Class DefaultAuthenticationStrategy
- java.lang.Object
-
- org.apache.wicket.authentication.strategy.DefaultAuthenticationStrategy
-
- All Implemented Interfaces:
IAuthenticationStrategy
public class DefaultAuthenticationStrategy extends java.lang.Object implements IAuthenticationStrategy
Wicket's default implementation of an authentication strategy. It'll concatenate username and password, encrypt it and put it into one Cookie.- Author:
- Juergen Donnerstag
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
cookieKey
The cookie name to store the username and passwordprotected java.lang.String
encryptionKey
The key to use for encrypting/decrypting the cookie valueprotected java.lang.String
VALUE_SEPARATOR
The separator used to concatenate the username and password
-
Constructor Summary
Constructors Constructor Description DefaultAuthenticationStrategy(java.lang.String cookieKey)
ConstructorDefaultAuthenticationStrategy(java.lang.String cookieKey, java.lang.String encryptionKey)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected java.lang.String[]
decode(java.lang.String value)
This method will decode decrypted cookie value based on application needsprotected java.lang.String
encode(java.lang.String credential, java.lang.String... extraCredentials)
This method can be overridden to provide different encoding mechanismprotected CookieUtils
getCookieUtils()
Make sure you always return a valid CookieUtilsprotected org.apache.wicket.util.crypt.ICrypt
getCrypt()
java.lang.String[]
load()
If "rememberMe" is enabled, then load the saved credentials (e.g.void
remove()
When the user logs out (session invalidation), than remove username and password from the persistence storevoid
save(java.lang.String credential, java.lang.String... extraCredentials)
If "rememberMe" is enabled and login was successful, then store the given credentials in the persistence store (e.g.
-
-
-
Field Detail
-
cookieKey
protected final java.lang.String cookieKey
The cookie name to store the username and password
-
encryptionKey
protected final java.lang.String encryptionKey
The key to use for encrypting/decrypting the cookie value
-
VALUE_SEPARATOR
protected final java.lang.String VALUE_SEPARATOR
The separator used to concatenate the username and password- See Also:
- Constant Field Values
-
-
Constructor Detail
-
DefaultAuthenticationStrategy
public DefaultAuthenticationStrategy(java.lang.String cookieKey)
Constructor- Parameters:
cookieKey
- The name of the cookie
-
DefaultAuthenticationStrategy
public DefaultAuthenticationStrategy(java.lang.String cookieKey, java.lang.String encryptionKey)
-
-
Method Detail
-
getCookieUtils
protected CookieUtils getCookieUtils()
Make sure you always return a valid CookieUtils- Returns:
- CookieUtils
-
getCrypt
protected org.apache.wicket.util.crypt.ICrypt getCrypt()
- Returns:
- The crypt engine to be used
-
load
public java.lang.String[] load()
Description copied from interface:IAuthenticationStrategy
If "rememberMe" is enabled, then load the saved credentials (e.g. username and password) from the persistence storage (e.g. Cookie) for automatic sign in. This is useful for applications which users typically have open the whole day but where the server invalidates the session after a timeout and you want to force the user to sign in again and again during the day.- Specified by:
load
in interfaceIAuthenticationStrategy
- Returns:
- The
saved
credentials
-
decode
protected java.lang.String[] decode(java.lang.String value)
This method will decode decrypted cookie value based on application needs- Parameters:
value
- decrypted cookie value- Returns:
- decomposed values array, or null in case cookie value was empty.
-
save
public void save(java.lang.String credential, java.lang.String... extraCredentials)
Description copied from interface:IAuthenticationStrategy
If "rememberMe" is enabled and login was successful, then store the given credentials in the persistence store (e.g. Cookie).The implementation of this method should be symmetrical with the implementation of
IAuthenticationStrategy.load()
.- Specified by:
save
in interfaceIAuthenticationStrategy
- Parameters:
credential
- The credential to store. For example: a security token or username.extraCredentials
- Optional extra credentials. For example: a password
-
encode
protected java.lang.String encode(java.lang.String credential, java.lang.String... extraCredentials)
This method can be overridden to provide different encoding mechanism- Parameters:
credential
-extraCredentials
-- Returns:
- String representation of the parameters given
-
remove
public void remove()
Description copied from interface:IAuthenticationStrategy
When the user logs out (session invalidation), than remove username and password from the persistence store- Specified by:
remove
in interfaceIAuthenticationStrategy
-
-