When using custom authentication, only the authentication (and the per-repository restrictions) are delegated to the configured class.
The configured user directories are still used to hold the user, groups and memberships lists. In most configurations you should use an internal directory together with custom authentication.
If possible you should use a supported external directory, rather than custom authentication.
To implement an arbitrary form of authentication and authorization for FishEye you need to provide a class which extends
com.cenqua.fisheye.user.plugin.AbstractFishEyeAuthenticator. You can find more information about custom FishEye authorization in the online javadocs and the library jar.
For FishEye to use the authenticator, it must be compiled, placed in a jar archive and then put in the
$FISHEYE_INST/lib directory. If other third-party libraries are required by your authenticator, they must also be in the
After implementing a custom authenticator, the next step is to configure FishEye to use it.
Click Setup Custom authentication on the FishEye Authentication page, in the Admin area.
You will be presented with a form containing the following fields to be set:
The fully qualified class name of your AbstractFishEyeAuthenticator, e.g.
FishEye can automatically create a user it has not previously encountered if the user can successfully authenticate against your authenticator.
Any properties your authenticator requires. These will be passed to its
Per-repository constraint configuration
You may also require a per-repository constraint to restrict access to specific repositories using your custom authenticator. If a custom authenticator is set, then the Permissions Summary table will display the constraint per repository and a link to enable you to edit it.
When using FishEye's built-in groups in conjunction with a custom authenticator, a user will have access to a repository if:
- the user is in an allowed group for the repository
- or the
hasPermissionToAccessmethod of the custom authenticator returns true.
The 'Authentication Test' page allows you to enter a user's credentials and to test the user's authentication. It will also test which repositories the user is authorized to access.