Package org.apache.wicket.authentication

Interface IAuthenticationStrategy

All Known Implementing Classes:

DefaultAuthenticationStrategy, NoOpAuthenticationStrategy

public interface IAuthenticationStrategy

The interface of an authentication strategy which is accessible via Application.getSecuritySettings(). Implementations determine how logon data (username and password) are persisted (e.g. Cookie), retrieved and removed.

Author:

Juergen Donnerstag

Method Summary

Modifier and Type	Method	Description
String[]	load()	If "rememberMe" is enabled, then load the saved credentials (e.g.
void	remove()	When the user logs out (session invalidation), then remove username and password from the persistence store
void	save(String credential, String... extraCredentials)	If "rememberMe" is enabled and login was successful, then store the given credentials in the persistence store (e.g.

Method Details

load

String[] load()

If "rememberMe" is enabled, then load the saved credentials (e.g. username and password) from the persistence storage (e.g. Cookie) for automatic sign in. This is useful for applications which users typically have open the whole day but where the server invalidates the session after a timeout and you want to force the user to sign in again and again during the day.

Returns:

The saved credentials

save

void save(String credential,
 String... extraCredentials)

If "rememberMe" is enabled and login was successful, then store the given credentials in the persistence store (e.g. Cookie).

The implementation of this method should be symmetrical with the implementation of load().

Parameters:

credential - The credential to store. For example: a security token or username.

extraCredentials - Optional extra credentials. For example: a password

remove

void remove()

When the user logs out (session invalidation), then remove username and password from the persistence store