Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.plumtree.remote.portlet
Interface ICredentialSetter

public interface ICredentialSetter

ICredentialSetter is an interface for encrypting and setting the username and password for a backend application on a PortletResponse. It provides methods for configuring the credential location and type if a config file cannot be used. In most cases a config file should be used, and the values in the config file will override anything set via the set methods in the interface.

This interface does not work with the Credential Vault. It is intended for use by portlets that communicate with older portal versions and encrypt and decrypt their password settings. Using ICredentialProvider allows a portlet developer to set the username and password in the response headers in 3 lines of code, no matter how that information is being written. It also allows: the method of credential passing to change, upgrading from a 5.0.x Portal to a 6.0.x Portal, changing encryption methods, or even changing the encryption key; without ever having to change your code or re-compile. Only settings in the web.xml file would need to be updated.

The following example code shows how easy it is to write the username and password when using a config file: 

 // Get an ICredentialSetter instance from the IPortletContext
 IPortletContext portletContext = PortletContextFactory.createPortletContext(req, resp);
 ICredentialSetter cSetter = portletContext.getCredentialSetter();
 
 // set the username and password
 cSetter.setUsername(username);
 cSetter.setPassword(password);

Even in the case where a config file cannot be used, using ICredentialSetter can still save a developer from having to deal with his/her own cipher utilities. It is necessary to configure all the parameters that indicate how the credentials are being passed to the portlet.

The following example code writes the username and password when they are being stored as user prefs with the parameter names DCTMUsername and DCTMPassword, and the password is RC2 encrypted: 

 // Get an ICredentialSetter instance from the IPortletContext
 IPortletContext portletContext = PortletContextFactory.createPortletContext(req, resp);
 ICredentialSetter cSetter = portletContext.getCredentialSetter();
 
 // set the header type and parameter names; these values could normally be
 // read from the config file
 cSetter.SetCredentialSettingType(SettingType.User);
 cSetter.SetUsernameParameterName("DCTMUsername");
 cSetter.SetPasswordParameterName("DCTMPassword");
 
 // set the encryption type and key; these values could normally be
 // read from the config file
 cSetter.SetCredentialEncryptionType(EncryptionType.RC2);
 cSetter.SetPrivateKey("skiroblbpauwyryrhfvnmsl");
 
 // set the username and password
 cSetter.SetUsername(username);
 cSetter.SetPassword(password);

Method Summary
 void setCredentialEncryptionType(EncryptionType type)
          Specify the type of encryption used to encrypt the password that is sent back to the portal.
 void setCredentialSettingType(SettingType type)
          Specify what type of setting is being used to pass the credentials to the portlet.
 void setPassword(java.lang.String plaintextPassword)
          Sets the encrypted password for a backend application.
 void setPasswordParameterName(java.lang.String paramName)
          Specify the name of the setting that contains the password for the backend application.
 void setPrivateKey(java.lang.String key)
          Specify the private key to use to encrypt the password that is sent back to the portal to be saved.
 void setUsername(java.lang.String username)
          Sets the username for a backend application.
 void setUsernameParameterName(java.lang.String paramName)
          Specify the name of the setting that contains the username for the backend application.
 

Method Detail

setUsername

public void setUsername(java.lang.String username)
Sets the username for a backend application. The value is written to the headers that are sent back to the portal.

Parameters:
username - plain-text username to set in headers.

setPassword

public void setPassword(java.lang.String plaintextPassword)
Sets the encrypted password for a backend application. The value is encrypted and written to the headers that are sent back to the portal.

Parameters:
plaintextPassword - plain-text password to set in headers.

setCredentialSettingType

public void setCredentialSettingType(SettingType type)
Specify what type of setting is being used to pass the credentials to the portlet. This value will only be used if it is not specified in a config file (web.xml). A config file setting will override anything set with this method.

The config file parameter for this setting is CredentialSettingType.

Parameters:
type - the tpye of setting being used to send credentials to the portlet.

setUsernameParameterName

public void setUsernameParameterName(java.lang.String paramName)
Specify the name of the setting that contains the username for the backend application. This value will only be used if it is not specified in a config file (web.xml). A config file setting will override anything set with this method.

The config file parameter for this setting is UsernameParameterName.

Parameters:
paramName - name of the username setting.

setPasswordParameterName

public void setPasswordParameterName(java.lang.String paramName)
Specify the name of the setting that contains the password for the backend application. This value will only be used if it is not specified in a config file (web.xml). A config file setting will override anything set with this method.

The config file parameter for this setting is PasswordParameterName.

Parameters:
paramName - name of the password setting.

setCredentialEncryptionType

public void setCredentialEncryptionType(EncryptionType type)
Specify the type of encryption used to encrypt the password that is sent back to the portal. This value will only be used if it is not specified in a config file (web.xml). A config file setting will override anything set with this method.

The config file parameter for this setting is CredentialEncryptionType.

Parameters:
type - type of encryption.

setPrivateKey

public void setPrivateKey(java.lang.String key)
Specify the private key to use to encrypt the password that is sent back to the portal to be saved. The CredentialEncryptionType must be set with the setCredentialEncryptionType method. This value will only be used if it is not specified in a config file (web.xml). A config file setting will override anything set with this method.

The config file parameter for this setting depends on the type of encryption being used, and can be one of: RSAPrivateKey, RC2PrivateKey, or AESPrivateKey.

Parameters:
key - key used for RSA decryption.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
For additional information on the IDK, including tutorials, blogs, code samples and more,see the AquaLogic User Interaction Developer Center on BEA dev2dev.

Copyright ©2007 BEA Systems, Inc. All Rights Reserved.