Package org.apache.sling.auth.core.spi

Class AbstractAuthenticationHandler

java.lang.Object
org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
All Implemented Interfaces:
AuthenticationFeedbackHandler, AuthenticationHandler
@Deprecated public abstract class AbstractAuthenticationHandler extends DefaultAuthenticationFeedbackHandler implements AuthenticationHandler
Deprecated.
since Bundle 1.0.8; AuthenticationHandler implementations should extend DefaultAuthenticationFeedbackHandler directly and use the utility methods in the AuthUtil class.
The AbstractAuthenticationHandler implements the AuthenticationHandler interface and extends the DefaultAuthenticationFeedbackHandler providing some helper methods which may be used by authentication handlers.

  • Constructor Details

    • AbstractAuthenticationHandler

      public AbstractAuthenticationHandler()
      Deprecated.

  • Method Details

    • getAttributeOrParameter

      @Deprecated public static String getAttributeOrParameter(javax.servlet.http.HttpServletRequest request, String name, String defaultValue)
      Deprecated.
      since Bundle 1.0.8, use AuthUtil.getAttributeOrParameter(HttpServletRequest, String, String)
      Returns the value of the named request attribute or parameter as a string as follows:
      1. If there is a request attribute of that name, which is a non-empty string, it is returned.
      2. If there is a non-empty request parameter of that name, this parameter is returned.
      3. Otherwise the defaultValue is returned.
      Parameters:
      request - The request from which to return the attribute or request parameter
      name - The name of the attribute/parameter
      defaultValue - The default value to use if neither a non-empty string attribute or a non-empty parameter exists in the request.
      Returns:
      The attribute, parameter or defaultValue as defined above.

    • getLoginResource

      @Deprecated public static String getLoginResource(javax.servlet.http.HttpServletRequest request, String defaultLoginResource)
      Deprecated.
      since Bundle 1.0.8, use AuthUtil.getLoginResource(HttpServletRequest, String)
      Returns any resource target to redirect to after successful authentication. This method either returns a non-empty string or the defaultLoginResource parameter. First the resource request attribute is checked. If it is a non-empty string, it is returned. Second the resource request parameter is checked and returned if it is a non-empty string.
      Parameters:
      request - The request providing the attribute or parameter
      defaultLoginResource - The default login resource value
      Returns:
      The non-empty redirection target or defaultLoginResource.

    • setLoginResourceAttribute

      @Deprecated public static String setLoginResourceAttribute(javax.servlet.http.HttpServletRequest request, String defaultValue)
      Deprecated.
      since Bundle 1.0.8, use AuthUtil.setLoginResourceAttribute(HttpServletRequest, String)
      Ensures and returns the Authenticator.LOGIN_RESOURCE request attribute is set to a non-null, non-empty string. If the attribute is not currently set, this method sets it as follows:
      1. If the Authenticator.LOGIN_RESOURCE request parameter is set to a non-empty string, that parameter is set
      2. Otherwise if the defaultValue is a non-empty string the default value is used
      3. Otherwise the attribute is set to "/"
      Parameters:
      request - The request to check for the resource attribute
      defaultValue - The default value to use if the attribute is not set and the request parameter is not set. This parameter is ignored if it is null or an empty string.
      Returns:
      returns the value of resource request attribute
      Since:
      1.0.2 (Bundle version 1.0.4)

    • sendRedirect

      @Deprecated public static void sendRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String target, Map<String,String> params) throws IOException
      Deprecated.
      since Bundle 1.0.8, use AuthUtil.sendRedirect(HttpServletRequest, HttpServletResponse, String, Map)
      Redirects to the given target path appending any parameters provided in the parameter map.

      This method implements the following functionality:

      • The target path is prefixed with the request's context path to ensure proper redirection into the same web application. Therefore the target path parameter must not be prefixed with the context path.
      • If the params map does not contain a (non- null) value for the resource entry, such an entry is generated from the request URI and the (optional) query string of the given request.
      • The parameters from the params map or at least a single resource parameter are added to the target path for the redirect. Each parameter value is encoded using the java.net.URLEncoder with UTF-8 encoding to make it safe for requests
      Parameters:
      request - The request object used to get the current request URI and request query string if the params map does not have the resource parameter set.
      response - The response used to send the redirect to the client.
      target - The target path to redirect the client to. This parameter must not be prefixed with the request's context path because this will be added by this method. If this parameter is not a valid target request as per the isRedirectValid(HttpServletRequest, String) method the target is modified to be the root of the request's context.
      params - The map of parameters to be added to the target path. This may be null.
      Throws:
      IOException - If an error occurs sending the redirect request
      IllegalStateException - If the response was committed or if a partial URL is given and cannot be converted into a valid URL
      InternalError - If the UTF-8 character encoding is not supported by the platform. This should not be caught, because it is a real problem if the encoding required by the specification is missing.
      Since:
      1.0.2 (Bundle version 1.0.4), 1.0.4 (bundle version 1.0.8) the target is validated with the AuthUtil.isRedirectValid(HttpServletRequest, String) method.

    • isRedirectValid

      @Deprecated public static boolean isRedirectValid(javax.servlet.http.HttpServletRequest request, String target)
      Deprecated.
      This method has been introduced after Bundle release 1.0.6 but has been replaced with AuthUtil.isRedirectValid(HttpServletRequest, String). Use the latter method.
      This method calls AuthUtil.isRedirectValid(HttpServletRequest, String).
      Parameters:
      request - The request
      target - The redirect url
      Returns:
      Whether the redirect is valid

    • isValidateRequest

      @Deprecated public static boolean isValidateRequest(javax.servlet.http.HttpServletRequest request)
      Deprecated.
      since Bundle 1.0.8, use AuthUtil.isValidateRequest(HttpServletRequest)
      Returns true if the the client just asks for validation of submitted username/password credentials.

      This implementation returns true if the request parameter AuthConstants.PAR_J_VALIDATE is set to true (case-insensitve). If the request parameter is not set or to any value other than true this method returns false.

      Parameters:
      request - The request to provide the parameter to check
      Returns:
      true if the AuthConstants.PAR_J_VALIDATE parameter is set to true.
      Since:
      1.0.2 (Bundle version 1.0.4)

    • sendValid

      @Deprecated public static void sendValid(javax.servlet.http.HttpServletResponse response)
      Deprecated.
      since Bundle 1.0.8, use AuthUtil.sendValid(HttpServletResponse)
      Sends a 200/OK response to a credential validation request.
      Parameters:
      response - The response object
      Since:
      1.0.2 (Bundle version 1.0.4)

    • sendInvalid

      @Deprecated public static void sendInvalid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Deprecated.
      since Bundle 1.0.8, use AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)
      Sends a 403/FORBIDDEN response optionally stating the reason for this response code in the AuthConstants.X_REASON header. The value for the AuthConstants.X_REASON header is taken from AuthenticationHandler.FAILURE_REASON request attribute if set.
      Parameters:
      request - The request object
      response - The response object
      Since:
      1.0.2 (Bundle version 1.0.4)