See
PublishedAPI for packages intended to be used by Plugin and Contrib authors, or
browse all packages.
See also
Developing plugins,
Developer's Bible,
Technical Overview
This login manager may be used to implement single sign on based on Kerberos authentication.
For this to work you will have to set up your server as well as your browser to exchange
kerberos tickes part of the HTTP header. See
LdapContrib for more information.
If no ticket could be exchanged will this login manager fall back to
Foswiki::LoginManager::LdapTemplateLogin
ClassMethod
new($session)
Construct the KerberosLogin object
ObjectMethod
getSessionUser()
returns user as already found in session
ObjectMethod
login($request, $session)
Checks for a neogitiation HTTP header and redirects to login if not.
When found we will redirect to another view to perform the actual ticket exchange.
A special url parameter
_krb_redirect
will be set to prevent multiple redirects
happening by accident.
ObjectMethod
forceAuthentication() → boolean
Triggered by an access control violation, this method tests
to see if the current session is authenticated or not. If not,
it does whatever is needed so that the user can log in, and returns 1.
If the user has an existing authenticated session, the function simply drops
though and returns 0.
ObjectMethod
getUser()
performs the actual kerberos communication to extract the remote user name from the ticket
found in the HTTP header.