org.apache.sling.auth.core

Class AuthConstants

java.lang.Object

org.apache.sling.auth.core.AuthConstants

public final class AuthConstants
extends Object

The AuthConstants provides a collection of constants used to configure and customize the Sling authentication infrastructure.

This class can neither be extended from nor can it be instantiated.

Since:

1.1 (bundle version 1.0.8)

Field Summary

Fields

Modifier and Type	Field and Description
static String	AUTH_HANDLER_BROWSER_ONLY Service Registration property which may be set by an AuthenticationHandler service to indicate whether its AuthenticationHandler.requestCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method supports non-browser requests (according to AuthUtil.isBrowserRequest(javax.servlet.http.HttpServletRequest) or not.
static String	AUTH_INFO_LOGIN Marker property in the AuthenticationInfo object returned by the AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method indicating a first authentication considered to be a login.
static String	AUTH_REQUIREMENTS Any OSGi service may provide a sling.auth.requirements registration property which is used to dynamically extend the authentication requirements from the Authentication Requirements configuration.
static String	PAR_J_VALIDATE The name of the request parameter indicating that the submitted username and password should just be checked and a status code be set for success (200/OK) or failure (403/FORBIDDEN).
static String	TOPIC_LOGIN The topic for the OSGi event which is sent when a user has logged in successfully.
static String	X_REASON The name of the request header set by the #sendInvalid(HttpServletRequest, HttpServletResponse) method if the provided credentials cannot be used for login.
static String	X_REASON_CODE The name of the request header set by the #sendInvalid(HttpServletRequest, HttpServletResponse) method if the provided credentials cannot be used for login.

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PAR_J_VALIDATE

public static final String PAR_J_VALIDATE

The name of the request parameter indicating that the submitted username and password should just be checked and a status code be set for success (200/OK) or failure (403/FORBIDDEN).

See Also:

#isValidateRequest(HttpServletRequest), #sendValid(HttpServletResponse), #sendInvalid(HttpServletRequest, HttpServletResponse), Constant Field Values

X_REASON

public static final String X_REASON

The name of the request header set by the #sendInvalid(HttpServletRequest, HttpServletResponse) method if the provided credentials cannot be used for login.

This header may be inspected by clients for a reason why the request failed.

See Also:

#sendInvalid(HttpServletRequest, HttpServletResponse), Constant Field Values

X_REASON_CODE

public static final String X_REASON_CODE

The name of the request header set by the #sendInvalid(HttpServletRequest, HttpServletResponse) method if the provided credentials cannot be used for login.

This header may be inspected by clients for a a detailed reason code why the request failed.

See Also:

#sendInvalid(HttpServletRequest, HttpServletResponse), Constant Field Values

AUTH_HANDLER_BROWSER_ONLY

public static final String AUTH_HANDLER_BROWSER_ONLY

Service Registration property which may be set by an AuthenticationHandler service to indicate whether its AuthenticationHandler.requestCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method supports non-browser requests (according to AuthUtil.isBrowserRequest(javax.servlet.http.HttpServletRequest) or not.

For backwards compatibility with existing AuthenticationHandler services the default assumption in the absence of this property is that all requests are supported.

If this property is set to true or yes (case-insensitive check) the handler is not called for requests assumed to be sent from non-browser clients. Any other value of this property indicates support for non-browser requests by the handler.

Note that this property only influences whether the requestCredentials method is called or not. The extractCredentials and dropCredentials are called regardless of this property.

See Also:

Constant Field Values

AUTH_INFO_LOGIN

public static final String AUTH_INFO_LOGIN

Marker property in the AuthenticationInfo object returned by the AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method indicating a first authentication considered to be a login.

By setting this property to any non-null value an AuthenticationHandler indicates, that the TOPIC_LOGIN event should be fired after successfully acquiring the ResourceResolver.

See Also:

Constant Field Values

TOPIC_LOGIN

public static final String TOPIC_LOGIN

The topic for the OSGi event which is sent when a user has logged in successfully. The event contains at least the SlingConstants.PROPERTY_USERID and the AuthenticationInfo.AUTH_TYPE properties.

See Also:

Constant Field Values

AUTH_REQUIREMENTS

public static final String AUTH_REQUIREMENTS

Any OSGi service may provide a sling.auth.requirements registration property which is used to dynamically extend the authentication requirements from the Authentication Requirements configuration. This may for example be set by AuthenticationHandler implementations providing a login form to ensure access to the login form does not require authentication. The value of this property is a single string, an array of strings or a Collection of strings and is formatted in the same way as the Authentication Requirements configuration property.

See Also:

Constant Field Values