com.caucho.server.http
Class AbstractAuthenticator
java.lang.Object
|
+--com.caucho.server.http.AbstractAuthenticator
- All Implemented Interfaces:
- Authenticator
- Direct Known Subclasses:
- JdbcAuthenticator, NullAuthenticator
- public abstract class AbstractAuthenticator
- extends java.lang.Object
- implements Authenticator
All applications should extend AbstractAuthenticator to implement
their custom authenticators. While this isn't absolutely required,
it protects implementations from API changes.
Method Summary |
java.security.Principal |
authenticate(HttpServletRequest request)
Grab the user from the request, assuming the user has
already logged in. |
java.security.Principal |
authenticate(HttpServletRequest request,
java.lang.String user,
java.lang.String password)
Authenticate (login) the user. |
java.security.Principal |
authenticate(java.lang.String user,
java.lang.String password)
|
java.security.Principal |
authenticateCookie(HttpServletRequest request,
java.lang.String cookieValue)
|
java.security.Principal |
authenticateCookie(java.lang.String cookieValue)
|
ServletContext |
getServletContext()
Returns the servlet context owning this authenticator. |
void |
init()
Initialize the authenticator with the application. |
void |
init(CauchoApplication app,
RegistryNode params)
Initialize the authenticator with the application. |
boolean |
isUserInRole(HttpServletRequest request,
java.security.Principal user,
java.lang.String role)
Returns true if the user plays the named role. |
boolean |
isUserInRole(java.security.Principal user,
java.lang.String role)
|
java.security.Principal |
login(HttpServletRequest request,
HttpServletResponse response,
java.lang.String user,
java.lang.String password,
boolean allowCookie)
Logs the user in with any appropriate password. |
void |
logout(HttpServletRequest request)
Logs the user out from the session. |
boolean |
updateCookie(HttpServletRequest request,
java.security.Principal user,
java.lang.String cookieValue)
|
boolean |
updateCookie(java.security.Principal user,
java.lang.String cookieValue)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
application
protected ServletContext application
params
protected RegistryNode params
AbstractAuthenticator
public AbstractAuthenticator()
init
public void init(CauchoApplication app,
RegistryNode params)
throws ServletException
- Initialize the authenticator with the application. After calling
init(), the setXXX bean methods will be called for any init-param.
- Specified by:
init
in interface Authenticator
- Parameters:
application
- the owning application.
init
public void init()
throws ServletException
- Initialize the authenticator with the application.
getServletContext
public ServletContext getServletContext()
- Returns the servlet context owning this authenticator.
authenticate
public java.security.Principal authenticate(HttpServletRequest request)
throws ServletException
- Grab the user from the request, assuming the user has
already logged in. In other words, overriding methods could
use cookies or the session to find the logged in principal, but
shouldn't try to log the user in with form parameters.
- Specified by:
authenticate
in interface Authenticator
- Parameters:
request
- the servlet request.- Returns:
- a Principal representing the user or null if none has logged in.
login
public java.security.Principal login(HttpServletRequest request,
HttpServletResponse response,
java.lang.String user,
java.lang.String password,
boolean allowCookie)
- Logs the user in with any appropriate password.
- Specified by:
login
in interface Authenticator
- Following copied from interface:
com.caucho.server.http.Authenticator
- Parameters:
request
- servlet requestresponse
- servlet response, in case any cookie need sending.user
- the user name.password
- the user's presented password.allowCookie
- true if the user allows cookies for
subsequent requests.- Returns:
- the logged in principal on success, null on failure.
isUserInRole
public boolean isUserInRole(HttpServletRequest request,
java.security.Principal user,
java.lang.String role)
- Returns true if the user plays the named role.
- Specified by:
isUserInRole
in interface Authenticator
- Parameters:
request
- the servlet requestuser
- the user to testrole
- the role to test
logout
public void logout(HttpServletRequest request)
- Logs the user out from the session.
- Specified by:
logout
in interface Authenticator
- Parameters:
request
- the servlet request
authenticate
public java.security.Principal authenticate(HttpServletRequest request,
java.lang.String user,
java.lang.String password)
- Authenticate (login) the user.
authenticateCookie
public java.security.Principal authenticateCookie(HttpServletRequest request,
java.lang.String cookieValue)
updateCookie
public boolean updateCookie(HttpServletRequest request,
java.security.Principal user,
java.lang.String cookieValue)
authenticate
public java.security.Principal authenticate(java.lang.String user,
java.lang.String password)
authenticateCookie
public java.security.Principal authenticateCookie(java.lang.String cookieValue)
updateCookie
public boolean updateCookie(java.security.Principal user,
java.lang.String cookieValue)
isUserInRole
public boolean isUserInRole(java.security.Principal user,
java.lang.String role)