Package org.apache.sling.auth.core
Class AuthConstants
java.lang.Object
org.apache.sling.auth.core.AuthConstants
The
AuthConstants provides a collection of constants used to
configure and customize the Sling authentication infrastructure.
This class can neither be extended from nor can it be instantiated.
- Since:
- 1.1 (bundle version 1.0.8)
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringThe name of the request attribute containing the list of request URI suffixes handled by the default authenticatororg.apache.sling.auth.core.impl.SlingAuthenticator.static final StringService Registration property which may be set by anAuthenticationHandlerservice to indicate whether itsAuthenticationHandler.requestCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)method supports non-browser requests (according toAuthUtil.isBrowserRequest(javax.servlet.http.HttpServletRequest)or not.static final StringMarker property in theAuthenticationInfoobject returned by theAuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)method indicating a first authentication considered to be a login.static final StringAny OSGi service may provide asling.auth.requirementsregistration property which is used to dynamically extend the authentication requirements for theAuthenticationSupport.static final StringThe name of the request parameter indicating that the submitted username and password should just be checked and a status code be set for success (200/OK) or failure (403/FORBIDDEN).static final StringThe topic for the OSGi event which is sent when a user has logged in successfully.static final StringThe topic for the OSGi event which is sent when a user has failed to login successfully.static final StringThe name of the request header set by theAuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)method if the provided credentials cannot be used for login.static final StringThe name of the request header set by theAuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)method if the provided credentials cannot be used for login. -
Method Summary
-
Field Details
-
PAR_J_VALIDATE
The name of the request parameter indicating that the submitted username and password should just be checked and a status code be set for success (200/OK) or failure (403/FORBIDDEN). -
X_REASON
The name of the request header set by theAuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)method if the provided credentials cannot be used for login.This header may be inspected by clients for a reason why the request failed.
-
X_REASON_CODE
The name of the request header set by theAuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)method if the provided credentials cannot be used for login.This header may be inspected by clients for a a detailed reason code why the request failed.
-
AUTH_HANDLER_BROWSER_ONLY
Service Registration property which may be set by anAuthenticationHandlerservice to indicate whether itsAuthenticationHandler.requestCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)method supports non-browser requests (according toAuthUtil.isBrowserRequest(javax.servlet.http.HttpServletRequest)or not.For backwards compatibility with existing
AuthenticationHandlerservices the default assumption in the absence of this property is that all requests are supported.If this property is set to
trueoryes(case-insensitive check) the handler is not called for requests assumed to be sent from non-browser clients. Any other value of this property indicates support for non-browser requests by the handler.Note that this property only influences whether the
requestCredentialsmethod is called or not. TheextractCredentialsanddropCredentialsare called regardless of this property.- See Also:
-
AUTH_INFO_LOGIN
Marker property in theAuthenticationInfoobject returned by theAuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)method indicating a first authentication considered to be a login.By setting this property to any non-
nullvalue anAuthenticationHandlerindicates, that theTOPIC_LOGINevent should be fired after successfully acquiring theResourceResolver.- See Also:
-
TOPIC_LOGIN
The topic for the OSGi event which is sent when a user has logged in successfully. The event contains at least theSlingConstants.PROPERTY_USERIDand theAuthenticationInfo.AUTH_TYPEproperties.- See Also:
-
TOPIC_LOGIN_FAILED
The topic for the OSGi event which is sent when a user has failed to login successfully. The event contains at least theSlingConstants.PROPERTY_USERIDand theAuthenticationInfo.AUTH_TYPEproperties.- See Also:
-
AUTH_REQUIREMENTS
Any OSGi service may provide asling.auth.requirementsregistration property which is used to dynamically extend the authentication requirements for theAuthenticationSupport. This may for example be set by AuthenticationHandler implementations providing a login form to ensure access to the login form does not require authentication. The value of this property is a single string, an array of strings or a Collection of strings. Each string can be an absolute path (such as /content) or and absolute URI (such as http://thehost/content). Optionally each entry may be prefixed by a plus (+) or minus (-) sign indicating that authentication is required (plus) or not required (minus).- See Also:
-
ATTR_REQUEST_AUTH_URI_SUFFIX
The name of the request attribute containing the list of request URI suffixes handled by the default authenticatororg.apache.sling.auth.core.impl.SlingAuthenticator. The authenticator will populate this attribute so that login JSPs can post j_username and j_password to the correct URI.- Since:
- 1.3.2 (bundle version 1.4.0)
- See Also:
-