Both sides previous revision
Previous revision
|
Next revision
Both sides next revision
|
devel:documentation:security:dev:authentication [2020/06/15 11:12] kopro [Actual list of authenticators] since edit |
devel:documentation:security:dev:authentication [2020/06/24 06:07] kopro [Actual list of authenticators] change properties and information about deprecated authenticator |
| |
=== DefaultAccAuthenticator === | === DefaultAccAuthenticator === |
| |
| <note important>This authenticator is from version 10.4.0 deprecated. Please use DefaultAccMultipleSystemAuthenticator. The configuration properties will be removed.</note> |
| |
[[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccAuthenticator.java|DefaultAccAuthenticator]] checks the [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-api/src/main/java/eu/bcvsolutions/idm/core/security/api/dto/LoginDto.java|LoginDto]] against an end system. Users use their internal IdM login and their password from the end system. | [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccAuthenticator.java|DefaultAccAuthenticator]] checks the [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-api/src/main/java/eu/bcvsolutions/idm/core/security/api/dto/LoginDto.java|LoginDto]] against an end system. Users use their internal IdM login and their password from the end system. |
[[https://github.com/bcvsolutions/CzechIdMng/blob/okopr/2046-authentication-against-multiple-systems/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccMultipleSystemAuthenticator.java|DefaultAccMultipleSystemAuthenticator]] has same behavior as [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccAuthenticator.java|DefaultAccAuthenticator]] but is allowed more system for authentication than one. Authenticator is placed between **DefaultAccAuthenticator** and **DefaultCoreAuthenticator**, more priority has original authenticator **DefaultAccAuthenticator**. | [[https://github.com/bcvsolutions/CzechIdMng/blob/okopr/2046-authentication-against-multiple-systems/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccMultipleSystemAuthenticator.java|DefaultAccMultipleSystemAuthenticator]] has same behavior as [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/security/authentication/impl/DefaultAccAuthenticator.java|DefaultAccAuthenticator]] but is allowed more system for authentication than one. Authenticator is placed between **DefaultAccAuthenticator** and **DefaultCoreAuthenticator**, more priority has original authenticator **DefaultAccAuthenticator**. |
| |
<note tip>All behavior with authentication is same as original **DefaultAccAuthenticator**.</note> | <note tip>All behavior with authentication is same as original **DefaultAccAuthenticator**. The original authenticator is now deprecated. Please use the newer.</note> |
| |
The end systems are defined with configuration properties. For example: | The end systems are defined with configuration properties. For example: |
<code> | <code> |
idm.sec.acc.security.auth.order1.systemId=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a | idm.sec.acc.security.auth.order1.system=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a |
idm.sec.acc.security.auth.order2.systemId=ea86a399-9b26-4f75-9b3a-d3f0049031ef | idm.sec.acc.security.auth.order2.system=ea86a399-9b26-4f75-9b3a-d3f0049031ef |
idm.sec.acc.security.auth.order3.systemId= | idm.sec.acc.security.auth.order3.system= |
idm.sec.acc.security.auth.order4.systemId= | idm.sec.acc.security.auth.order4.system= |
idm.sec.acc.security.auth.order5.systemId=eb24ee1e-da69-4e8a-8b7d-8e41691f09e4 | idm.sec.acc.security.auth.order5.system=SystemAD - User |
idm.sec.acc.security.auth.order6.systemId= | idm.sec.acc.security.auth.order6.system= |
idm.sec.acc.security.auth.order7.systemId=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a | idm.sec.acc.security.auth.order7.system=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a |
idm.sec.acc.security.auth.order8.systemId= | idm.sec.acc.security.auth.order8.system= |
idm.sec.acc.security.auth.order9.systemId=71fcccb6-5865-48e6-8fba-3d4d963d9f45 | idm.sec.acc.security.auth.order9.system=LDAP User 2 |
</code> | </code> |
| |