Java Doc for AbstractAuthenticator.java in » EJB-Server-resin-3.1.5 » resin » com » caucho » server » security » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation

1.	6.0 JDK Core
2.	6.0 JDK Modules
3.	6.0 JDK Modules com.sun
4.	6.0 JDK Modules com.sun.java
5.	6.0 JDK Modules sun
6.	6.0 JDK Platform
7.	Ajax
8.	Apache Harmony Java SE
9.	Aspect oriented
10.	Authentication Authorization
11.	Blogger System
12.	Build
13.	Byte Code
14.	Cache
15.	Chart
16.	Chat
17.	Code Analyzer
18.	Collaboration
19.	Content Management System
20.	Database Client
21.	Database DBMS
22.	Database JDBC Connection Pool
23.	Database ORM
24.	Development
25.	EJB Server geronimo
26.	EJB Server GlassFish
27.	EJB Server JBoss 4.2.1
28.	EJB Server resin 3.1.5
29.	ERP CRM Financial
30.	ESB
31.	Forum
32.	GIS
33.	Graphic Library
34.	Groupware
35.	HTML Parser
36.	IDE
37.	IDE Eclipse
38.	IDE Netbeans
39.	Installer
40.	Internationalization Localization
41.	Inversion of Control
42.	Issue Tracking
43.	J2EE
44.	JBoss
45.	JMS
46.	JMX
47.	Library
48.	Mail Clients
49.	Net
50.	Parser
51.	PDF
52.	Portal
53.	Profiler
54.	Project Management
55.	Report
56.	RSS RDF
57.	Rule Engine
58.	Science
59.	Scripting
60.	Search Engine
61.	Security
62.	Sevlet Container
63.	Source Control
64.	Swing Library
65.	Template Engine
66.	Test Coverage
67.	Testing
68.	UML
69.	Web Crawler
70.	Web Framework
71.	Web Mail
72.	Web Server
73.	Web Services
74.	Web Services apache cxf 2.0.1
75.	Web Services AXIS2
76.	Wiki Engine
77.	Workflow Engines
78.	XML
79.	XML UI

Java

Java Tutorial

Illustrator Tutorials

GIMP Tutorials

C# / C Sharp

C# / CSharp Tutorial

C# / CSharp Open Source

SQL Server / T-SQL Tutorial

Oracle PL / SQL

Oracle PL/SQL Tutorial

Flash / Flex / ActionScript

VBA / Excel / Access / Word

XML

XML Tutorial

Microsoft Office PowerPoint 2007 Tutorial

Microsoft Office Excel 2007 Tutorial

Microsoft Office Word 2007 Tutorial

Java Source Code / Java Documentation » EJB Server resin 3.1.5 » resin » com.caucho.server.security

Source Cross Reference Class Diagram Java Document (Java Doc)

java.lang .Object

com.caucho.server.security .AbstractAuthenticator

All known Subclasses:   com.caucho.server.security .AnonymousAuthenticator,  com.caucho.server.security .NullAuthenticator,  com.caucho.server.security .JaasAuthenticator,  com.caucho.server.security .JdbcAuthenticator,  com.caucho.server.security .AbstractPasswordAuthenticator,  com.caucho.http.security .AbstractAuthenticator,
AbstractAuthenticator
public class AbstractAuthenticator implements ServletAuthenticator,HandleAware,java.io.Serializable(Code)
All applications should extend AbstractAuthenticator to implement their custom authenticators. While this isn't absolutely required, it protects implementations from API changes.
The AbstractAuthenticator provides a single-signon cache. Users logged into one web-app will share the same principal.

Inner Class :static class PrincipalEntry

Field Summary
final static L10N L

final public static String LOGIN_NAME

protected PasswordDigest _passwordDigest

protected String _passwordDigestAlgorithm

protected String _passwordDigestRealm

protected LruCache<String, PrincipalEntry> _principalCache

protected int _principalCacheSize


Method Summary
public void addRoleMapping(Principal principal, String role)
     Adds a role mapping.
protected byte[] digest(String value)

protected String getDigestPassword(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm)
     Returns the password for authenticators too lazy to calculate the digest.
protected byte[] getDigestSecret(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm, String algorithm)
     Returns the digest secret for Digest authentication.
public boolean getLogoutOnSessionTimeout()
     Returns true if the user should be logged out on a session timeout.
public PasswordDigest getPasswordDigest()

public String getPasswordDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password)
     Returns the digest view of the password.
public String getPasswordDigestAlgorithm()

public String getPasswordDigestRealm()

public int getPrincipalCacheSize()
     Returns the size of the principal cache.
public Principal getUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application)
     Grab the user from the request, assuming the user has already logged in.
protected Principal getUserPrincipalImpl(HttpServletRequest request, ServletContext application)
     Gets the user from a persistent cookie, uaing authenticateCookie to actually look the cookie up.
public void init()
     Initialize the authenticator with the application.
public boolean isUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user, String role)
     Returns true if the user plays the named role.
public Principal login(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password)
     Logs the user in with any appropriate password.
public Principal loginDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest)
     Validates the user when using HTTP Digest authentication. DigestLogin will call this method.
public Principal loginDigestImpl(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest)
     Validates the user when HTTP Digest authentication. The HTTP Digest authentication uses the following algorithm to calculate the digest.
protected Principal loginImpl(HttpServletRequest request, HttpServletResponse response, ServletContext application, String user, String password)
     Authenticate (login) the user.
public void logout(ServletContext application, HttpSession timeoutSession, String sessionId, Principal user)
     Logs the user out from the session.
public void logout(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user)
     Logs the user out from the session.
public void logout(ServletContext application, String sessionId, Principal user)
     Logs the user out from the session.
public void setLogoutOnSessionTimeout(boolean logout)
     Sets true if the principal should logout when the session times out.
public void setPasswordDigest(PasswordDigest digest)
     Sets the password digest.
public void setPasswordDigestAlgorithm(String digest)
     Sets the password digest algorithm.
public void setPasswordDigestRealm(String realm)
     Sets the password digest realm.
public void setPrincipalCacheSize(int size)
     Sets the size of the principal cache.
public void setSerializationHandle(Object handle)

protected byte[] stringToDigest(String digest)

public String toString()

public Object writeReplace()


Field Detail
L
final static L10N L(Code)

LOGIN_NAME
final public static String LOGIN_NAME(Code)

_passwordDigest
protected PasswordDigest _passwordDigest(Code)

_passwordDigestAlgorithm
protected String _passwordDigestAlgorithm(Code)

_passwordDigestRealm
protected String _passwordDigestRealm(Code)

_principalCache
protected LruCache<String, PrincipalEntry> _principalCache(Code)

_principalCacheSize
protected int _principalCacheSize(Code)

Method Detail
addRoleMapping
public void addRoleMapping(Principal principal, String role)(Code)
Adds a role mapping.

digest
protected byte[] digest(String value) throws ServletException(Code)

getDigestPassword
protected String getDigestPassword(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm) throws ServletException(Code)
Returns the password for authenticators too lazy to calculate the digest.

getDigestSecret
protected byte[] getDigestSecret(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm, String algorithm) throws ServletException(Code)
Returns the digest secret for Digest authentication.

getLogoutOnSessionTimeout
public boolean getLogoutOnSessionTimeout()(Code)
Returns true if the user should be logged out on a session timeout.

getPasswordDigest
public PasswordDigest getPasswordDigest()(Code)
Returns the password digest

getPasswordDigest
public String getPasswordDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password) throws ServletException(Code)
Returns the digest view of the password. The default uses the PasswordDigest class if available, and returns the plaintext password if not.

getPasswordDigestAlgorithm
public String getPasswordDigestAlgorithm()(Code)
Returns the password digest algorithm

getPasswordDigestRealm
public String getPasswordDigestRealm()(Code)
Returns the password digest realm

getPrincipalCacheSize
public int getPrincipalCacheSize()(Code)
Returns the size of the principal cache.

getUserPrincipal
public Principal getUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application) throws ServletException(Code)
Grab the user from the request, assuming the user has already logged in. In other words, overriding methods could use cookies or the session to find the logged in principal, but shouldn't try to log the user in with form parameters.
Parameters:
  request - the servlet request. a Principal representing the user or null if none has logged in.

getUserPrincipalImpl
protected Principal getUserPrincipalImpl(HttpServletRequest request, ServletContext application) throws ServletException(Code)
Gets the user from a persistent cookie, uaing authenticateCookie to actually look the cookie up.

init
public void init() throws ServletException(Code)
Initialize the authenticator with the application.

isUserInRole
public boolean isUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user, String role) throws ServletException(Code)
Returns true if the user plays the named role.
Parameters:
  request - the servlet request
Parameters:
  user - the user to test
Parameters:
  role - the role to test

login
public Principal login(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password) throws ServletException(Code)
Logs the user in with any appropriate password.

loginDigest
public Principal loginDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest) throws ServletException(Code)
Validates the user when using HTTP Digest authentication. DigestLogin will call this method. Most other AbstractLogin implementations, like BasicLogin and FormLogin, will use getUserPrincipal instead.
The HTTP Digest authentication uses the following algorithm to calculate the digest. The digest is then compared to the client digest.
A1 = MD5(username + ':' + realm + ':' + password) A2 = MD5(method + ':' + uri) digest = MD5(A1 + ':' + nonce + A2)

Parameters:
  request - the request trying to authenticate.
Parameters:
  response - the response for setting headers and cookies.
Parameters:
  app - the servlet context
Parameters:
  user - the username
Parameters:
  realm - the authentication realm
Parameters:
  nonce - the nonce passed to the client during the challenge
Parameters:
  uri - te protected uri
Parameters:
  qop -
Parameters:
  nc -
Parameters:
  cnonce - the client nonce
Parameters:
  clientDigest - the client's calculation of the digest the logged in principal if successful

loginDigestImpl
public Principal loginDigestImpl(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest) throws ServletException(Code)
Validates the user when HTTP Digest authentication. The HTTP Digest authentication uses the following algorithm to calculate the digest. The digest is then compared to the client digest. A1 = MD5(username + ':' + realm + ':' + password) A2 = MD5(method + ':' + uri) digest = MD5(A1 + ':' + nonce + A2)
Parameters:
  request - the request trying to authenticate.
Parameters:
  response - the response for setting headers and cookies.
Parameters:
  app - the servlet context
Parameters:
  user - the username
Parameters:
  realm - the authentication realm
Parameters:
  nonce - the nonce passed to the client during the challenge
Parameters:
  uri - te protected uri
Parameters:
  qop -
Parameters:
  nc -
Parameters:
  cnonce - the client nonce
Parameters:
  clientDigest - the client's calculation of the digest the logged in principal if successful

loginImpl
protected Principal loginImpl(HttpServletRequest request, HttpServletResponse response, ServletContext application, String user, String password) throws ServletException(Code)
Authenticate (login) the user.

logout
public void logout(ServletContext application, HttpSession timeoutSession, String sessionId, Principal user) throws ServletException(Code)
Logs the user out from the session.
Parameters:
  application - the application
Parameters:
  timeoutSession - the session timing out, null if not a timeout logout
Parameters:
  user - the logged in user

logout
public void logout(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user) throws ServletException(Code)
Logs the user out from the session.
Parameters:
  request - the servlet request

logout
public void logout(ServletContext application, String sessionId, Principal user) throws ServletException(Code)
Logs the user out from the session.
Parameters:
  request - the servlet request

setLogoutOnSessionTimeout
public void setLogoutOnSessionTimeout(boolean logout)(Code)
Sets true if the principal should logout when the session times out.

setPasswordDigest
public void setPasswordDigest(PasswordDigest digest)(Code)
Sets the password digest. The password digest of the form: "algorithm-format", e.g. "MD5-base64".

setPasswordDigestAlgorithm
public void setPasswordDigestAlgorithm(String digest)(Code)
Sets the password digest algorithm. The password digest of the form: "algorithm-format", e.g. "MD5-base64".

setPasswordDigestRealm
public void setPasswordDigestRealm(String realm)(Code)
Sets the password digest realm.

setPrincipalCacheSize
public void setPrincipalCacheSize(int size)(Code)
Sets the size of the principal cache.

setSerializationHandle
public void setSerializationHandle(Object handle)(Code)
Sets the serialization handle

stringToDigest
protected byte[] stringToDigest(String digest)(Code)

toString
public String toString()(Code)

writeReplace
public Object writeReplace()(Code)
Serialize to the handle

Methods inherited from java.lang.Object
native protected Object clone() throws CloneNotSupportedException(Code)(Java Doc)
public boolean equals(Object obj)(Code)(Java Doc)
protected void finalize() throws Throwable(Code)(Java Doc)
final native public Class getClass()(Code)(Java Doc)
native public int hashCode()(Code)(Java Doc)
final native public void notify()(Code)(Java Doc)
final native public void notifyAll()(Code)(Java Doc)
public String toString()(Code)(Java Doc)
final native public void wait(long timeout) throws InterruptedException(Code)(Java Doc)
final public void wait(long timeout, int nanos) throws InterruptedException(Code)(Java Doc)
final public void wait() throws InterruptedException(Code)(Java Doc)

www.java2java.com | Contact Us

All other trademarks are property of their respective owners.