|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
ICredentialSetter
is an interface for encrypting and setting the username
and password for a backend application on a PortletResponse
. It provides methods
for configuring the credential location and type if a config file cannot be
used. In most cases a config file should be used, and the values in the config file will override
anything set via the set methods in the interface.
ICredentialSetter
allows portlet developers to
set the username and password in the response headers in 3 lines of code, no matter
how that information is being written. It also allows the following modifications without ever
having to change your code or re-compile: change the method of passing credentials,
upgrade from portal version 5.0.x to 6.0.x, change
encryption methods, or even change the encryption key. Only settings in the web.xml file
need to be updated.
The following example code shows how easy it is to write the username and password
when using a config file:
// Get an ICredentialSetter instance from the IPortletContext IPortletContext portletContext = PortletContextFactory.createPortletContext(req, resp); ICredentialSetter cSetter = portletContext.getCredentialSetter(); // set the username and password cSetter.setUsername(username); cSetter.setPassword(password);Even in the case where a config file cannot be used, using
ICredentialSetter
can
still save developers from having to deal with cipher utilities. It
is necessary to configure all the parameters that indicate how the credentials are
being passed to the portlet.
The following example code writes the username and password when they are being stored
as user prefs with the parameter names DCTMUsername and DCTMPassword,
and the password is RC2 encrypted:
// Get an ICredentialSetter instance from the IPortletContext IPortletContext portletContext = PortletContextFactory.createPortletContext(req, resp); ICredentialSetter cSetter = portletContext.getCredentialSetter(); // set the header type and parameter names; these values could normally be // read from the config file cSetter.SetCredentialSettingType(SettingType.User); cSetter.SetUsernameParameterName("DCTMUsername"); cSetter.SetPasswordParameterName("DCTMPassword"); // set the encryption type and key; these values could normally be // read from the config file cSetter.SetCredentialEncryptionType(EncryptionType.RC2); cSetter.SetPrivateKey("skiroblbpauwyryrhfvnmsl"); // set the username and password cSetter.SetUsername(username); cSetter.SetPassword(password);
Method Summary | |
void |
setCredentialEncryptionType(EncryptionType type)
Specifies the type of encryption used to encrypt the password that is sent back to the portal. |
void |
setCredentialSettingType(SettingType type)
Specifies which type of setting is being used to pass the credentials to the portlet. |
void |
setPassword(java.lang.String plaintextPassword)
Sets the encrypted password for a backend application. |
void |
setPasswordParameterName(java.lang.String paramName)
Specifies the name of the setting that contains the password for the backend application. |
void |
setPrivateKey(java.lang.String key)
Specifies the private key to use to encrypt the password that is sent back to the portal to be saved. |
void |
setUsername(java.lang.String username)
Sets the username for a backend application. |
void |
setUsernameParameterName(java.lang.String paramName)
Specifies the name of the setting that contains the username for the backend application. |
Method Detail |
public void setUsername(java.lang.String username)
username
- the plain-text username to set in the headerspublic void setPassword(java.lang.String plaintextPassword)
plaintextPassword
- the plain-text password to set in the headerspublic void setCredentialSettingType(SettingType type)
type
- the type of setting being used to send credentials to the portletpublic void setUsernameParameterName(java.lang.String paramName)
paramName
- the name of the username settingpublic void setPasswordParameterName(java.lang.String paramName)
paramName
- the name of the password settingpublic void setCredentialEncryptionType(EncryptionType type)
type
- the type of encryptionpublic void setPrivateKey(java.lang.String key)
CredentialEncryptionType
must be set with the
setCredentialEncryptionType
method. This value is
used only if it is not specified in a config file (web.xml). Settings in the
config file override anything set with this method.
The config file parameter for this setting depends on the type of encryption being
used, and can be one of the following: RSAPrivateKey, RC2PrivateKey, or AESPrivateKey.
key
- the key used for RSA decryption
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Copyright ©2010 Oracle® Corporation. All Rights Reserved.