User IAM Custom Authenticator

Fabric enables you to use a custom authenticator for the users' IAM.

Authenticator is responsible for the following:

  • Verifying user's credentials, as populated in the login page.
  • Supplying the user-name and his associated roles.

In addition, when relevant and available, it provides a way to acquire and display user list information.

How to create a custom authenticator

A custom authenticator implements the com.k2view.fabric.authentication.providers.Authenticator interface.

It implements 3 methods:

  • authenticate() which is responsible for authenticating the input credentials' parameters. It returns an AuthnResponse object.
  • listUsers() which returns a list (iterator) of users (UserItem object).
  • type() where the authenticator declares a type of format "AuthenticationType.CUSTOM". This is used for both operational and auditorial purposes.

How to pack and deploy custom authenticator

Pack the authenticator into a JAR file and locate it under the $K2_HOME/ExternalJars directory.

The JAR should be copied to each of the cluster nodes.

For more information about working with external JAR files, see here.

How to activate custom authenticator

To activate the authenticator, configure it in the config.ini file. For more information read here.

After the authenticator has been properly configured, restart Fabric.

Previous

User IAM Custom Authenticator

Fabric enables you to use a custom authenticator for the users' IAM.

Authenticator is responsible for the following:

  • Verifying user's credentials, as populated in the login page.
  • Supplying the user-name and his associated roles.

In addition, when relevant and available, it provides a way to acquire and display user list information.

How to create a custom authenticator

A custom authenticator implements the com.k2view.fabric.authentication.providers.Authenticator interface.

It implements 3 methods:

  • authenticate() which is responsible for authenticating the input credentials' parameters. It returns an AuthnResponse object.
  • listUsers() which returns a list (iterator) of users (UserItem object).
  • type() where the authenticator declares a type of format "AuthenticationType.CUSTOM". This is used for both operational and auditorial purposes.

How to pack and deploy custom authenticator

Pack the authenticator into a JAR file and locate it under the $K2_HOME/ExternalJars directory.

The JAR should be copied to each of the cluster nodes.

For more information about working with external JAR files, see here.

How to activate custom authenticator

To activate the authenticator, configure it in the config.ini file. For more information read here.

After the authenticator has been properly configured, restart Fabric.

Previous