...
By default, the following authorization plugins are supplied:
Warning |
---|
Check your license before using any of these - your license might not grant you permission to use all of these authentication plugins. |
- dk.itp.security.ldap.jndi.ActiveDirectoryPasswordPlugin
Uses JNDI lookups to authenticate a user in LDAP. - dk.itp.security.authentication.oauth.jwt.JWTAuthenticationPlugin
Supports OpenID Connect - both authentication/validation of JWT tokens and issuing/creating JWT tokens when acting as an Identity Provider. - dk.itp.security.authentication.oauth.DemoOAuth2AuthenticationPlugin
Demonstration of OAuth2 authentication plugin - supports issuing OAuth2 tokens and authenticating using Bearer Tokens. Not suited for production use. - dk.itp.security.authentication.x509useradm.X509CertificatePlugin
Supports authentication using X509 Certificates and NemID - authenticates user using challenges in the User Administration Database. Also supports document signing and verification of signatures. Supports user self-registration where user is created based upon certificate information. - dk.itp.security.authentication.x509useradm.SSLCertificatePlugin
Supports authentication and document signing using X509 certificates as client certificates - supports e.g. certificates stored in smartcards. - dk.itp.portalprotect.wss.WSSAuthenticationPlugin
Supports authenticatiion using WS-Security, XML signatures. Also supports SOAP and XML signing/encryption, verification and decryption. See WebService Security andWS-Security Properties for more information. - dk.itp.security.authentication.x509.X509CertificatePlugin
Authenticates user using only information provided in the certificate - supports both SSL Client and NemID certificates and authentication. Does not use a backend store, but only uses list of trusted issuers.
This can be used to authenticate using certificates / nemid if you have no user store and accept all certificates issued by the configured issuer. - dk.itp.security.ldap.jndi.ActiveDirectoryPasswordPlugin
Authenticates user using userid/password against Active Directory. - dk.itp.security.authentication.ldapotp.LdapOTPAuthenticationPlugin
Authenticates against LDAP server / Active Directory Server and supports OTP code sent via SMS/OTP or TOTP authentication. - dk.itp.portalprotect.saml.ADFSSamlSSOAuthPlugin
Supports SAML ADFS / WebSSO authentication and federation - can both consume authentications and issue tokens. - dk.itp.security.authentication.CrossDomainAuthenticationPlugin
Supports Crossdomain Session Sharing - dk.itp.security.passticket.server.DummyLogin
Dummy authentication plugin used solely for testing - does not verify credentials but always accepts authentication with the given credentials. - dk.itp.portalprotect.useradmin.server.EmailUAAuthenticationPlugin
Supports creating users, generating OTP codes and sending them out to them via email - uses UserAdmin API to create users in database.
Supports authenticating users with the codes they received, letting them choose a new password and updates the users. - dk.itp.security.authentication.eticket.plugins.ETicketAuthenticationPlugin
Provides ETicket support for authenticating users - used in some enterprise SSO scenarios - was previously used in NetID before NemID. - dk.itp.security.passticket.server.FileLogin
Authenticates user using userid/password - uses property files as authentication store. - dk.itp.portalprotect.useradmin.server.GoogleAuthUAAuthenticationPlugin (see TOTP (Google) Authenticator)
Uses Google Authenticator time-based OTP codes for authenticating users - supports generating new tokens and QR codes for use when registering users.
Uses UserAdmin API for user repository. - dk.itp.security.authentication.jaas.JAASAuthenticationPlugin
Supports bridging to JAAS LoginModules for authentication. - dk.itp.security.ldap.LoginHandlerLdapImpl
Supports authenticating against an LDAP server using Netscape client API (which performs much better than JNDI). - dk.itp.portalprotect.saml.NemIDSamlSSOAuthPlugin
Supports authenticating users using NemID SAML SSO - this can be used by priviledged service providers for single signon with banks using NemID. - dk.itp.security.authentication.ntlm.NTLMAuthenticationPlugin
Works together with Ceptor Gateway / Dispatcher to authenticate users using NTLM against Active Directory Server in an intranet environment. - dk.itp.security.authentication.oauth.LiveConnectAuthenticationPlugin
Outdated plugin which authenticates users using LiveConnect - you should use OpenID Connect or ADFS/WebSSO plugins instead of this. - dk.itp.portalprotect.useradmin.server.SMSUAAuthenticationPlugin (see SMS / Text OTP )
Generates an OTP code and sends it via SMS using one of the support SMS providers - lets user enter code as two-factor authentication. Uses UserAdmin API against database to retrieve user information and phone number. - dk.itp.security.authentication.spnego.SpnegoAuthenticationPlugin
Authenticates a user using SPNEGO / Kerberos in an intranet environment. - dk.itp.portalprotect.useradmin.server.U2FUAAuthenticationPlugin
Supports Fido U2F Hardware tokens for two-factor authentication - supports user registration and authentication. Uses UserAdmin API to access user repository. - dk.itp.security.authentication.bankid.se.BankIDSEAuthenticationPlugin
Allows authentication using the swedish BankID service. - dk.itp.portalprotect.useradmin.server.UAAuthenticationPlugin
Supports userid/password authentication against UserAdmin API database. - dk.itp.security.authentication.ltpa.LTPAAuthenticationPlugin
Supports authenticating using LTPA Tokens, and also generation of new LTPA tokens based upon currently authenticated user. dk.itp.security.server.NoOpAuthenticationPlugin
This plugin does not authenticate a user, but allows creating an empty session from a ticket, essentially giving two keys to the session - the regular ID and the ticket, but without using it for any type of authentication or deriving any value from it.- dk.itp.security.authentication.wwpass.WWPassAuthenticationPlugin
Authenticates a user using WWPass login (see https://wwpass.com for details) - dk.itp.portalprotect.useradmin.server.WWPassUAAuthenticationPlugin
Authenticates using WWPass, but registers/stores/uses identity in User Administration Database instead of simply authenticating
...