Package org.apache.wicket.authentication.strategy

Class DefaultAuthenticationStrategy

  • All Implemented Interfaces:
    IAuthenticationStrategy
    public class DefaultAuthenticationStrategy
extends java.lang.Object
implements IAuthenticationStrategy
    Wicket's default implementation of an authentication strategy. It'll concatenate username and password, encrypt it and put it into one Cookie.
    Author:
    Juergen Donnerstag

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected java.lang.String cookieKey
      The cookie name to store the username and password
      protected java.lang.String encryptionKey
      The key to use for encrypting/decrypting the cookie value
      protected java.lang.String VALUE_SEPARATOR
      The separator used to concatenate the username and password

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected java.lang.String[] decode​(java.lang.String value)
      This method will decode decrypted cookie value based on application needs
      protected java.lang.String encode​(java.lang.String credential, java.lang.String... extraCredentials)
      This method can be overridden to provide different encoding mechanism
      protected CookieUtils getCookieUtils()
      Make sure you always return a valid CookieUtils
      protected org.apache.wicket.util.crypt.ICrypt getCrypt()  
      java.lang.String[] load()
      If "rememberMe" is enabled, then load the saved credentials (e.g.
      void remove()
      When the user logs out (session invalidation), than remove username and password from the persistence store
      void save​(java.lang.String credential, java.lang.String... extraCredentials)
      If "rememberMe" is enabled and login was successful, then store the given credentials in the persistence store (e.g.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • cookieKey

        protected final java.lang.String cookieKey
        The cookie name to store the username and password

      • encryptionKey

        protected final java.lang.String encryptionKey
        The key to use for encrypting/decrypting the cookie value

      • VALUE_SEPARATOR

        protected final java.lang.String VALUE_SEPARATOR
        The separator used to concatenate the username and password
        See Also:
        Constant Field Values

    • Constructor Detail

      • DefaultAuthenticationStrategy

        public DefaultAuthenticationStrategy​(java.lang.String cookieKey)
        Constructor
        Parameters:
        cookieKey - The name of the cookie

      • DefaultAuthenticationStrategy

        public DefaultAuthenticationStrategy​(java.lang.String cookieKey,
                                     java.lang.String encryptionKey)

    • Method Detail

      • getCookieUtils

        protected CookieUtils getCookieUtils()
        Make sure you always return a valid CookieUtils
        Returns:
        CookieUtils

      • getCrypt

        protected org.apache.wicket.util.crypt.ICrypt getCrypt()
        Returns:
        The crypt engine to be used

      • load

        public java.lang.String[] load()
        Description copied from interface: IAuthenticationStrategy
        If "rememberMe" is enabled, then load the saved credentials (e.g. username and password) from the persistence storage (e.g. Cookie) for automatic sign in. This is useful for applications which users typically have open the whole day but where the server invalidates the session after a timeout and you want to force the user to sign in again and again during the day.
        Specified by:
        load in interface IAuthenticationStrategy
        Returns:
        The saved credentials

      • decode

        protected java.lang.String[] decode​(java.lang.String value)
        This method will decode decrypted cookie value based on application needs
        Parameters:
        value - decrypted cookie value
        Returns:
        decomposed values array, or null in case cookie value was empty.

      • save

        public void save​(java.lang.String credential,
                 java.lang.String... extraCredentials)
        Description copied from interface: IAuthenticationStrategy
        If "rememberMe" is enabled and login was successful, then store the given credentials in the persistence store (e.g. Cookie).

        The implementation of this method should be symmetrical with the implementation of IAuthenticationStrategy.load().

        Specified by:
        save in interface IAuthenticationStrategy
        Parameters:
        credential - The credential to store. For example: a security token or username.
        extraCredentials - Optional extra credentials. For example: a password

      • encode

        protected java.lang.String encode​(java.lang.String credential,
                                  java.lang.String... extraCredentials)
        This method can be overridden to provide different encoding mechanism
        Parameters:
        credential -
        extraCredentials -
        Returns:
        String representation of the parameters given