org.apache.sling.auth.core.spi

Class AbstractAuthenticationHandler

java.lang.Object

org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler

org.apache.sling.auth.core.spi.AbstractAuthenticationHandler

All Implemented Interfaces:

AuthenticationFeedbackHandler, AuthenticationHandler

Deprecated.

since Bundle 1.0.8; AuthenticationHandler implementations should extend DefaultAuthenticationFeedbackHandler directly and use the utility methods in the AuthUtil class.

@Deprecated
public abstract class AbstractAuthenticationHandler
extends DefaultAuthenticationFeedbackHandler
implements AuthenticationHandler

The AbstractAuthenticationHandler implements the AuthenticationHandler interface and extends the DefaultAuthenticationFeedbackHandler providing some helper methods which may be used by authentication handlers.

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.sling.auth.core.spi.AuthenticationHandler

AuthenticationHandler.FAILURE_REASON_CODES

Field Summary

Fields inherited from interface org.apache.sling.auth.core.spi.AuthenticationHandler

FAILURE_REASON, FAILURE_REASON_CODE, PATH_PROPERTY, REQUEST_LOGIN_PARAMETER, SERVICE_NAME, TYPE_PROPERTY

Constructor Summary

Constructors

Constructor and Description
AbstractAuthenticationHandler() Deprecated.

Method Summary

Modifier and Type	Method and Description
static java.lang.String	getAttributeOrParameter(javax.servlet.http.HttpServletRequest request, java.lang.String name, java.lang.String defaultValue) Deprecated. since Bundle 1.0.8, use AuthUtil.getAttributeOrParameter(HttpServletRequest, String, String)
static java.lang.String	getLoginResource(javax.servlet.http.HttpServletRequest request, java.lang.String defaultLoginResource) Deprecated. since Bundle 1.0.8, use AuthUtil.getLoginResource(HttpServletRequest, String)
static boolean	isRedirectValid(javax.servlet.http.HttpServletRequest request, java.lang.String target) Deprecated. This method has been introduced after Bundle release 1.0.6 but has been replaced with AuthUtil.isRedirectValid(HttpServletRequest, String). Use the latter method.
static boolean	isValidateRequest(javax.servlet.http.HttpServletRequest request) Deprecated. since Bundle 1.0.8, use AuthUtil.isValidateRequest(HttpServletRequest)
static void	sendInvalid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Deprecated. since Bundle 1.0.8, use AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)
static void	sendRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String target, java.util.Map<java.lang.String,java.lang.String> params) Deprecated. since Bundle 1.0.8, use AuthUtil.sendRedirect(HttpServletRequest, HttpServletResponse, String, Map)
static void	sendValid(javax.servlet.http.HttpServletResponse response) Deprecated. since Bundle 1.0.8, use AuthUtil.sendValid(HttpServletResponse)
static java.lang.String	setLoginResourceAttribute(javax.servlet.http.HttpServletRequest request, java.lang.String defaultValue) Deprecated. since Bundle 1.0.8, use AuthUtil.setLoginResourceAttribute(HttpServletRequest, String)

Methods inherited from class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler

authenticationFailed, authenticationSucceeded, handleRedirect

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.sling.auth.core.spi.AuthenticationHandler

dropCredentials, extractCredentials, requestCredentials

Constructor Detail

AbstractAuthenticationHandler

public AbstractAuthenticationHandler()

Deprecated.

Method Detail

getAttributeOrParameter

@Deprecated
public static java.lang.String getAttributeOrParameter(javax.servlet.http.HttpServletRequest request,
                                                                   java.lang.String name,
                                                                   java.lang.String defaultValue)

Deprecated. since Bundle 1.0.8, use AuthUtil.getAttributeOrParameter(HttpServletRequest, String, String)

Returns the value of the named request attribute or parameter as a string as follows:

1. If there is a request attribute of that name, which is a non-empty string, it is returned.
2. If there is a non-empty request parameter of that name, this parameter is returned.
3. Otherwise the defaultValue is returned.

Parameters:

request - The request from which to return the attribute or request parameter

name - The name of the attribute/parameter

defaultValue - The default value to use if neither a non-empty string attribute or a non-empty parameter exists in the request.

Returns:

The attribute, parameter or defaultValue as defined above.

getLoginResource

@Deprecated
public static java.lang.String getLoginResource(javax.servlet.http.HttpServletRequest request,
                                                            java.lang.String defaultLoginResource)

Deprecated. since Bundle 1.0.8, use AuthUtil.getLoginResource(HttpServletRequest, String)

Returns any resource target to redirect to after successful authentication. This method either returns a non-empty string or the defaultLoginResource parameter. First the resource request attribute is checked. If it is a non-empty string, it is returned. Second the resource request parameter is checked and returned if it is a non-empty string.

Parameters:

request - The request providing the attribute or parameter

defaultLoginResource - The default login resource value

Returns:

The non-empty redirection target or defaultLoginResource.

setLoginResourceAttribute

@Deprecated
public static java.lang.String setLoginResourceAttribute(javax.servlet.http.HttpServletRequest request,
                                                                     java.lang.String defaultValue)

Deprecated. since Bundle 1.0.8, use AuthUtil.setLoginResourceAttribute(HttpServletRequest, String)

Ensures and returns the Authenticator.LOGIN_RESOURCE request attribute is set to a non-null, non-empty string. If the attribute is not currently set, this method sets it as follows:

1. If the Authenticator.LOGIN_RESOURCE request parameter is set to a non-empty string, that parameter is set
2. Otherwise if the defaultValue is a non-empty string the default value is used
3. Otherwise the attribute is set to "/"

Parameters:

request - The request to check for the resource attribute

defaultValue - The default value to use if the attribute is not set and the request parameter is not set. This parameter is ignored if it is null or an empty string.

Returns:

returns the value of resource request attribute

Since:

1.0.2 (Bundle version 1.0.4)

sendRedirect

@Deprecated
public static void sendRedirect(javax.servlet.http.HttpServletRequest request,
                                            javax.servlet.http.HttpServletResponse response,
                                            java.lang.String target,
                                            java.util.Map<java.lang.String,java.lang.String> params)
                                     throws java.io.IOException

Deprecated. since Bundle 1.0.8, use AuthUtil.sendRedirect(HttpServletRequest, HttpServletResponse, String, Map)

Redirects to the given target path appending any parameters provided in the parameter map.

This method implements the following functionality:

• The target path is prefixed with the request's context path to ensure proper redirection into the same web application. Therefore the target path parameter must not be prefixed with the context path.
• If the params map does not contain a (non- null) value for the resource entry, such an entry is generated from the request URI and the (optional) query string of the given request.
• The parameters from the params map or at least a single resource parameter are added to the target path for the redirect. Each parameter value is encoded using the java.net.URLEncoder with UTF-8 encoding to make it safe for requests

Parameters:

request - The request object used to get the current request URI and request query string if the params map does not have the resource parameter set.

response - The response used to send the redirect to the client.

target - The target path to redirect the client to. This parameter must not be prefixed with the request's context path because this will be added by this method. If this parameter is not a valid target request as per the isRedirectValid(HttpServletRequest, String) method the target is modified to be the root of the request's context.

params - The map of parameters to be added to the target path. This may be null.

Throws:

java.io.IOException - If an error occurs sending the redirect request

java.lang.IllegalStateException - If the response was committed or if a partial URL is given and cannot be converted into a valid URL

java.lang.InternalError - If the UTF-8 character encoding is not supported by the platform. This should not be caught, because it is a real problem if the encoding required by the specification is missing.

Since:

1.0.2 (Bundle version 1.0.4), 1.0.4 (bundle version 1.0.8) the target is validated with the AuthUtil.isRedirectValid(HttpServletRequest, String) method.

isRedirectValid

@Deprecated
public static boolean isRedirectValid(javax.servlet.http.HttpServletRequest request,
                                                  java.lang.String target)

Deprecated. This method has been introduced after Bundle release 1.0.6 but has been replaced with AuthUtil.isRedirectValid(HttpServletRequest, String). Use the latter method.

This method calls AuthUtil.isRedirectValid(HttpServletRequest, String).

Parameters:

request - The request

target - The redirect url

Returns:

Whether the redirect is valid

isValidateRequest

@Deprecated
public static boolean isValidateRequest(javax.servlet.http.HttpServletRequest request)

Deprecated. since Bundle 1.0.8, use AuthUtil.isValidateRequest(HttpServletRequest)

Returns true if the the client just asks for validation of submitted username/password credentials.

This implementation returns true if the request parameter AuthConstants.PAR_J_VALIDATE is set to true (case-insensitve). If the request parameter is not set or to any value other than true this method returns false.

Parameters:

request - The request to provide the parameter to check

Returns:

true if the AuthConstants.PAR_J_VALIDATE parameter is set to true.

Since:

1.0.2 (Bundle version 1.0.4)

sendValid

@Deprecated
public static void sendValid(javax.servlet.http.HttpServletResponse response)

Deprecated. since Bundle 1.0.8, use AuthUtil.sendValid(HttpServletResponse)

Sends a 200/OK response to a credential validation request.

Parameters:

response - The response object

Since:

1.0.2 (Bundle version 1.0.4)

sendInvalid

@Deprecated
public static void sendInvalid(javax.servlet.http.HttpServletRequest request,
                                           javax.servlet.http.HttpServletResponse response)

Deprecated. since Bundle 1.0.8, use AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)

Sends a 403/FORBIDDEN response optionally stating the reason for this response code in the AuthConstants.X_REASON header. The value for the AuthConstants.X_REASON header is taken from AuthenticationHandler.FAILURE_REASON request attribute if set.

Parameters:

request - The request object

response - The response object

Since:

1.0.2 (Bundle version 1.0.4)