Create a Custom Authenticator
Version 4.1 by gcoquard on 2021/04/21
It is possible to plug to any existing authentication mechanism such as SiteMinder, etc.
To configure a custom authentication do the following:
- Edit the WEB-INF/xwiki.cfg file and add a xwiki.authentication.authclass property pointing to your class. For example:
xwiki.authentication.authclass = com.acme.MyCustomAuthenticationService
- XWiki 13.3+ To comply with latest best practices, your custom authentication should trigger a UserAuthenticatedEvent event when user authenticates. You can find implementation examples in xwiki-platform-oldcore as MyFormAuthenticator and MyBasicAuthenticator. Note that a UserAuthenticatedEvent should be created with a UserReference.
Here is an example code for a custom authenticator designed as a component:
import ...;
import org.xwiki.observation.ObservationManager;
import org.xwiki.security.authentication.UserAuthenticatedEvent;
import org.xwiki.user.UserReference;
@Component
public class CustomAuthenticator {
// Inject ObservationManager component
@Inject
private ObservationManager observationManager;
...
public void processLogin(...)
{
// You authenticate a user somehow
// You have to retrieve its UserReference
// You should be able to use a UserReferenceResolver if needed
UserReference userReference = ...;
// Then, trigger a UserAuthenticatedEvent by passing previously retrived user reference to UserAuthenticatedEvent constructor
this.observationManager.notify(new UserAuthenticatedEvent(userReference), null);
}
}
import org.xwiki.observation.ObservationManager;
import org.xwiki.security.authentication.UserAuthenticatedEvent;
import org.xwiki.user.UserReference;
@Component
public class CustomAuthenticator {
// Inject ObservationManager component
@Inject
private ObservationManager observationManager;
...
public void processLogin(...)
{
// You authenticate a user somehow
// You have to retrieve its UserReference
// You should be able to use a UserReferenceResolver if needed
UserReference userReference = ...;
// Then, trigger a UserAuthenticatedEvent by passing previously retrived user reference to UserAuthenticatedEvent constructor
this.observationManager.notify(new UserAuthenticatedEvent(userReference), null);
}
}
You can find various authenticators examples in sandbox or extensions.
Here's a tutorial on implementing a custom authentication class for authenticating against Oracle's SSO.
