public class FormAuthenticator extends LoginAuthenticator
This authenticator implements form authentication will use dispatchers to
the login page if the __FORM_DISPATCH
init parameter is set to true.
Otherwise it will redirect.
The form authenticator redirects unauthenticated requests to a log page
which should use a form to gather username/password from the user and send them
to the /j_security_check URI within the context. FormAuthentication uses
SessionAuthentication
to wrap Authentication results so that they
are associated with the session.
Modifier and Type | Class and Description |
---|---|
static class |
FormAuthenticator.FormAuthentication
This Authentication represents a just completed Form authentication.
|
protected static class |
FormAuthenticator.FormRequest |
protected static class |
FormAuthenticator.FormResponse |
Authenticator.AuthConfiguration, Authenticator.Factory
Modifier and Type | Field and Description |
---|---|
static String |
__FORM_DISPATCH |
static String |
__FORM_ERROR_PAGE |
static String |
__FORM_LOGIN_PAGE |
static String |
__J_METHOD |
static String |
__J_PASSWORD |
static String |
__J_POST |
static String |
__J_SECURITY_CHECK |
static String |
__J_URI |
static String |
__J_USERNAME |
_identityService, _loginService
Constructor and Description |
---|
FormAuthenticator() |
FormAuthenticator(String login,
String error,
boolean dispatch) |
Modifier and Type | Method and Description |
---|---|
boolean |
getAlwaysSaveUri() |
String |
getAuthMethod() |
boolean |
isJSecurityCheck(String uri) |
boolean |
isLoginOrErrorPage(String pathInContext) |
UserIdentity |
login(String username,
Object password,
ServletRequest request) |
void |
prepareRequest(ServletRequest request)
Called prior to validateRequest.
|
boolean |
secureResponse(ServletRequest req,
ServletResponse res,
boolean mandatory,
Authentication.User validatedUser) |
void |
setAlwaysSaveUri(boolean alwaysSave)
If true, uris that cause a redirect to a login page will always
be remembered.
|
void |
setConfiguration(Authenticator.AuthConfiguration configuration)
Configure the Authenticator
|
Authentication |
validateRequest(ServletRequest req,
ServletResponse res,
boolean mandatory)
Validate a request
|
getLoginService, renewSession
public static final String __FORM_LOGIN_PAGE
public static final String __FORM_ERROR_PAGE
public static final String __FORM_DISPATCH
public static final String __J_URI
public static final String __J_POST
public static final String __J_METHOD
public static final String __J_SECURITY_CHECK
public static final String __J_USERNAME
public static final String __J_PASSWORD
public void setAlwaysSaveUri(boolean alwaysSave)
alwaysSave
- public boolean getAlwaysSaveUri()
public void setConfiguration(Authenticator.AuthConfiguration configuration)
Authenticator
setConfiguration
in interface Authenticator
setConfiguration
in class LoginAuthenticator
LoginAuthenticator.setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)
public String getAuthMethod()
public UserIdentity login(String username, Object password, ServletRequest request)
login
in class LoginAuthenticator
public void prepareRequest(ServletRequest request)
Authenticator
prepareRequest
in interface Authenticator
prepareRequest
in class LoginAuthenticator
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
Authenticator
req
- The requestres
- The responsemandatory
- True if authentication is mandatory.Authentication.User
. If a response has
been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will
implement Authentication.ResponseSent
. If Authentication is not manditory, then a
Authentication.Deferred
may be returned.ServerAuthException
public boolean isJSecurityCheck(String uri)
public boolean isLoginOrErrorPage(String pathInContext)
public boolean secureResponse(ServletRequest req, ServletResponse res, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException
ServerAuthException
Copyright © 1995-2015 Webtide. All Rights Reserved.