Interface AuthenticationSupport
-
@Deprecated(since="2015") public interface AuthenticationSupport
Deprecated.Use Apache Sling's org.apache.sling.auth.core package instead.TheAuthenticationSupport
provides the service API used to implement theHttpContext.handleSecurity
method as defined in the OSGi Http Service specification.Bundles registering servlets and/or resources with custom
HttpContext
implementations may implement thehandleSecurity
method using this service. ThehandleSecurity(HttpServletRequest, HttpServletResponse)
method implemented by this service exactly implements the specification of theHttpContext.handleSecurity
method.A simple implementation of the
HttpContext
interface based on this could be (using SCR JavaDoc tags of the Maven SCR Plugin) :/** @scr.component */ public class MyHttpContext implements HttpContext { /** @scr.reference */ private AuthenticationSupport authSupport; /** @scr.reference */ private MimeTypeService mimeTypes; public boolean handleSecurity(HttpServletRequest request, HttpServletResponse response) { return authSupport.handleSecurity(request, response); } public URL getResource(String name) { return null; } public String getMimeType(String name) { return mimeTypes.getMimeType(name); } }
This interface is implemented by this bundle and is not intended to be implemented by client bundles.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
REDIRECT_PARAMETER
Deprecated.The name of the request parameter indicating where to redirect to after successful authentication (and optional impersonation).static java.lang.String
REQUEST_ATTRIBUTE_RESOLVER
Deprecated.The name of the request attribute set by thehandleSecurity(HttpServletRequest, HttpServletResponse)
method if authentication succeeds andtrue
is returned.static java.lang.String
SERVICE_NAME
Deprecated.The name under which this service is registered.
-
Method Summary
All Methods Instance Methods Abstract Methods Deprecated Methods Modifier and Type Method Description boolean
handleSecurity(HttpServletRequest request, HttpServletResponse response)
Deprecated.Handles security on behalf of a custom OSGi Http ServiceHttpContext
instance extracting credentials from the request using any registeredAuthenticationHandler
services.
-
-
-
Field Detail
-
SERVICE_NAME
static final java.lang.String SERVICE_NAME
Deprecated.The name under which this service is registered.- See Also:
- Constant Field Values
-
REQUEST_ATTRIBUTE_RESOLVER
static final java.lang.String REQUEST_ATTRIBUTE_RESOLVER
Deprecated.The name of the request attribute set by thehandleSecurity(HttpServletRequest, HttpServletResponse)
method if authentication succeeds andtrue
is returned.The request attribute is set to a Sling
ResourceResolver
attached to the JCR repository using the credentials provided by the request.- See Also:
- Constant Field Values
-
REDIRECT_PARAMETER
static final java.lang.String REDIRECT_PARAMETER
Deprecated.The name of the request parameter indicating where to redirect to after successful authentication (and optional impersonation). This parameter is respected if either anonymous authentication or regular authentication succeed.If authentication fails, either because the credentials are wrong or because anonymous authentication fails or because anonymous authentication is not allowed for the request, the parameter is ignored and the
AuthenticationHandler.requestCredentials(HttpServletRequest, HttpServletResponse)
method is called to request authentication.- See Also:
- Constant Field Values
-
-
Method Detail
-
handleSecurity
boolean handleSecurity(HttpServletRequest request, HttpServletResponse response)
Deprecated.Handles security on behalf of a custom OSGi Http ServiceHttpContext
instance extracting credentials from the request using any registeredAuthenticationHandler
services. If the credentials can be extracted and used to log into the JCR repository this method sets the request attributes required by the OSGi Http Service specification plus theREQUEST_ATTRIBUTE_RESOLVER
attribute.- Parameters:
request
- The HTTP request to be authenticatedresponse
- The HTTP response to send any response to in case of problems.- Returns:
true
if authentication succeeded and the request attribtues are set. Iffalse
is returned the request is immediately terminated and no request attributes are set.
-
-