2.3.3. Credentials
Credentials are something that provides evidence of a user's identity; for example a username and password, an X509 certificate or some kind of biometric data such as a fingerprint. PicketLink has extensive support for a variety of credential types, and also makes it relatively simple to add custom support for credential types that PicketLink doesn't support out of the box itself.
In the previous section, we saw a code example in which a
DefaultLoginCredentials
(an implementation of the Credentials
interface that supports a user ID and a credential value) was injected into the SimpleAuthenticator
bean. The most important thing to know about the Credentials
interface in relation to writing your own custom Authenticator
implementation is that you're not forced to use it. However, while the Credentials
interface is mainly designed for use with the Identity Management API (which is documented in a separate chapter) and its methods would rarely be used in a custom Authenticator
, PicketLink provides some implementations which are suitably convenient to use as such, DefaultLoginCredentials
being one of them.
So, in a custom
Authenticator
such as this:
public class SimpleAuthenticator extends BaseAuthenticator { @Inject DefaultLoginCredentials credentials; // code snipped }
The credential injection is totally optional. As an alternative example, it is totally valid to create a request-scoped bean called
UsernamePassword
with simple getters and setters like so:
public @RequestScoped class UsernamePassword { private String username; private String password; public String getUsername() { return username; } public String getPassword() { return password; } public void setUsername(String username) { this.username = username; } public void setPassword(String password) { this.password = password; } }
And then inject that into the
Authenticator
bean instead:
public class SimpleAuthenticator extends BaseAuthenticator { @Inject UsernamePassword usernamePassword; // code snipped }
Of course it is not recommended that you actually do this, however this simplistic example serves adequately for demonstrating the case in point.