facebook
  1. Genuitec Learning Center
    2.  > 
  2. Secure Delivery Center
    3.  > 
  3. Advanced Administration

External Users Extension

The External Users Extension allows you to use your company’s name lookup service, instead of having SDC keep track of your user accounts. It is defined by the API in the abstract class com.genuitec.pulse.server.delivery.extension.user.DeliveryExternalUsersExtension.

Note: If you are using LDAP, see External Authentication Extension (LDAP).

When you install an implementation of the External Users Extension, the entire SDC system changes in the following ways:

  • Whenever authentication is required, users are authenticated via your extension.
  • If your extension provides only user authentication, you must create an administrator user with an ID that matches the ID that same user will have in your extension. This is the only way to bootstrap administrators in this mode. Existing users/administrators whose IDs do not match user IDs as defined by your extension will be disabled but not deleted. This allows you to disable your user extension and use the admin you defined during installation if you run into problems with your extension.
  • The Advanced tab on the System Administration page indicates extensions are enabled.


    Extension use indicators on System Administration page

Creating the SDC Extension

Code your extensions against sdc-extensions.jar found in sdc-extensions.zip. You will be providing a subclass of the DeliveryExternalUsersExtension class. This abstract class provides all the APIs necessary to validate, lookup, and search for users.

The minimal implementation requires you to only implement the validateUser(DeliveryexternalUserAuthenticateRequest) andgetExternalUserCapabilities() methods. Doing so causes SDC to use your extension to authenticate users, but you will manage administrators inside the Admin Console.

Implementing the searchUsers(DeliveryExternalUserSearchRequest) and lookupUsers(DeliveryExternalUserLookupRequest)methods allows you to search for users inside the Admin Console.

Finally, implementing lookupAdmins(DeliveryExternalUserLookupRequest)allows you to control which users are SDC Administrators via your extension.

Extension JavaDoc: JavaDoc

Authentication Via the Basic External User Example

The Basic External User example illustrates how to authenticate users via an external authentication mechanism. In this example, the user names all follow the form “user” + number, for example, user1, user2, and user101. The password for each of these users is “password” + number, so the respective passwords for the users given are password1, password2, and password101. No administrators are managed by the system, so make sure you create an administrator, for example “user100”, before you enable this example.

Example projects: example-extension-projects.zip

Follow the steps below to try this example.

  1. In the Admin Console, create user named ‘user100’.
  2. Designate user100 as a system administrator. This special user100 will authenticate against a password in the external authentication delegate, but must be created in advance so you are able to log in to the Admin Console to administer the system.
  3. Exit the Admin Console, and stop the SDC server.
  4. Copy the admin-auth-basic.jar file from example-extensions-projects.zip to Data Files/system-config/private/server-extensions.
  5. Start the SDC server.
  6. Open and log in to the Admin Console, and confirm extensions are active on the Advanced tab of the System page.

Authentication via the Bobs Admin Authentication Example

The Bobs Admin Authentication example also illustrates how to authenticate users and administrators via an external authentication mechanism. It also provides search and lookup functionally, Finally, it illustrates specifying the class of the extension in the MANIFEST.MF file.

In this example, the user names all follow the form “bob” + number, for example, bob1, bob2, and bob101. The password for each of these users is “password” + number, so the respective passwords for the users given are password1, password2, and password101. Users “bob1” and “bob2” are administrators, all other users are basic users.

Delivery-External-Users: <your external users authentication class name here>

An example of using a custom class name is demonstrated in the Bobs Admin Authentication Example.

Example projects: example-extension-projects.zip

Follow the steps below to try this example.

  1. Stop the SDC server.
  2. Copy the admin-auth-the-bobs.jar Jar file from example-extensions-projects.zip to Data Files/system-config/private/server-extensions.
  3. Start the SDC server.
  4. Open and log in to the Admin Console, and confirm extensions are active on the Advanced tab of the System page. Remember to use bob1 or bob2 as your administrator accounts.

Creating JAR Files from jardesc Files

Creating exports of your extension can be done easily using jardesc files.

  1. In Eclipse, open the Package Explorer view.
  2. Right-click the jardesc file, and select Create Jar from the menu.

You might need to modify some of the paths within the jardesc file to match your project structure depending on your team provider. These files are plain text and can be edited in Eclipse by right-clicking the file and selecting Open With>Text Editor from the menu.