Class FormAuthenticator
- java.lang.Object
-
- org.apache.catalina.valves.ValveBase
-
- org.apache.catalina.authenticator.AuthenticatorBase
-
- org.apache.catalina.authenticator.FormAuthenticator
-
- All Implemented Interfaces:
Authenticator
,Contained
,Lifecycle
,Valve
,GlassFishValve
public class FormAuthenticator extends AuthenticatorBase
An Authenticator and Valve implementation of FORM BASED Authentication, as described in the Servlet API Specification, Version 2.2.- Version:
- $Revision: 1.8.2.2 $ $Date: 2008/04/17 18:37:04 $
- Author:
- Craig R. McClanahan, Remy Maucherat
-
-
Field Summary
Fields Modifier and Type Field Description protected static String
info
Descriptive information about this implementation.-
Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase
alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, entropy, random, randomClass, REALM_NAME, securePagesWithPragma, SESSION_ID_BYTES, sso
-
Fields inherited from class org.apache.catalina.valves.ValveBase
container, controller, debug, domain, lifecycle, log, next, oname, rb, started
-
Fields inherited from interface org.glassfish.web.valve.GlassFishValve
END_PIPELINE, INVOKE_NEXT
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, INIT_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description FormAuthenticator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
authenticate(HttpRequest request, HttpResponse response, LoginConfig config)
Authenticate the user making this request, based on the specified login configuration.protected void
forwardToErrorPage(HttpRequest request, HttpResponse response, LoginConfig config)
Called to forward to the error page.protected void
forwardToLoginPage(HttpRequest request, HttpResponse response, LoginConfig config)
Called to forward to the login page.protected String
getAuthMethod()
String
getInfo()
Return descriptive information about this Valve implementation.protected boolean
matchRequest(HttpRequest request)
Does this request match the saved one (so that it must be the redirect we signaled after successful authentication?protected boolean
restoreRequest(HttpRequest request, Session session)
Restore the original request from information stored in our session.protected String
savedRequestURL(Session session)
Return the request URI (with the corresponding query string, if any) from the saved request so that we can redirect to it.protected void
saveRequest(HttpRequest request, Session session)
Save the original request information into our session.-
Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase
associate, doLogin, generateSessionId, getAlwaysUseSession, getCache, getContainer, getDebug, getDisableProxyCaching, getEntropy, getRandom, getRandomClass, getRealmName, getSession, getSession, getSingleSignOn, invoke, isChangeSessionIdOnAuthentication, isSecurePagesWithPragma, log, log, login, logout, postInvoke, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDebug, setDisableProxyCaching, setEntropy, setRandomClass, setRealmName, setSecurePagesWithPragma, setSingleSignOn, start, stop
-
Methods inherited from class org.apache.catalina.valves.ValveBase
addLifecycleListener, backgroundProcess, createObjectName, event, findLifecycleListeners, getController, getDomain, getNext, getObjectName, getParentName, invoke, isStarted, removeLifecycleListener, setController, setNext, setObjectName
-
-
-
-
Field Detail
-
info
protected static final String info
Descriptive information about this implementation.- See Also:
- Constant Field Values
-
-
Method Detail
-
getInfo
public String getInfo()
Return descriptive information about this Valve implementation.- Specified by:
getInfo
in interfaceGlassFishValve
- Specified by:
getInfo
in interfaceValve
- Overrides:
getInfo
in classAuthenticatorBase
-
authenticate
public boolean authenticate(HttpRequest request, HttpResponse response, LoginConfig config) throws IOException
Authenticate the user making this request, based on the specified login configuration. Returntrue
if any specified constraint has been satisfied, orfalse
if we have created a response challenge already.- Specified by:
authenticate
in classAuthenticatorBase
- Parameters:
request
- Request we are processingresponse
- Response we are creatingconfig
- Login configuration describing how authentication should be performed- Throws:
IOException
- if an input/output error occurs
-
getAuthMethod
protected String getAuthMethod()
- Specified by:
getAuthMethod
in classAuthenticatorBase
-
matchRequest
protected boolean matchRequest(HttpRequest request)
Does this request match the saved one (so that it must be the redirect we signaled after successful authentication?- Parameters:
request
- The request to be verified
-
restoreRequest
protected boolean restoreRequest(HttpRequest request, Session session) throws IOException
Restore the original request from information stored in our session. If the original request is no longer present (because the session timed out), returnfalse
; otherwise, returntrue
.- Parameters:
request
- The request to be restoredsession
- The session containing the saved information- Throws:
IOException
-
forwardToLoginPage
protected void forwardToLoginPage(HttpRequest request, HttpResponse response, LoginConfig config)
Called to forward to the login page. may redirect current request to HTTPS- Parameters:
request
- HttpRequest we are processingresponse
- HttpResponse we are creatingconfig
- Login configuration describing how authentication should be performed
-
forwardToErrorPage
protected void forwardToErrorPage(HttpRequest request, HttpResponse response, LoginConfig config)
Called to forward to the error page. may redirect current request to HTTPS- Parameters:
request
- HttpRequest we are processingresponse
- HttpResponse we are creatingconfig
- Login configuration describing how authentication should be performed
-
saveRequest
protected void saveRequest(HttpRequest request, Session session) throws IOException
Save the original request information into our session.- Parameters:
request
- The request to be savedsession
- The session to contain the saved information- Throws:
IOException
-
-