This portlet application provides multi-faceted login portlet functionality including captcha and personal questions. Since this is a login portlet, it has minimal hooks to authenticate against Jetspeed. You should be able to easily adapt this portlet application to other portals by changing the authentication code.
There is one portlet found in the portlet.xml: MFALogin. This portlet is configured in the portlet.xml with the following init parameters:
param name | default value | description |
---|---|---|
cookieLifetime | 345600 | The lifetime of the stored cookie in seconds (4 days) |
maxNumberOfAuthenticationFailures | 5 | Maximum number of authentication failures before disabling a user |
randomQuestions | What was the first and last name of our favorite teacher? In what city did you get married? ... | A list of 24 personal questions which will be displayed to the user in random order separated by question marks (?) |
IMPORTANTThe Jetspeed web.xml must be modified. The LoginProxyServlet servlet must have its credentialsFromRequest init param set to false:
<servlet> <servlet-name>LoginProxyServlet</servlet-name> <servlet-class>org.apache.jetspeed.login.LoginProxyServlet</servlet-class> <init-param> <param-name>credentialsFromRequest</param-name> <param-value>false</param-value> </init-param> </servlet>
The following Captcha properties are configured in the mfa.properties found in the WEB-INF directory of your web application.
Property | Default Value | Description |
---|---|---|
captcha.directory | /captchas | The directory where all captchas will be stored when generated. For web applications, this directory should be a in a public viewable area. The directory name is relative to either the running program, or in the case of a web application, relative to the root of the web application |
captcha.effects.noise | false | Turn on the default noise generation for a capcha. Noise generation is not yet configurable to a fine grain but instead enables a set of general noise algorithms including drawing an XORed oval behind the text, and generating gray noise throughout the image. This feature is turned off by default and should not be used with an image background. |
captcha.image.background | images/jetspeedlogo98.jpg | Uses an image file as the background for the capcha image. The default provide is a company logo that has been run through a matte effect. |
captcha.image.background.use | true | Enable or disable using the background image defined in the captcha.image.background property. |
catcha.image.format | .jpg | The image format of the output captcha file. Known supported formats are .jpg and .png |
captcha.font.antialiasing | true | Enable or disable antialiasing. By enabling, you will generate a clearer image at the cost of slower rendering times. |
captcha.font.size | 36 | The point size of the font. |
captcha.font.style | 0 | The style of the font. Valid values are: PLAIN == 0, BOLD == 1, ITALIC == 2, BOLD_ITALIC == 3 |
captcha.font.names | Times | A comma-separated list of font names. Make sure your server supports all listed fonted. When more than one font listed, fonts will be randomized. |
captcha.scanrate.seconds | 300 | Configures the cleanup thread for removal of captchas images. The cleanup thread will run by default every 300 seconds. |
captcha.timetolive.seconds | 120 | Configures the lifetime of a captcha image. Default is 120 seconds before it is deleted. |
captcha.text.maxlength | 8 | The maximum number of characters generated for the captcha string. Randomly used with captcha.text.minlength to vary the size of the captcha string. |
captcha.text.margin.left | 2 | The left-side margin where to start drawing the captcha string in in a device-independent coordinates. |
captcha.text.margin.bottom | 10 | The bottom margin where to start drawing the captcha string in in a device-independent coordinates. |
captcha.text.minlength | 6 | The minimum number of characters generated for the captcha string. Randomly used with captcha.text.maxlength to vary the size of the captcha string. |
captcha.text.rise.range | 30 | The rise from the bottom margin where to start drawing the captcha string. Setting to zero turns off the rising feature. If a positive number is used, the rise will randomly vary between the bottom margin and maximum rise value. |
captcha.text.rotation | 10 | Sets the rotation (vertical alignment variance) of a glyph to control this. The value is in radians. Value should be a positive number or zero. For example, setting to 35, will rotate the glyph randomly between -35 and 35 radians. Setting this value to 0 will turn off rotation. |
captcha.text.shear | 0 | Shearing slides one edge of an image along the X or Y axis, creating a parallelogram. The default value is 0, turning off all shearing effects. Shearing effects can make it more difficult for non-human readers to read the image. Shear values are specified in radians, with values closer to 1.0 creating a more drastic shearing effect. |
captcha.text.spacing | 2 | The space between captcha characters in device-independent coordinates. 0 is a valid value, but can make it difficult to read glyphes when combined with rotations. |
captcha.timestamp | true | Boolean value to enable printing a timestamp at the bottom of the captcha image in a small monospaced font. |
captcha.timestamp.24hr | true | Boolean value set to true when using 24 hour clock on timestamp, otherwise 12 hour clock. |
captcha.timestamp.tz | America/New_York | The Time Zone ID (TZID). The timestamp will be displayed for this timezone. You can also use timezone abbreviations such as EDT (Eastern Daylight Time). | captcha.timestamp.font.size | 8 | The font size of the timestamp. |