AuthenticationHandler
insteadpublic interface AuthenticationHandler
AuthenticationHandler
interface defines the service API used
by the authentication implementation to support plugin various ways of
extracting credentials from the request.Modifier and Type | Field and Description |
---|---|
static String |
PATH_PROPERTY
Deprecated.
An authentication handler is associated with url paths.
|
Modifier and Type | Method and Description |
---|---|
AuthenticationInfo |
authenticate(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Deprecated.
Extracts credential data from the request if at all contained.
|
boolean |
requestAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Deprecated.
Requests authentication information from the client.
|
static final String PATH_PROPERTY
AuthenticationInfo authenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
The method returns any of the following values :
value | description |
---|---|
null
| no user details were contained in the request or the handler is not capable or willing to extract credentials from the request |
AuthenticationInfo.DOING_AUTH
| the handler is in an ongoing authentication transaction with the client. Request processing should be aborted at this stage. |
AuthenticationInfo object
| The user sent credentials. The returned object contains the credentials as well as the type of authentication transmission employed. |
The method must not request credential information from the client, if they are not found in the request.
The value of PATH_PROPERTY
service registration property value
triggering this call is available as the path
request
attribute. If the service is registered with multiple path values, the
value of the path
request attribute may be used to implement
specific handling.
request
- The request object containing the information for the
authentication.response
- The response object which may be used to send the
information on the request failure to the user.AuthenticationInfo
instance identifying the
request user, AuthenticationInfo.DOING_AUTH
if the
handler is in an authentication transaction with the client or
null if the request does not contain authentication information.
In case of AuthenticationInfo.DOING_AUTH
, the method must
have sent a response indicating that fact to the client.boolean requestAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException
true
if the information has been requested and request
processing can be terminated normally. Otherwise the authorization
information could not be requested.
Any response sent by the handler though the sendError
method
is also handled by the error handler infrastructure.
The value of PATH_PROPERTY
service registration property value
triggering this call is available as the path
request
attribute. If the service is registered with multiple path values, the
value of the path
request attribute may be used to implement
specific handling.
request
- The request object.response
- The response object to which to send the request.true
if the handler is able to end an authentication
inquiry for the given request. false
otherwise.IOException
- If an error occurrs sending the authentication
inquiry to the client.Copyright © 2014 The Apache Software Foundation. All rights reserved.