public class FormAuthenticator extends AuthenticatorBase
Lifecycle.SingleUse
Modifier and Type | Field and Description |
---|---|
protected java.lang.String |
characterEncoding
Character encoding to use to read the username and password parameters
from the request.
|
protected java.lang.String |
landingPage
Landing page to use if a user tries to access the login page directly or
if the session times out during login.
|
alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, jaspicCallbackHandlerClass, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sessionIdGenerator, sm, sso
asyncSupported, container, containerLog, next
mserver
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
Constructor and Description |
---|
FormAuthenticator() |
Modifier and Type | Method and Description |
---|---|
protected boolean |
doAuthenticate(Request request,
HttpServletResponse response)
Authenticate the user making this request, based on the specified
login configuration.
|
protected void |
forwardToErrorPage(Request request,
HttpServletResponse response,
LoginConfig config)
Called to forward to the error page
|
protected void |
forwardToLoginPage(Request request,
HttpServletResponse response,
LoginConfig config)
Called to forward to the login page
|
protected java.lang.String |
getAuthMethod() |
java.lang.String |
getCharacterEncoding()
Return the character encoding to use to read the user name and password.
|
java.lang.String |
getLandingPage()
Return the landing page to use when FORM auth is mis-used.
|
protected boolean |
isContinuationRequired(Request request)
Does this authenticator require that
AuthenticatorBase.authenticate(Request,
HttpServletResponse) is called to continue an authentication process
that started in a previous request? |
protected boolean |
matchRequest(Request request)
Does this request match the saved one (so that it must be the redirect
we signaled after successful authentication?
|
protected boolean |
restoreRequest(Request request,
Session session)
Restore the original request from information stored in our session.
|
protected java.lang.String |
savedRequestURL(Session session)
Return the request URI (with the corresponding query string, if any)
from the saved request so that we can redirect to it.
|
protected void |
saveRequest(Request request,
Session session)
Save the original request information into our session.
|
void |
setCharacterEncoding(java.lang.String encoding)
Set the character encoding to be used to read the user name and password.
|
void |
setLandingPage(java.lang.String landingPage)
Set the landing page to use when the FORM auth is mis-used.
|
associate, authenticate, checkForCachedAuthentication, doLogin, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getJaspicCallbackHandlerClass, getRealmName, getRequestCertificates, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, login, logout, notify, reauthenticateFromSSO, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setJaspicCallbackHandlerClass, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, startInternal, stopInternal
backgroundProcess, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toString
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
protected java.lang.String characterEncoding
protected java.lang.String landingPage
public java.lang.String getCharacterEncoding()
public void setCharacterEncoding(java.lang.String encoding)
encoding
- The name of the encoding to usepublic java.lang.String getLandingPage()
public void setLandingPage(java.lang.String landingPage)
landingPage
- The path to the landing page relative to the web
application rootprotected boolean doAuthenticate(Request request, HttpServletResponse response) throws java.io.IOException
true
if any specified
constraint has been satisfied, or false
if we have
created a response challenge already.doAuthenticate
in class AuthenticatorBase
request
- Request we are processingresponse
- Response we are creatingtrue
if the the user was authenticated, otherwise false
, in which case an authentication challenge will have been
written to the responsejava.io.IOException
- if an input/output error occursprotected boolean isContinuationRequired(Request request)
AuthenticatorBase
AuthenticatorBase.authenticate(Request,
HttpServletResponse)
is called to continue an authentication process
that started in a previous request?isContinuationRequired
in class AuthenticatorBase
request
- The request currently being processedtrue
if authenticate() must be called, otherwise
false
protected java.lang.String getAuthMethod()
getAuthMethod
in class AuthenticatorBase
protected void forwardToLoginPage(Request request, HttpServletResponse response, LoginConfig config) throws java.io.IOException
request
- Request we are processingresponse
- Response we are populatingconfig
- Login configuration describing how authentication
should be performedjava.io.IOException
- If the forward to the login page fails and the call
to HttpServletResponse.sendError(int, String)
throws an IOException
protected void forwardToErrorPage(Request request, HttpServletResponse response, LoginConfig config) throws java.io.IOException
request
- Request we are processingresponse
- Response we are populatingconfig
- Login configuration describing how authentication
should be performedjava.io.IOException
- If the forward to the error page fails and the call
to HttpServletResponse.sendError(int, String)
throws an IOException
protected boolean matchRequest(Request request)
request
- The request to be verifiedtrue
if the requests matched the saved oneprotected boolean restoreRequest(Request request, Session session) throws java.io.IOException
false
; otherwise, return
true
.request
- The request to be restoredsession
- The session containing the saved informationtrue
if the request was successfully restoredjava.io.IOException
- if an IO error occurred during the processprotected void saveRequest(Request request, Session session) throws java.io.IOException
request
- The request to be savedsession
- The session to contain the saved informationjava.io.IOException
- if an IO error occurred during the processprotected java.lang.String savedRequestURL(Session session)
session
- Our current sessionCopyright © 2000-2021 Apache Software Foundation. All Rights Reserved.