Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:security:dev:authentication [2020/06/15 11:06]
kopro [Actual list of authenticators] 		devel:documentation:security:dev:authentication [2020/06/24 06:07]
kopro [Actual list of authenticators] change properties and information about deprecated authenticator
Line 43: Line 43:
  
 === DefaultAccAuthenticator === === DefaultAccAuthenticator ===
 +
 +<note important>This authenticator is from version 10.4.0 deprecated. Please use DefaultAccMultipleSystemAuthenticator. The configuration properties will be removed.</note>
  
 [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccAuthenticator.java|DefaultAccAuthenticator]] checks the [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-api/src/main/java/eu/bcvsolutions/idm/core/security/api/dto/LoginDto.java|LoginDto]] against an end system. Users use their internal IdM login and their password from the end system. [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccAuthenticator.java|DefaultAccAuthenticator]] checks the [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-api/src/main/java/eu/bcvsolutions/idm/core/security/api/dto/LoginDto.java|LoginDto]] against an end system. Users use their internal IdM login and their password from the end system.
Line 71: Line 73:
  
 === DefaultAccMultipleSystemAuthenticator === === DefaultAccMultipleSystemAuthenticator ===
 +
 +Since 10.4.0.
 +
 [[https://github.com/bcvsolutions/CzechIdMng/blob/okopr/2046-authentication-against-multiple-systems/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccMultipleSystemAuthenticator.java|DefaultAccMultipleSystemAuthenticator]] has same behavior as [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccAuthenticator.java|DefaultAccAuthenticator]] but is allowed more system for authentication than one. Authenticator is placed between **DefaultAccAuthenticator** and **DefaultCoreAuthenticator**, more priority has original authenticator **DefaultAccAuthenticator**. [[https://github.com/bcvsolutions/CzechIdMng/blob/okopr/2046-authentication-against-multiple-systems/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccMultipleSystemAuthenticator.java|DefaultAccMultipleSystemAuthenticator]] has same behavior as [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccAuthenticator.java|DefaultAccAuthenticator]] but is allowed more system for authentication than one. Authenticator is placed between **DefaultAccAuthenticator** and **DefaultCoreAuthenticator**, more priority has original authenticator **DefaultAccAuthenticator**.
  
-<note tip>All behavior with authentication is same as original **DefaultAccAuthenticator**.</note>+<note tip>All behavior with authentication is same as original **DefaultAccAuthenticator**. The original authenticator is now deprecated. Please use the newer.</note>
  
 The end systems are defined with configuration properties. For example: The end systems are defined with configuration properties. For example:
 <code> <code>
-idm.sec.acc.security.auth.order1.systemId=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a +idm.sec.acc.security.auth.order1.system=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a 
-idm.sec.acc.security.auth.order2.systemId=ea86a399-9b26-4f75-9b3a-d3f0049031ef +idm.sec.acc.security.auth.order2.system=ea86a399-9b26-4f75-9b3a-d3f0049031ef 
-idm.sec.acc.security.auth.order3.systemId+idm.sec.acc.security.auth.order3.system
-idm.sec.acc.security.auth.order4.systemId+idm.sec.acc.security.auth.order4.system
-idm.sec.acc.security.auth.order5.systemId=eb24ee1e-da69-4e8a-8b7d-8e41691f09e4 +idm.sec.acc.security.auth.order5.system=SystemAD User 
-idm.sec.acc.security.auth.order6.systemId+idm.sec.acc.security.auth.order6.system
-idm.sec.acc.security.auth.order7.systemId=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a +idm.sec.acc.security.auth.order7.system=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a 
-idm.sec.acc.security.auth.order8.systemId+idm.sec.acc.security.auth.order8.system
-idm.sec.acc.security.auth.order9.systemId=71fcccb6-5865-48e6-8fba-3d4d963d9f45+idm.sec.acc.security.auth.order9.system=LDAP User 2
 </code> </code>
  
  • by kopro