet.GenericServlet
getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, log, log
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CONFIG_LOGGER_LEVEL

public static final String CONFIG_LOGGER_LEVEL
The logging level that is required. See Level for valid levels.

See Also:
Constant Field Values

CONFIG_LOGGER_FILE

public static final String CONFIG_LOGGER_FILE
The underlying file that the logging messages will be written out to.

See Also:
Constant Field Values

PROPS_SERVER_NAME

public static final String PROPS_SERVER_NAME
The identifier passed to KeyGenerator used when creating the set of keys.

See Also:
Constant Field Values

PROPS_KEY_PRFILE

public static final String PROPS_KEY_PRFILE
The file name and location of the private key created by KeyGenerator. Note: if the key is to be retrieved from a hardware storage solution then this property must be omitted.

See Also:
Constant Field Values

PROPS_SECURITY_CLASS

public static final String PROPS_SECURITY_CLASS
The class name of the security provider used by this class.

See Also:
Constant Field Values

PROPS_HTTP_USER

public static final String PROPS_HTTP_USER
Determines if the username should be the username provided by one of the Caplin products or whether it should use the standard HTTP remote user that will be generated when the user logs in via a single sign on system.

See Also:
Constant Field Values

PROPS_ENABLE_VALUE

public static final String PROPS_ENABLE_VALUE
Allow the HTTP remote user credentials to be used. Any other value will result in HTTP remote user credentials not being used.

See Also:
Constant Field Values

PROPS_ENCODE_EXTRA_DATA

public static final String PROPS_ENCODE_EXTRA_DATA
Allows the user to add optional data to the token being created. This data can then be used by Liberator/Auth Module as required. One use for this is to sign the username as part of the token, thus allowing even more security.

See Also:
Constant Field Values

PROPS_VALUE_TO_ENABLE_ENCODE_EXTRA_DATA

public static final String PROPS_VALUE_TO_ENABLE_ENCODE_EXTRA_DATA
Allow the addition of extra information onto the token being sent to Liberator. Any other value will result in this functionality not being used.

See Also:
Constant Field Values

PROPS_KEYSTORE_TYPE

public static final String PROPS_KEYSTORE_TYPE
A switch that can be set to "standard" or "hardware" to indicate if KeyMaster should use a standard KeyStore file or a hardware key storage solution. This parameter is optional and will default to "standard" if not present.

See Also:
Constant Field Values

PROPS_SECURITY_NAME

public static final String PROPS_SECURITY_NAME
A name to identify the security provider by. This should be the same as the equivalent entry in the KeyGenerator configuration file.

See Also:
Constant Field Values

PROPS_SIGNATURE_ALGORITHM

public static final String PROPS_SIGNATURE_ALGORITHM
Optional property that specifies which algorithm to use when generating tokens. If this property does not exist then the default algorithm is MD5withRSA.

See Also:
Constant Field Values

PROPS_HARDWARE_KEYSTORE_TYPE

public static final String PROPS_HARDWARE_KEYSTORE_TYPE
Optional property that specifies the type of KeyStore to retrieve keys from when using a hardware key storage solution.

See Also:
Constant Field Values

PROPS_HARDWARE_KEYSTORE_PROVIDER

public static final String PROPS_HARDWARE_KEYSTORE_PROVIDER
Optional property that specifies the name of the KeyStore provider to retrieve keys from when using a hardware key storage solution.

See Also:
Constant Field Values

PROPS_HARDWARE_KEYSTORE_KEYFILE

public static final String PROPS_HARDWARE_KEYSTORE_KEYFILE
Optional property that specifies the location of a key file used to load the KeyStore when using a hardware storage solution.

See Also:
Constant Field Values

PROPS_HARDWARE_KEYSTORE_PASSPHRASE

public static final String PROPS_HARDWARE_KEYSTORE_PASSPHRASE
Optional property that specifies the passphrase to use when loading the KeyStore when using a hardware storage solution.

See Also:
Constant Field Values

PROPS_HARDWARE_KEYSTORE_KEY_PASSPHRASE

public static final String PROPS_HARDWARE_KEYSTORE_KEY_PASSPHRASE
Optional property that specifies the passphrase to use when retrieving the key from a hardware storage solution.

See Also:
Constant Field Values

USER_PROVIDER_CLASS_CONFIG

public static final String USER_PROVIDER_CLASS_CONFIG
Specify this attribute in the servlet configuration file to load a custom user credentials class. UserCredentialsProvider

See Also:
Constant Field Values

FORMATTER_TYPE_PREFIX

public static final String FORMATTER_TYPE_PREFIX
The pattern used at initialisation to identify all the valid types of ResponseFormatter that the servlet can deal with.

See Also:
Constant Field Values

DEFAULT_FORMATTER_TYPE

public static final String DEFAULT_FORMATTER_TYPE
Specify the default type of ResponseFormatter used by the servlet

See Also:
Constant Field Values

DEFAULT_LOG_LEVEL

public static final String DEFAULT_LOG_LEVEL
Specify the default level of logging provided by the servlet in the event that a Level is not specified or an invalid one is specified.

See Also:
Constant Field Values

DEFAULT_LOG_FILE

public static final String DEFAULT_LOG_FILE
Specify the default log file used by the servlet to keep track of all log messages. This file will be located in the directory where the application sever is started.

See Also:
Constant Field Values

EXTRA_DATA_PROVIDER

public static final String EXTRA_DATA_PROVIDER
Specify this attribute in the servlet configuration file to load a custom class which will add extra data to the signed token passed to Liberator. This class must implement the ExtraDataProvider interface.

See Also:
Constant Field Values
Constructor Detail

StandardKeyMaster

public StandardKeyMaster()
Method Detail

init

public void init()
          throws javax.servlet.ServletException

Initialisation method to set up the servlet and prepare for HTTP Get and Post calls. The method calls init(ServletConfig) passing it null which will cause GenericServlet.init() to be called.

Overrides:
init in class javax.servlet.GenericServlet
Throws:
javax.servlet.ServletException

init

public void init(javax.servlet.ServletConfig config)
          throws javax.servlet.ServletException

Initialisation method to set up the servlet and prepare for HTTP Get and Post calls. The method sets up the logger to track progress and errors. It configures itself from a standard configuration file (web.xml) or if config is not null then it will use this to configure itself.

Specified by:
init in interface javax.servlet.Servlet
Overrides:
init in class javax.servlet.GenericServlet
Parameters:
config - servlet configuration to use instead of being configured via web.xml.
Throws:
javax.servlet.ServletException

destroy

public void destroy()

Used to close the logger instance as the servlet is no longer going to be used.

Specified by:
destroy in interface javax.servlet.Servlet
Overrides:
destroy in class javax.servlet.GenericServlet
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Please send bug reports and comments to Caplin support