Package org.apache.sling.auth.core.spi

Class DefaultAuthenticationFeedbackHandler

java.lang.Object
org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
All Implemented Interfaces:
AuthenticationFeedbackHandler
Direct Known Subclasses:
AbstractAuthenticationHandler
public class DefaultAuthenticationFeedbackHandler extends Object implements AuthenticationFeedbackHandler

  • Constructor Details

    • DefaultAuthenticationFeedbackHandler

      public DefaultAuthenticationFeedbackHandler()

  • Method Details

    • handleRedirect

      public static boolean handleRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Handles an optional request for a redirect after successful authentication and true if the request has been redirected.

      This method checks AuthenticationSupport.REDIRECT_PARAMETER request parameter for the redirect target. This parameter is handled as follows:

      • If the parameter does not exist, the method does not redirect and false is returned.
      • If the parameter is the string true or is empty, a redirect response to the request URI (HttpServletRequest.getRequestURI()) is sent and true is returned.
      • If the parameter is a relative path, the path is made absolute by resolving it relative to the request URI (HttpServletRequest.getRequestURI()). The resulting target is validated with the AbstractAuthenticationHandler.isRedirectValid(HttpServletRequest, String) method. If valid a redirect to that target is sent back and true is returned. Otherwise a redirect to the servlet context root is sent back and true is returned.
      • If the parameter is an absolute path it is validated with the AbstractAuthenticationHandler.isRedirectValid(HttpServletRequest, String) method. If valid a redirect to that path is sent back and true is returned. Otherwise a redirect to the servlet context root is sent back and true is returned.
      If sending the redirect response fails due to some IO problems, the request is still terminated but an error message is logged indicating the problem.
      Parameters:
      request - The servlet request
      response - The servlet response
      Returns:
      true if redirect was requested. Otherwise false is returned. Note, that true is returned regardless of whether sending the redirect response succeeded or not.
      Since:
      1.0.4 (bundle version 1.0.8) the target is validated with the AbstractAuthenticationHandler.isRedirectValid(HttpServletRequest, String) method.

    • authenticationFailed

      public void authenticationFailed(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationInfo authInfo)
      This default implementation does nothing.

      Extensions of this class may overwrite to cleanup any internal state.

      Specified by:
      authenticationFailed in interface AuthenticationFeedbackHandler
      Parameters:
      request - The current request
      response - The current response
      authInfo - The AuthenticationInfo object used to authenticate the request.

    • authenticationSucceeded

      public boolean authenticationSucceeded(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationInfo authInfo)
      This default implementation calls the handleRedirect(HttpServletRequest, HttpServletResponse) method to optionally redirect the request after successful authentication.

      Extensions of this class may overwrite this method to perform additional cleanup etc.

      Specified by:
      authenticationSucceeded in interface AuthenticationFeedbackHandler
      Parameters:
      request - The current request
      response - The current response
      authInfo - The AuthenticationInfo object used to authenticate the request.
      Returns:
      the result of calling the handleRedirect(HttpServletRequest, HttpServletResponse) method.