A C D E F G H I L N O P R S T U V X
All Classes All Packages
All Classes All Packages
All Classes All Packages
A
- AbstractAuthenticationFormServlet - Class in org.apache.sling.auth.core.spi
-
The
AbstractAuthenticationFormServlet
provides a basic implementation of a simple servlet to render a login form for authentication purposes. - AbstractAuthenticationFormServlet() - Constructor for class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
- AbstractAuthenticationHandler - Class in org.apache.sling.auth.core.spi
-
Deprecated.since Bundle 1.0.8;
AuthenticationHandler
implementations should extendDefaultAuthenticationFeedbackHandler
directly and use the utility methods in theAuthUtil
class. - AbstractAuthenticationHandler() - Constructor for class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.
- ACCOUNT_LOCKED - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
- ACCOUNT_NOT_FOUND - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
- ATTR_REQUEST_AUTH_URI_SUFFIX - Static variable in class org.apache.sling.auth.core.AuthConstants
-
The name of the request attribute containing the list of request URI suffixes handled by the default authenticator
org.apache.sling.auth.core.impl.SlingAuthenticator
. - AUTH_HANDLER_BROWSER_ONLY - Static variable in class org.apache.sling.auth.core.AuthConstants
-
Service Registration property which may be set by an
AuthenticationHandler
service to indicate whether itsAuthenticationHandler.requestCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method supports non-browser requests (according toAuthUtil.isBrowserRequest(javax.servlet.http.HttpServletRequest)
or not. - AUTH_INFO_LOGIN - Static variable in class org.apache.sling.auth.core.AuthConstants
-
Marker property in the
AuthenticationInfo
object returned by theAuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method indicating a first authentication considered to be a login. - AUTH_REQUIREMENTS - Static variable in class org.apache.sling.auth.core.AuthConstants
-
Any OSGi service may provide a
sling.auth.requirements
registration property which is used to dynamically extend the authentication requirements for theAuthenticationSupport
. - AUTH_TYPE - Static variable in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
The name of the special property providing the authentication type provided by the
AuthenticationHandler
. - AuthConstants - Class in org.apache.sling.auth.core
-
The
AuthConstants
provides a collection of constants used to configure and customize the Sling authentication infrastructure. - authenticate(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.engine.auth.AuthenticationHandler
-
Deprecated.Extracts credential data from the request if at all contained.
- authenticationFailed(HttpServletRequest, HttpServletResponse, AuthenticationInfo) - Method in interface org.apache.sling.auth.core.spi.AuthenticationFeedbackHandler
-
Called if authentication failed with the credentials provided in the
authInfo
map. - authenticationFailed(HttpServletRequest, HttpServletResponse, AuthenticationInfo) - Method in class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
-
This default implementation does nothing.
- AuthenticationFeedbackHandler - Interface in org.apache.sling.auth.core.spi
-
The
AuthenticationFeedbackHandler
may be implemented byAuthenticationHandler
services to request being informed on the success or failure of authentication. - AuthenticationHandler - Interface in org.apache.sling.auth.core.spi
-
The
AuthenticationHandler
interface defines the service API used by the authentication implementation to support plugin various ways of extracting credentials from the request. - AuthenticationHandler - Interface in org.apache.sling.engine.auth
-
Deprecated.use
AuthenticationHandler
instead - AuthenticationHandler.FAILURE_REASON_CODES - Enum in org.apache.sling.auth.core.spi
-
This enum indicates the supported detailed login failure reason codes:
invalid_login
: indicates username/password mismatch.password_expired
: indicates password has expired or was never set and change initial password is enabledaccount_locked
: the account was disabled or lockedaccount_not_found
: the account was not found (not the same as username password mismatch) - AuthenticationInfo - Class in org.apache.sling.auth.core.spi
-
The
AuthenticationInfo
conveys any authentication credentials and/or details extracted by theAuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method from the request. - AuthenticationInfo - Class in org.apache.sling.engine.auth
-
Deprecated.
- AuthenticationInfo(String) - Constructor for class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Creates an instance of this class with just the authentication type.
- AuthenticationInfo(String, String) - Constructor for class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Creates an instance of this class authenticating with the given type and userid.
- AuthenticationInfo(String, String, char[]) - Constructor for class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Creates an instance of this class authenticating with the given type and userid/password connecting.
- AuthenticationInfo(String, Credentials) - Constructor for class org.apache.sling.engine.auth.AuthenticationInfo
-
Deprecated.Creates an instance of this class with the given authentication type and credentials connecting to the default workspace as if the
AuthenticationInfo(String, Credentials, String)
method would be called with anull
workspace name. - AuthenticationInfo(String, Credentials, String) - Constructor for class org.apache.sling.engine.auth.AuthenticationInfo
-
Deprecated.Creates an instance of this class with the given authentication type and credentials.
- AuthenticationInfoPostProcessor - Interface in org.apache.sling.auth.core.spi
-
Service interface which allows bundles to modify the
AuthenticationInfo
object right after oneAuthenticationHandler
has returned an {AuthenticationInfo
from theAuthenticationHandler.extractCredentials(HttpServletRequest, HttpServletResponse)
method or an anonymousAuthenticationInfo
has been created. - authenticationSucceeded(HttpServletRequest, HttpServletResponse, AuthenticationInfo) - Method in interface org.apache.sling.auth.core.spi.AuthenticationFeedbackHandler
-
Called if authentication succeeded with the credentials provided in the
authInfo
map. - authenticationSucceeded(HttpServletRequest, HttpServletResponse, AuthenticationInfo) - Method in class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
-
This default implementation calls the
DefaultAuthenticationFeedbackHandler.handleRedirect(HttpServletRequest, HttpServletResponse)
method to optionally redirect the request after successful authentication. - AuthenticationSupport - Interface in org.apache.sling.auth.core
-
The
AuthenticationSupport
provides the service API used to implement theHttpContext.handleSecurity
method as defined in the OSGi Http Service specification. - Authenticator - Interface in org.apache.sling.engine.auth
-
Deprecated.use
AuthenticationSupport
instead - AuthUtil - Class in org.apache.sling.auth.core
-
The
AuthUtil
provides utility functions for implementations ofAuthenticationHandler
services and users of the Sling authentication infrastructure.
C
- checkReferer(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Check if the request is for this authentication handler.
- clear() - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Clears all properties from the map with the exception of the
AuthenticationInfo.AUTH_TYPE
property. - CUSTOM_FORM_PATH - Static variable in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
The path to the custom login form.
D
- DEFAULT_FORM_PATH - Static variable in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
The path to the default login form.
- DefaultAuthenticationFeedbackHandler - Class in org.apache.sling.auth.core.spi
- DefaultAuthenticationFeedbackHandler() - Constructor for class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
- doGet(HttpServletRequest, HttpServletResponse) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
Prepares and returns the login form.
- DOING_AUTH - Static variable in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
A special instance of this class which may be returned from the
AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method to inform the caller, that a response has been sent to the client to request for credentials. - DOING_AUTH - Static variable in class org.apache.sling.engine.auth.AuthenticationInfo
-
Deprecated.This object is returned by the
AuthenticationHandler.authenticate(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method to indicate an ongoing authentication transaction. - doPost(HttpServletRequest, HttpServletResponse) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
Prepares and returns the login form.
- dropCredentials(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
Drops any credential and authentication details from the request and asks the client to do the same.
E
- extractCredentials(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
Extracts credential data from the request if at all contained.
F
- FAIL_AUTH - Static variable in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
A special instance of this class which may be returned from the
AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method to inform the caller that credential extraction failed for some reason. - FAILURE_REASON - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
Name of the request attribute which may be set by the
AuthenticationHandler.extractCredentials(HttpServletRequest, HttpServletResponse)
method ifAuthenticationInfo.FAIL_AUTH
is returned. - FAILURE_REASON_CODE - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
Name of the request attribute which may be set by the
AuthenticationHandler.extractCredentials(HttpServletRequest, HttpServletResponse)
method ifAuthenticationInfo.FAIL_AUTH
is returned.
G
- getAttributeOrParameter(HttpServletRequest, String, String) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Returns the value of the named request attribute or parameter as a string as follows: If there is a request attribute of that name, which is a non-empty string, it is returned. If there is a non-empty request parameter of that name, this parameter is returned.
- getAttributeOrParameter(HttpServletRequest, String, String) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.since Bundle 1.0.8, use
AuthUtil.getAttributeOrParameter(HttpServletRequest, String, String)
- getAuthType() - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Returns the authentication type as stored in the
AuthenticationInfo.AUTH_TYPE
property in this map. - getAuthType() - Method in class org.apache.sling.engine.auth.AuthenticationInfo
-
Deprecated.Returns type of authentication provisioning.
- getContextPath(HttpServletRequest) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
Returns the context path for the authentication form request.
- getCredentials() - Method in class org.apache.sling.engine.auth.AuthenticationInfo
-
Deprecated.Returns the credentials extracted from the client request to use for authentication.
- getCustomFormPath() - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
Returns the path to the custom login form to load through the class loader of this instance using
Class.getResourceAsStream
. - getDefaultFormPath() - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
Returns the path to the default login form to load through the class loader of this instance using
Class.getResourceAsStream
. - getForm(HttpServletRequest) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
Returns the form to be sent back to the client for login providing an optional informational message and the optional target to redirect to after successfully logging in.
- getLoginResource(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Returns any resource target to redirect to after successful authentication.
- getLoginResource(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.since Bundle 1.0.8, use
AuthUtil.getLoginResource(HttpServletRequest, String)
- getPassword() - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Returns the password stored as the
ResourceResolverFactory.PASSWORD
property ornull
if the password is not set in this map. - getReason(HttpServletRequest) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
Returns an informational message according to the value provided in the
j_reason
request parameter. - getResource(HttpServletRequest) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
Returns the path to the resource to which the request should be redirected after successfully completing the form or an empty string if there is no
resource
request parameter. - getUser() - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Returns the user name stored as the
ResourceResolverFactory.USER
property ornull
if the user is not set in this map. - getWorkspaceName() - Method in class org.apache.sling.engine.auth.AuthenticationInfo
-
Deprecated.Returns the name of the workspace the user contained in this instance wishes to connect to.
H
- handleRedirect(HttpServletRequest, HttpServletResponse) - Static method in class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
-
Handles an optional request for a redirect after successful authentication and
true
if the request has been redirected. - handleSecurity(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.AuthenticationSupport
-
Handles security on behalf of a custom OSGi Http Service
HttpContext
instance extracting credentials from the request using any registeredAuthenticationHandler
services.
I
- INVALID_LOGIN - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
- isAjaxRequest(HttpServletRequest) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Returns
true
if the request is to be considered an AJAX request placed using theXMLHttpRequest
browser host object. - isBrowserRequest(HttpServletRequest) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Returns
true
if the given request can be assumed to be sent by a client browser such as Firefix, Internet Explorer, etc. - isRedirectValid(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Returns
true
if the given redirecttarget
is valid according to the following list of requirements: Thetarget
is neithernull
nor an empty string Thetarget
is not an URL which is identified by the character sequence://
separating the scheme from the host Thetarget
is normalized such that it contains no consecutive slashes and no path segment contains a single or double dot Thetarget
must be prefixed with the servlet context path If aResourceResolver
is available as a request attribute thetarget
(without the servlet context path prefix) must resolve to an existing resource If aResourceResolver
is not available as a request attribute thetarget
must be an absolute path starting with a slash character does not contain any of the characters<
,>
,'
, or"
in plain or URL encoding - isRedirectValid(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.This method has been introduced after Bundle release 1.0.6 but has been replaced with
AuthUtil.isRedirectValid(HttpServletRequest, String)
. Use the latter method. - isValidateRequest(HttpServletRequest) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Returns
true
if the the client just asks for validation of submitted username/password credentials. - isValidateRequest(HttpServletRequest) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.since Bundle 1.0.8, use
AuthUtil.isValidateRequest(HttpServletRequest)
L
- login(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.engine.auth.Authenticator
-
Deprecated.Finds an
AuthenticationHandler
for the given request and call itsAuthenticationHandler.requestAuthentication(HttpServletRequest, HttpServletResponse)
method to initiate an authentication process with the client to login to Sling.
N
- NoAuthenticationHandlerException - Exception in org.apache.sling.engine.auth
-
Deprecated.see
Authenticator
- NoAuthenticationHandlerException() - Constructor for exception org.apache.sling.engine.auth.NoAuthenticationHandlerException
-
Deprecated.
O
- org.apache.sling.auth.core - package org.apache.sling.auth.core
-
Provides the authentication helper service as well as a number of utility functions in the
AuthUtil
class. - org.apache.sling.auth.core.spi - package org.apache.sling.auth.core.spi
-
Provides API to be implemented by provides of authentication mechanisms.
- org.apache.sling.engine.auth - package org.apache.sling.engine.auth
-
Provides the original authentication handler service API initially bundled with the Sling Engine bundle.
P
- PAR_J_VALIDATE - Static variable in class org.apache.sling.auth.core.AuthConstants
-
The name of the request parameter indicating that the submitted username and password should just be checked and a status code be set for success (200/OK) or failure (403/FORBIDDEN).
- PASSWORD_EXPIRED - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
- PASSWORD_EXPIRED_AND_NEW_PASSWORD_IN_HISTORY - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
- PATH_PROPERTY - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
The name of the service registration property listing one or more URL paths for which the authentication handler is to be used.
- PATH_PROPERTY - Static variable in interface org.apache.sling.engine.auth.AuthenticationHandler
-
Deprecated.An authentication handler is associated with url paths.
- postProcess(AuthenticationInfo, HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.spi.AuthenticationInfoPostProcessor
-
Perform some post-processing on the AuthenticationInfo object.
- put(String, Object) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Sets or resets a property with the given
key
to a newvalue
.
R
- REDIRECT_PARAMETER - Static variable in interface org.apache.sling.auth.core.AuthenticationSupport
-
The name of the request parameter indicating where to redirect to after successful authentication (and optional impersonation).
- remove(Object) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
-
Removes the entry with the given
key
and returns its former value (if existing). - REQUEST_ATTRIBUTE_RESOLVER - Static variable in interface org.apache.sling.auth.core.AuthenticationSupport
-
The name of the request attribute set by the
AuthenticationSupport.handleSecurity(HttpServletRequest, HttpServletResponse)
method if authentication succeeds andtrue
is returned. - REQUEST_LOGIN_PARAMETER - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
The request parameter which may be used to explicitly select an authentication handler by its
type
if authentication will be requested throughAuthenticationHandler.requestCredentials(HttpServletRequest, HttpServletResponse)
. - requestAuthentication(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.engine.auth.AuthenticationHandler
-
Deprecated.Requests authentication information from the client.
- requestCredentials(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
Requests authentication information from the client.
S
- sendInvalid(HttpServletRequest, HttpServletResponse) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Sends a 403/FORBIDDEN response optionally stating the reason for this response code in the
AuthConstants.X_REASON
header. - sendInvalid(HttpServletRequest, HttpServletResponse) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.since Bundle 1.0.8, use
AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)
- sendRedirect(HttpServletRequest, HttpServletResponse, String, Map<String, String>) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Redirects to the given target path appending any parameters provided in the parameter map.
- sendRedirect(HttpServletRequest, HttpServletResponse, String, Map<String, String>) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.since Bundle 1.0.8, use
AuthUtil.sendRedirect(HttpServletRequest, HttpServletResponse, String, Map)
- sendValid(HttpServletResponse) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Sends a 200/OK response to a credential validation request.
- sendValid(HttpServletResponse) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.since Bundle 1.0.8, use
AuthUtil.sendValid(HttpServletResponse)
- SERVICE_NAME - Static variable in interface org.apache.sling.auth.core.AuthenticationSupport
-
The name under which this service is registered.
- SERVICE_NAME - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
The name under which an implementation of this interface must be registered to be used as an authentication handler.
- SERVICE_NAME - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationInfoPostProcessor
-
The name under which an implementation of this interface must be registered to be used as an authentication info post processor.
- setAuthType(String) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
- setLoginResourceAttribute(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.AuthUtil
-
Ensures and returns the
Authenticator.LOGIN_RESOURCE
request attribute is set to a non-null, non-empty string. - setLoginResourceAttribute(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
-
Deprecated.since Bundle 1.0.8, use
AuthUtil.setLoginResourceAttribute(HttpServletRequest, String)
- setPassword(char[]) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
- setUser(String) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
T
- TOPIC_LOGIN - Static variable in class org.apache.sling.auth.core.AuthConstants
-
The topic for the OSGi event which is sent when a user has logged in successfully.
- TOPIC_LOGIN_FAILED - Static variable in class org.apache.sling.auth.core.AuthConstants
-
The topic for the OSGi event which is sent when a user has failed to login successfully.
- toString() - Method in enum org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
- TYPE_PROPERTY - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler
-
The name of the service registration property (single string) providing the authentication type of authentication handler.
U
- UNKNOWN - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
V
- valueOf(String) - Static method in enum org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
-
Returns the enum constant of this type with the specified name.
- values() - Static method in enum org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
-
Returns an array containing the constants of this enum type, in the order they are declared.
X
- X_REASON - Static variable in class org.apache.sling.auth.core.AuthConstants
-
The name of the request header set by the
AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)
method if the provided credentials cannot be used for login. - X_REASON_CODE - Static variable in class org.apache.sling.auth.core.AuthConstants
-
The name of the request header set by the
AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)
method if the provided credentials cannot be used for login.
All Classes All Packages