Versions Compared

Old Version 17

changes.mady.by.user Kim Rasmussen

Saved on

compared with

New Version Current

changes.mady.by.user Kim Rasmussen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

By default, the following authorization plugins are supplied:

Warning

Check your license before using any of these - your license might not grant you permission to use all of these authentication plugins.


  • dk.itp.security.ldap.jndi.ActiveDirectoryPasswordPlugin
    Uses JNDI lookups to authenticate a user in LDAP. 
  • dk.itp.security.authentication.oauth.jwt.JWTAuthenticationPlugin
    Supports OpenID Connect - both authentication/validation of JWT tokens and issuing/creating JWT tokens when acting as an Identity Provider.
  • dk.itp.security.authentication.oauth.DemoOAuth2AuthenticationPlugin
    Demonstration of OAuth2 authentication plugin - supports issuing OAuth2 tokens and authenticating using Bearer Tokens. Not suited for production use.
  • dk.itp.security.authentication.x509useradm.X509CertificatePlugin
    Supports authentication using X509 Certificates and NemID - authenticates user using challenges in the User Administration Database. Also supports document signing and verification of signatures. Supports user self-registration where user is created based upon certificate information.
  • dk.itp.security.authentication.x509useradm.SSLCertificatePlugin
    Supports authentication and document signing using X509 certificates as client certificates - supports e.g. certificates stored in smartcards.
  • dk.itp.portalprotect.wss.WSSAuthenticationPlugin
    Supports authenticatiion using WS-Security, XML signatures. Also supports SOAP and XML signing/encryption, verification and decryption. See WebService Security andWS-Security Properties for more information.
  • dk.itp.security.authentication.x509.X509CertificatePlugin
    Authenticates user using only information provided in the certificate - supports both SSL Client and NemID certificates and authentication. Does not use a backend store, but only uses list of trusted issuers.
    This can be used to authenticate using certificates / nemid if you have no user store and accept all certificates issued by the configured issuer.
  • dk.itp.security.ldap.jndi.ActiveDirectoryPasswordPlugin
    Authenticates user using userid/password against Active Directory.
  • dk.itp.security.authentication.ldapotp.LdapOTPAuthenticationPlugin
    Authenticates against LDAP server / Active Directory Server and supports OTP code sent via SMS/OTP or TOTP authentication.
  • dk.itp.portalprotect.saml.ADFSSamlSSOAuthPlugin
    Supports SAML ADFS / WebSSO authentication and federation - can both consume authentications and issue tokens. 
  • dk.itp.security.authentication.CrossDomainAuthenticationPlugin
    Supports Crossdomain Session Sharing 
  • dk.itp.security.passticket.server.DummyLogin
    Dummy authentication plugin used solely for testing - does not verify credentials but always accepts authentication with the given credentials.
  • dk.itp.portalprotect.useradmin.server.EmailUAAuthenticationPlugin
    Supports creating users, generating OTP codes and sending them out to them via email - uses UserAdmin API to create users in database.
    Supports authenticating users with the codes they received, letting them choose a new password and updates the users.
  • dk.itp.security.authentication.eticket.plugins.ETicketAuthenticationPlugin
    Provides ETicket support for authenticating users - used in some enterprise SSO scenarios - was previously used in NetID before NemID.
  • dk.itp.security.passticket.server.FileLogin
    Authenticates user using userid/password - uses property files as authentication store.
  • dk.itp.portalprotect.useradmin.server.GoogleAuthUAAuthenticationPlugin (see TOTP (Google) Authenticator)
    Uses Google Authenticator time-based OTP codes for authenticating users - supports generating new tokens and QR codes for use when registering users.
    Uses UserAdmin API for user repository. 
  • dk.itp.security.authentication.jaas.JAASAuthenticationPlugin
    Supports bridging to JAAS LoginModules for authentication.
  • dk.itp.security.ldap.LoginHandlerLdapImpl
    Supports authenticating against an LDAP server using Netscape client API (which performs much better than JNDI).
  • dk.itp.portalprotect.saml.NemIDSamlSSOAuthPlugin
    Supports authenticating users using NemID SAML SSO - this can be used by priviledged service providers for single signon with banks using NemID.
  • dk.itp.security.authentication.ntlm.NTLMAuthenticationPlugin
    Works together with Ceptor Gateway / Dispatcher to authenticate users using NTLM against Active Directory Server in an intranet environment.
  • dk.itp.security.authentication.oauth.LiveConnectAuthenticationPlugin
    Outdated plugin which authenticates users using LiveConnect - you should use OpenID Connect or ADFS/WebSSO plugins instead of this.
  • dk.itp.portalprotect.useradmin.server.SMSUAAuthenticationPlugin (see SMS / Text OTP )
    Generates an OTP code and sends it via SMS using one of the support SMS providers - lets user enter code as two-factor authentication. Uses UserAdmin API against database to retrieve user information and phone number.
  • dk.itp.security.authentication.spnego.SpnegoAuthenticationPlugin
    Authenticates a user using SPNEGO / Kerberos in an intranet environment.
  • dk.itp.portalprotect.useradmin.server.U2FUAAuthenticationPlugin
    Supports Fido U2F Hardware tokens for two-factor authentication - supports user registration and authentication. Uses UserAdmin API to access user repository.
  • dk.itp.security.authentication.bankid.se.BankIDSEAuthenticationPlugin
    Allows authentication using the swedish BankID service.
  • dk.itp.portalprotect.useradmin.server.UAAuthenticationPlugin
    Supports userid/password authentication against UserAdmin API database.
  • dk.itp.security.authentication.ltpa.LTPAAuthenticationPlugin
    Supports authenticating using LTPA Tokens, and also generation of new LTPA tokens based upon currently authenticated user.

  • dk.itp.security.server.NoOpAuthenticationPlugin
    This plugin does not authenticate a user, but allows creating an empty session from a ticket, essentially giving two keys to the session - the regular ID and the ticket, but without using it for any type of authentication or deriving any value from it.

  • dk.itp.security.authentication.wwpass.WWPassAuthenticationPlugin
    Authenticates a user using WWPass login (see https://wwpass.com for details)
  • dk.itp.portalprotect.useradmin.server.WWPassUAAuthenticationPlugin
    Authenticates using WWPass, but registers/stores/uses identity in User Administration Database instead of simply authenticating

...