org.apache.sling.auth.core.spi
Class AbstractAuthenticationHandler

java.lang.Object
  extended by org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
      extended by org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
All Implemented Interfaces:
AuthenticationFeedbackHandler, AuthenticationHandler
Direct Known Subclasses:
SelectorAuthenticationHandler

public abstract class AbstractAuthenticationHandler
extends DefaultAuthenticationFeedbackHandler
implements AuthenticationHandler

The AbstractAuthenticationHandler implements the AuthenticationHandler interface and extends the DefaultAuthenticationFeedbackHandler providing some helper methods which may be used by authentication handlers.


Field Summary
 
Fields inherited from interface org.apache.sling.auth.core.spi.AuthenticationHandler
FAILURE_REASON, PATH_PROPERTY, REQUEST_LOGIN_PARAMETER, SERVICE_NAME, TYPE_PROPERTY
 
Constructor Summary
AbstractAuthenticationHandler()
           
 
Method Summary
static String getAttributeOrParameter(javax.servlet.http.HttpServletRequest request, String name, String defaultValue)
          Returns the value of the named request attribute or parameter as a string as follows: If there is a request attribute of that name, which is a non-empty string, it is returned.
static String getLoginResource(javax.servlet.http.HttpServletRequest request, String defaultLoginResource)
          Returns any resource target to redirect to after successful authentication.
static boolean isValidateRequest(javax.servlet.http.HttpServletRequest request)
          Returns true if the the client just asks for validation of submitted username/password credentials.
static void sendInvalid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Sends a 403/FORBIDDEN response to a credential validation request providing the given reason as the value of the X_REASON header.
static void sendRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String target, Map<String,String> params)
          Redirects to the given target path appending any parameters provided in the parameter map.
static void sendValid(javax.servlet.http.HttpServletResponse response)
          Sends a 200/OK response to a credential validation request.
static String setLoginResourceAttribute(javax.servlet.http.HttpServletRequest request, String defaultValue)
          Ensures and returns the Authenticator.LOGIN_RESOURCE request attribute is set to a non-null, non-empty string.
 
Methods inherited from class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
authenticationFailed, authenticationSucceeded, handleRedirect
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.sling.auth.core.spi.AuthenticationHandler
dropCredentials, extractCredentials, requestCredentials
 

Constructor Detail

AbstractAuthenticationHandler

public AbstractAuthenticationHandler()
Method Detail

getAttributeOrParameter

public static String getAttributeOrParameter(javax.servlet.http.HttpServletRequest request,
                                             String name,
                                             String defaultValue)
Returns the value of the named request attribute or parameter as a string as follows:
  1. If there is a request attribute of that name, which is a non-empty string, it is returned.
  2. If there is a non-empty request parameter of that name, this parameter is returned.
  3. Otherwise the defaultValue is returned.

    Parameters:
    request - The request from which to return the attribute or request parameter
    name - The name of the attribute/parameter
    defaultValue - The default value to use if neither a non-empty string attribute or a non-empty parameter exists in the request.
    Returns:
    The attribute, parameter or defaultValue as defined above.

getLoginResource

public static String getLoginResource(javax.servlet.http.HttpServletRequest request,
                                      String defaultLoginResource)
Returns any resource target to redirect to after successful authentication. This method either returns a non-empty string or the defaultLoginResource parameter. First the resource request attribute is checked. If it is a non-empty string, it is returned. Second the resource request parameter is checked and returned if it is a non-empty string.

Parameters:
request - The request providing the attribute or parameter
defaultLoginResource - The default login resource value
Returns:
The non-empty redirection target or defaultLoginResource.

setLoginResourceAttribute

public static String setLoginResourceAttribute(javax.servlet.http.HttpServletRequest request,
                                               String defaultValue)
Ensures and returns the Authenticator.LOGIN_RESOURCE request attribute is set to a non-null, non-empty string. If the attribute is not currently set, this method sets it as follows:
  1. If the Authenticator.LOGIN_RESOURCE request parameter is set to a non-empty string, that parameter is set
  2. Otherwise if the defaultValue is a non-empty string the default value is used
  3. Otherwise the attribute is set to "/"

Parameters:
request - The request to check for the resource attribute
defaultValue - The default value to use if the attribute is not set and the request parameter is not set. This parameter is ignored if it is null or an empty string.
Returns:
returns the value of resource request attribute
Since:
1.0.2 (Bundle version 1.0.4)

sendRedirect

public static void sendRedirect(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response,
                                String target,
                                Map<String,String> params)
                         throws IOException
Redirects to the given target path appending any parameters provided in the parameter map.

This method implements the following functionality:

Parameters:
request - The request object used to get the current request URI and request query string if the params map does not have the resource parameter set.
response - The response used to send the redirect to the client.
target - The target path to redirect the client to. This parameter must not be prefixed with the request's context path because this will be added by this method.
params - The map of parameters to be added to the target path. This may be null.
Throws:
IOException - If an error occurrs sending the redirect request
IllegalStateException - If the response was committed or if a partial URL is given and cannot be converted into a valid URL
InternalError - If the UTF-8 character encoding is not supported by the platform. This should not be caught, because it is a real problem if the encoding required by the specification is missing.
Since:
1.0.2 (Bundle version 1.0.4)

isValidateRequest

public static boolean isValidateRequest(javax.servlet.http.HttpServletRequest request)
Returns true if the the client just asks for validation of submitted username/password credentials.

This implementation returns true if the request parameter PAR_J_VALIDATE is set to true (case-insensitve). If the request parameter is not set or to any value other than true this method returns false.

Parameters:
request - The request to provide the parameter to check
Returns:
true if the PAR_J_VALIDATE parameter is set to true.
Since:
1.0.2 (Bundle version 1.0.4)

sendValid

public static void sendValid(javax.servlet.http.HttpServletResponse response)
Sends a 200/OK response to a credential validation request.

Parameters:
response - The response object
Since:
1.0.2 (Bundle version 1.0.4)

sendInvalid

public static void sendInvalid(javax.servlet.http.HttpServletRequest request,
                               javax.servlet.http.HttpServletResponse response)
Sends a 403/FORBIDDEN response to a credential validation request providing the given reason as the value of the X_REASON header.

Parameters:
response - The response object
reason - The reason to set on the header; not expected to be null
Since:
1.0.2 (Bundle version 1.0.4)


Copyright © 2007-2011 The Apache Software Foundation. All Rights Reserved.