APIs and Extension Points
To create a custom authentication experience for your Spotfire users, you can use one of the following types of APIs or extension points.
Type | Description |
---|---|
Post-authentication filter | Use a Java class to implement the
com.spotfire.server.security.PostAuthenticationFilter
interface, perform additional checks, or create automation steps to perform
after completing authentication but before logging the user in.
See TIBCO Spotfire Server API for more information. |
Custom JAAS module | Customize a user name and password authentication method
with a JAAS module, which is implemented using the
com.spotfire.server.jaas API. For example,
instead of checking the end-user credentials for the
Spotfire
database or LDAP, you can implement a custom login.
See TIBCO Spotfire Server API for more information. |
External authentication | Use external authentication to provide custom authentication flows where the user's identity can be derived from the incoming HTTP request (for example, using a cookie or a header). External authentication should be combined with a (reverse) proxy or Java class (Custom Web Authentication) that implements the logic that the custom authentication scheme requires. |
Custom Web Authentication | Implement custom web-based authentication flows using the
com.spotfire.server.security.CustomWebAuthenticator
API. A typical use case is to implement an OAuth2-based authentication flow.
See TIBCO Spotfire Server API and Configuring custom web authentication. |
Custom Authentication | Implement custom authentication by implementing the
com.spotfire.server.security.CustomAuthenticator
interface. See
TIBCO Spotfire Server API.
|
Custom login page | Create a custom login page for the
Spotfire Server
to enable a fully customizable look and feel. If the authentication method is
based on user name and password, and if additional information must be
collected from the user, you can combine a custom login page with a
PostAuthenticationFilter and possibly a custom
JAAS login module. See
Replacing the default Login page in the Spotfire
Server web UI in the TIBCO Spotfire Cobranding manual. You might also
find useful information on
The TIBCO Community web site.
|
Authentication Filter API | This feature is deprecated and should no longer be used. |
Additional information about custom authentication methods is
available on TIBCO Community.
- Password Policy and Password Complexity Enforcement
Spotfire Server does not have built-in support for password policies.
Parent topic: Authentication