public abstract class SecurityHandler extends HandlerWrapper implements Authenticator.AuthConfiguration
Select and apply an Authenticator
to a request.
The Authenticator may either be directly set on the handler
or will be create during AbstractLifeCycle.start()
with a call to
either the default or set AuthenticatorFactory.
SecurityHandler has a set of initparameters that are used by the Authentication.Configuration. At startup, any context init parameters that start with "org.eclipse.jetty.security." that do not have values in the SecurityHandler init parameters, are copied.
Modifier and Type | Class and Description |
---|---|
class |
SecurityHandler.NotChecked |
AbstractHandler.ErrorDispatchHandler
AbstractLifeCycle.AbstractLifeCycleListener
LifeCycle.Listener
Container.InheritedListener, Container.Listener
Modifier and Type | Field and Description |
---|---|
static java.security.Principal |
__NO_USER |
static java.security.Principal |
__NOBODY
Nobody user.
|
_handler
Modifier | Constructor and Description |
---|---|
protected |
SecurityHandler() |
Modifier and Type | Method and Description |
---|---|
protected boolean |
checkSecurity(Request request) |
protected abstract boolean |
checkUserDataPermissions(java.lang.String pathInContext,
Request request,
Response response,
RoleInfo constraintInfo) |
protected abstract boolean |
checkWebResourcePermissions(java.lang.String pathInContext,
Request request,
Response response,
java.lang.Object constraintInfo,
UserIdentity userIdentity) |
protected void |
doStart()
Starts the managed lifecycle beans in the order they were added.
|
protected void |
doStop()
Stops the managed lifecycle beans in the reverse order they were added.
|
protected IdentityService |
findIdentityService() |
protected LoginService |
findLoginService() |
Authenticator |
getAuthenticator() |
Authenticator.Factory |
getAuthenticatorFactory() |
java.lang.String |
getAuthMethod() |
static SecurityHandler |
getCurrentSecurityHandler() |
IdentityService |
getIdentityService()
Get the identityService.
|
java.lang.String |
getInitParameter(java.lang.String key)
Get a SecurityHandler init parameter
|
java.util.Set<java.lang.String> |
getInitParameterNames()
Get a SecurityHandler init parameter names
|
LoginService |
getLoginService()
Get the loginService.
|
java.lang.String |
getRealmName() |
void |
handle(java.lang.String pathInContext,
Request baseRequest,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Handle a request.
|
protected abstract boolean |
isAuthMandatory(Request baseRequest,
Response base_response,
java.lang.Object constraintInfo) |
boolean |
isCheckWelcomeFiles() |
boolean |
isSessionRenewedOnAuthentication() |
void |
logout(Authentication.User user) |
protected abstract RoleInfo |
prepareConstraintInfo(java.lang.String pathInContext,
Request request) |
void |
setAuthenticator(Authenticator authenticator)
Set the authenticator.
|
void |
setAuthenticatorFactory(Authenticator.Factory authenticatorFactory) |
void |
setAuthMethod(java.lang.String authMethod) |
void |
setCheckWelcomeFiles(boolean authenticateWelcomeFiles) |
void |
setIdentityService(IdentityService identityService)
Set the identityService.
|
java.lang.String |
setInitParameter(java.lang.String key,
java.lang.String value)
Set an initialization parameter.
|
void |
setLoginService(LoginService loginService)
Set the loginService.
|
void |
setRealmName(java.lang.String realmName) |
void |
setSessionRenewedOnAuthentication(boolean renew)
Set renew the session on Authentication.
|
destroy, expandChildren, getHandler, getHandlers, insertHandler, setHandler
doShutdown, expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass, setServer
doError, getServer
addBean, addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpObjects, dumpStdErr, dumpThis, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans
addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, start, stop, stop
dumpObjects, dumpSelf
public static final java.security.Principal __NO_USER
public static final java.security.Principal __NOBODY
public IdentityService getIdentityService()
getIdentityService
in interface Authenticator.AuthConfiguration
public void setIdentityService(IdentityService identityService)
identityService
- the identityService to setpublic LoginService getLoginService()
getLoginService
in interface Authenticator.AuthConfiguration
public void setLoginService(LoginService loginService)
loginService
- the loginService to setpublic Authenticator getAuthenticator()
public void setAuthenticator(Authenticator authenticator)
authenticator
- the authenticatorjava.lang.IllegalStateException
- if the SecurityHandler is runningpublic Authenticator.Factory getAuthenticatorFactory()
public void setAuthenticatorFactory(Authenticator.Factory authenticatorFactory)
authenticatorFactory
- the authenticatorFactory to setjava.lang.IllegalStateException
- if the SecurityHandler is runningpublic java.lang.String getRealmName()
getRealmName
in interface Authenticator.AuthConfiguration
public void setRealmName(java.lang.String realmName)
realmName
- the realmName to setjava.lang.IllegalStateException
- if the SecurityHandler is runningpublic java.lang.String getAuthMethod()
getAuthMethod
in interface Authenticator.AuthConfiguration
public void setAuthMethod(java.lang.String authMethod)
authMethod
- the authMethod to setjava.lang.IllegalStateException
- if the SecurityHandler is runningpublic boolean isCheckWelcomeFiles()
public void setCheckWelcomeFiles(boolean authenticateWelcomeFiles)
authenticateWelcomeFiles
- True if forwards to welcome files are
authenticatedjava.lang.IllegalStateException
- if the SecurityHandler is runningpublic java.lang.String getInitParameter(java.lang.String key)
Authenticator.AuthConfiguration
getInitParameter
in interface Authenticator.AuthConfiguration
key
- parameter namegetInitParameter(String)
public java.util.Set<java.lang.String> getInitParameterNames()
Authenticator.AuthConfiguration
getInitParameterNames
in interface Authenticator.AuthConfiguration
getInitParameterNames()
public java.lang.String setInitParameter(java.lang.String key, java.lang.String value)
key
- the init keyvalue
- the init valuejava.lang.IllegalStateException
- if the SecurityHandler is runningprotected LoginService findLoginService() throws java.lang.Exception
java.lang.Exception
protected IdentityService findIdentityService()
protected void doStart() throws java.lang.Exception
ContainerLifeCycle
doStart
in class AbstractHandler
java.lang.Exception
protected void doStop() throws java.lang.Exception
ContainerLifeCycle
doStop
in class AbstractHandler
java.lang.Exception
protected boolean checkSecurity(Request request)
public boolean isSessionRenewedOnAuthentication()
isSessionRenewedOnAuthentication
in interface Authenticator.AuthConfiguration
Authenticator.AuthConfiguration.isSessionRenewedOnAuthentication()
public void setSessionRenewedOnAuthentication(boolean renew)
If set to true, then on authentication, the session associated with a reqeuest is invalidated and replaced with a new session.
renew
- true to renew the authentication on sessionAuthenticator.AuthConfiguration.isSessionRenewedOnAuthentication()
public void handle(java.lang.String pathInContext, Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
Handler
handle
in interface Handler
handle
in class HandlerWrapper
pathInContext
- The target of the request - either a URI or a name.baseRequest
- The original unwrapped request object.request
- The request either as the Request
object or a wrapper of that request. The
HttpConnection.getCurrentConnection()
.getHttpChannel()
.getRequest()
method can be used access the Request object if required.response
- The response as the Response
object or a wrapper of that request. The
HttpConnection.getCurrentConnection()
.getHttpChannel()
.getResponse()
method can be used access the Response object if required.java.io.IOException
- if unable to handle the request or response processingjavax.servlet.ServletException
- if unable to handle the request or response due to underlying servlet issuepublic static SecurityHandler getCurrentSecurityHandler()
public void logout(Authentication.User user)
protected abstract RoleInfo prepareConstraintInfo(java.lang.String pathInContext, Request request)
protected abstract boolean checkUserDataPermissions(java.lang.String pathInContext, Request request, Response response, RoleInfo constraintInfo) throws java.io.IOException
java.io.IOException
protected abstract boolean isAuthMandatory(Request baseRequest, Response base_response, java.lang.Object constraintInfo)
protected abstract boolean checkWebResourcePermissions(java.lang.String pathInContext, Request request, Response response, java.lang.Object constraintInfo, UserIdentity userIdentity) throws java.io.IOException
java.io.IOException
Copyright © 1995–2023 Webtide. All rights reserved.